[Cloud Security] Alerts Datagrids for Contextual Flyout #199573
Conversation
|
/ci |
|
/ci |
|
/ci |
animehart
added
backport:prev-minor
|
Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security) |
…f github.com:animehart/kibana into contextual-flyout-alerts-datagrid-from-preview-mark1
| @@ -82,9 +107,120 @@ export const AlertsPreview = ({ | |||
|
|
|||
| const totalAlertsCount = alertStats.reduce((total, item) => total + item.count, 0); | |||
|
|
|||
| const { data } = useMisconfigurationPreview({ | |||
There was a problem hiding this comment.
I don't understand why we need all this logic (getting misconfigs, vulnerabilities, riskScore) in the alert preview. From what I see we open the Alerts data grid in the left section of the flyout, this section doesn't have information about risk, misconfigs and vulnerabilities, then why all this data is needed?
There was a problem hiding this comment.
We need this to pass it to the openLeftPanel, if we don't have this then when user opens the left panel, it doesn't know if it also has to render Misconfiguration/Vulnerabilities/Risk Score tabs
this logic is also being used on the 2 other preview component
There was a problem hiding this comment.
Follow up on our discussion in DM:
- First problem that we want to address is to encapsulate this logic in one place because right now it's copied over in 6 different places. We can start with one hook per piece of business logic (alerts, misconfigs, vulnerabilities, risk score) exposing and consuming only the pieces needed to a particular component. another possibility is to share this state through context
- Another question, probably post 8.17 FF is to check if it's a good idea to have all these props passed to
openLeftPanel. We do similar things in 3 places: load data we don't need in the component only to pass it to openLeftPanel. Maybe it should be self aware and get the information required to show the tabs by itself instead of getting them from the props
There was a problem hiding this comment.
Here is the followup PR point number 1 above
| <VulnerabilitiesFindingsDetailsTable queryName={name} /> | ||
| ) : ( | ||
| // <div>{'ALERTS HERE'}</div> //AlertsDetailsTable |
| @@ -112,6 +115,26 @@ export const UserPanel = ({ | |||
|
|
|||
| const hasMisconfigurationFindings = passedFindings > 0 || failedFindings > 0; | |||
|
|
|||
| const { signalIndexName } = useSignalIndex(); | |||
There was a problem hiding this comment.
you have this logic duplicated in multiple places, we need to abstract it
| <MisconfigurationsPreview | ||
| name={name} | ||
| fieldName={fieldName} | ||
| hasNonClosedAlerts={alertsCount > 0} |
There was a problem hiding this comment.
It feels conceptually incorrect that the Misconfiguration and Vulnerability preview should know about non-closed alerts. Why do we need it here?
There was a problem hiding this comment.
same reason as the checking existence of Misconfiguration and Vulnerability in Alerts Preview, we need to pass this information when opening left panel so it knows what tabs gets rendered
| const alertsOpenCount = alertsData?.open?.total || 0; | ||
|
|
||
| const alertsAcknowledgedCount = alertsData?.acknowledged?.total || 0; | ||
|
|
||
| const alertsCount = alertsOpenCount + alertsAcknowledgedCount; | ||
|
|
||
| const hasNonClosedAlerts = alertsCount; |
There was a problem hiding this comment.
nit: When a variable name starts with "has", it is expected to be a boolean.
| const alertsOpenCount = alertsData?.open?.total || 0; | |
| const alertsAcknowledgedCount = alertsData?.acknowledged?.total || 0; | |
| const alertsCount = alertsOpenCount + alertsAcknowledgedCount; | |
| const hasNonClosedAlerts = alertsCount; | |
| const hasNonClosedAlerts = (alertsData?.acknowledged?.total || 0 + alertsData?.open?.total || 0) > 0; |
| <VulnerabilitiesFindingsDetailsTable queryName={name} /> | ||
| ) : ( | ||
| // <div>{'ALERTS HERE'}</div> //AlertsDetailsTable |
There was a problem hiding this comment.
You forgot some comments here.
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
History
|
|
|
||
| const { openLeftPanel } = useExpandableFlyoutApi(); | ||
|
|
||
| const goToEntityInsightTab = useCallback(() => { |
There was a problem hiding this comment.
let's also move this logic into own component/utility . You have this goToEntityInsightTab in all three preview component, and it's only different by subTab and the tooltip. So it can be just a hook that depending on the passed type (alerts, misconfiguration, vulnerability) returns the link
|
To not turn PR into huge refactoring PR, let's merge this one and do the refactoring of removing code duplication in a follow up. I tested the current logic, it works as expected |
|
Starting backport for target branches: 8.x |
## Summary This PR is for Alerts Datagrid component in Contextual Flyout This PR is for Alerts Datagrid in Contextual Flyout for User name and Host name <img width="1480" alt="Screenshot 2024-11-14 at 9 08 26 AM" src="https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502"> --------- Co-authored-by: kibanamachine <[email protected]> (cherry picked from commit ab965f7)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
… (#200245) # Backport This will backport the following commits from `main` to `8.x`: - [[Cloud Security] Alerts Datagrids for Contextual Flyout (#199573)](#199573) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Rickyanto Ang","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-14T19:07:26Z","message":"[Cloud Security] Alerts Datagrids for Contextual Flyout (#199573)\n\n## Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot 2024-11-14 at 9 08 26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud Security","backport:prev-minor","v8.17.0"],"title":"[Cloud Security] Alerts Datagrids for Contextual Flyout","number":199573,"url":"https://github.com/elastic/kibana/pull/199573","mergeCommit":{"message":"[Cloud Security] Alerts Datagrids for Contextual Flyout (#199573)\n\n## Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot 2024-11-14 at 9 08 26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199573","number":199573,"mergeCommit":{"message":"[Cloud Security] Alerts Datagrids for Contextual Flyout (#199573)\n\n## Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot 2024-11-14 at 9 08 26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by: kibanamachine <[email protected]>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Rickyanto Ang <[email protected]>
## Summary This PR is for Alerts Datagrid component in Contextual Flyout This PR is for Alerts Datagrid in Contextual Flyout for User name and Host name <img width="1480" alt="Screenshot 2024-11-14 at 9 08 26 AM" src="https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502"> --------- Co-authored-by: kibanamachine <[email protected]>
## Summary This PR is for Alerts Datagrid component in Contextual Flyout This PR is for Alerts Datagrid in Contextual Flyout for User name and Host name <img width="1480" alt="Screenshot 2024-11-14 at 9 08 26 AM" src="https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502"> --------- Co-authored-by: kibanamachine <[email protected]>
Summary
This PR is for Alerts Datagrid component in Contextual Flyout
This PR is for Alerts Datagrid in Contextual Flyout for User name and Host name
