[Security Solution][Alert Flyout] Enable network preview and previews in table tab #190560
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
christineweng
added
release_note:enhancement
backport:skip
|
/ci |
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
|
Pinging @elastic/security-threat-hunting-investigations (Team:Threat Hunting:Investigations) |
christineweng
force-pushed
the
flyout-preview-links
branch
from
18acf27
to
3605773
Compare
This was referenced Aug 15, 2024
There was a problem hiding this comment.
The code looks great and testing went well. I left a couple of minor comments.
Also, I feel like - while this might not have been the intent of this PR - it would be the right place to add the same preview logic to the rule preview inside the new Table tab. Unless I'm mistaken, we already have everything to display the rule preview. This would allow to handle this case
Screen.Recording.2024-08-19.at.1.28.55.PM.mov
which I think might be the last one for the table?
.../plugins/security_solution/public/flyout/document_details/shared/components/cell_actions.tsx
Show resolved
Hide resolved
.../plugins/security_solution/public/flyout/document_details/shared/components/preview_link.tsx
Outdated
Show resolved
Hide resolved
.../plugins/security_solution/public/flyout/document_details/shared/components/preview_link.tsx
Outdated
Show resolved
Hide resolved
Yes, good point. I wanted to confirm with product before doing this though. Alerts and entity flyout are currently enabled in alerts table, but the rule still goes to rule details page. That action may need to change to a flyout as well. |
christineweng
force-pushed
the
flyout-preview-links
branch
2 times, most recently
from
f93d8aa
to
ca259b2
Compare
christineweng
force-pushed
the
flyout-preview-links
branch
from
ca259b2
to
433ac12
Compare
|
/ci |
christineweng
force-pushed
the
flyout-preview-links
branch
from
0f13432
to
89220c6
Compare
Merged
2 tasks
PhilippeOberti
approved these changes
Sep 3, 2024
💚 Build Succeeded
Metrics [docs]Async chunks
Page load bundle
History
To update your PR or re-run it, just comment with: |
christineweng
added a commit
that referenced
this pull request
Sep 11, 2024
…d enable rule previews (#191764) ## Summary This PR converts rule name in alert table to be a flyout (consistent with host name and user name) and enables rule preview whenever rule name is present. This PR also moved the rule details component into its own `rule_details` folder to be independent of the `document_details` flyout. Dependency: #190560 to be merged first New behavior: - Rule link in alert table opens rule flyout - Clicking the rule title goes to rule details page - Clicking rule name in alert flyout opens rule preview https://github.com/user-attachments/assets/857aa894-6253-4041-873a-18d6e8a003b6 ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
gergoabraham
pushed a commit
to gergoabraham/kibana
that referenced
this pull request
Sep 13, 2024
…d enable rule previews (elastic#191764) ## Summary This PR converts rule name in alert table to be a flyout (consistent with host name and user name) and enables rule preview whenever rule name is present. This PR also moved the rule details component into its own `rule_details` folder to be independent of the `document_details` flyout. Dependency: elastic#190560 to be merged first New behavior: - Rule link in alert table opens rule flyout - Clicking the rule title goes to rule details page - Clicking rule name in alert flyout opens rule preview https://github.com/user-attachments/assets/857aa894-6253-4041-873a-18d6e8a003b6 ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
markov00
pushed a commit
to markov00/kibana
that referenced
this pull request
Sep 18, 2024
…d enable rule previews (elastic#191764) ## Summary This PR converts rule name in alert table to be a flyout (consistent with host name and user name) and enables rule preview whenever rule name is present. This PR also moved the rule details component into its own `rule_details` folder to be independent of the `document_details` flyout. Dependency: elastic#190560 to be merged first New behavior: - Rule link in alert table opens rule flyout - Clicking the rule title goes to rule details page - Clicking rule name in alert flyout opens rule preview https://github.com/user-attachments/assets/857aa894-6253-4041-873a-18d6e8a003b6 ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR is a refactor of preview links in document details flyout:
EuiLinkcomponent with a sharedPreviewLinkthat renders a link based on fieldNetwork previews
After
Screen.Recording.2024-08-14.at.3.31.36.PM.mov
Exceptions
IP addresses in entity details section are not yet worked on, as it is owned by the Explore team and therefore has impacts outside of alerts flyout.
How to test
Checklist