[Security Solution] [Sourcerer] [Feature Branch] Update to use Kibana Data Views #114806
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…lastic/kibana into sourcerer_kip_as" This reverts commit be170e1, reversing changes made to cdcf869.
madirey
reviewed
Oct 28, 2021
x-pack/plugins/security_solution/public/common/containers/source/index.tsx
Outdated
Show resolved
Hide resolved
stephmilovic
commented
Oct 28, 2021
x-pack/plugins/security_solution/public/common/containers/sourcerer/index.tsx
Show resolved
Hide resolved
stephmilovic
commented
Oct 28, 2021
x-pack/plugins/security_solution/public/common/containers/sourcerer/index.tsx
Outdated
Show resolved
Hide resolved
|
@elasticmachine merge upstream |
madirey
approved these changes
Nov 3, 2021
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
Async chunks
Page load bundle
Unknown metric groupsAPI count
References to deprecated APIs
History
To update your PR or re-run it, just comment with: |
jloleysens
added a commit
to jloleysens/kibana
that referenced
this pull request
Nov 5, 2021
…ink-to-kibana-app * 'main' of github.com:elastic/kibana: (290 commits) [Connectors][ServiceNow] Remove SN flags (elastic#117511) [ML] Functional tests - stabilize and re-enable feature importance tests (elastic#117503) [RAC] Disable the actions button if the user has inadequate privileges (elastic#117488) [Visualize] [xyChart] filter labels by default (elastic#117288) Fix warning when setting description to undefined (elastic#117338) [build] Set monitoring.ui.container.elasticsearch.enabled for all containers (elastic#115087) fix types [Alerting] UX fixes for execution duration chart (elastic#117193) [CI] Delete node_modules in between bootstrap attempts (elastic#117588) Flaky test fixes (elastic#117028) [Security Solution] [Sourcerer] [Feature Branch] Update to use Kibana Data Views (elastic#114806) [ML] Hide anomaly entity filter button tooltips when clicked (elastic#117493) adjust the synthetics journey type (elastic#117316) Refines hasAnyData check for alerts (elastic#117499) [Fleet] Default to APM tutorial (elastic#117421) [Maps] update docs for index pattern -> data view rename (elastic#117400) [Logs UI][Metrics UI] Remove deprecated config fields from APIs and SavedObjects (elastic#116821) [Fleet] Fix agent logs not reading query from URL (elastic#117286) Fixing Failing test: Chrome X-Pack UI Functional Tests.x-pack/test/functional_with_es_ssl/apps/triggers_actions_ui/alert_create_flyout·ts - Actions and Triggers app create alert should successfully test valid es_query alert (elastic#114917) [Metrics UI] Add docs link to redundant groupBy detection (elastic#116822) ... # Conflicts: # x-pack/plugins/reporting/public/management/__snapshots__/report_listing.test.tsx.snap # x-pack/plugins/reporting/public/shared_imports.ts # x-pack/plugins/reporting/server/routes/management/jobs.ts
stephmilovic
added a commit
to stephmilovic/kibana
that referenced
this pull request
Nov 5, 2021
stephmilovic
added a commit
that referenced
this pull request
Nov 8, 2021
…Kibana Data Views (#114806) (#117670) * [Security Solution] [Sourcerer] [Feature Branch] Update to use Kibana Data Views (#114806) * fix type Co-authored-by: Kibana Machine <[email protected]>
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Closing #111461 in favor of this PR to create a "feature branch", they are essentially the same PR
Kibana
Index PatternsData Views & Runtime Fields in Security Solution SourcererIssue: https:/elastic/security-team/issues/772
security-solutionKibana data viewrequestIndexFieldSearchin timelines to take adataViewIdpick_events.tsx)dataViewIdproperty to timeline, stored inreferenceson the saved objectQuirks
auditbeat-*,auditbeat-*,auditbeat-*,auditbeat-*andauditbeat-*,auditbeat-*are both valid. We're only going to allow them to select one instance of auditbeat from our combo box, but the select needs the full name so the user can distinguish between the data views and know where they put their runtime fieldssecuritySolution:defaultIndex. A page refresh is required for updates to take placesecurity-solutiondata view. on initial app load, or if the signals index gets deleted, signalIndexName is null and quickly set. We have a call to update thesecurity-solutiondata view when the signalIndexName is updatedesClient.fieldCapsinstead ofesClient.searchoresClient.countas both of those methods require there to be data on the index pattern. When.siem-signals-defaultis initially created, it will not immediately have data. So usingesClient.fieldCapswill tell us if the index exists even without dataUI Updates coming in a follow up PR. See Monina's excellent design direction in the original issue: https:/elastic/security-team/issues/772
Sourcerer Updates to KIP/Data Views:
Runtime Fields in Security Solution:
Checklist