Skip to content

Commit

Permalink
[SIEM] Default the Timeline events filter to show All events (#58953)
Browse files Browse the repository at this point in the history
## [SIEM] Default the Timeline events filter to show All events

The Timeline events filter introduced in `7.6` to support the [detection engine](https://www.elastic.co/guide/en/siem/guide/current/detection-engine-overview.html) defaulted to filtering by `Raw events`, and thus required manually selecting `All events` or `Signal events` from the dropdown to view signals.

The new default is `All events`, per the screenshots below:

### Before
![event-filter-before](https://user-images.githubusercontent.com/4459398/75593223-ecc61500-5a41-11ea-8d7d-8db5eccb1eb4.png)

### After
![event-filter-after](https://user-images.githubusercontent.com/4459398/75593238-f5b6e680-5a41-11ea-9e12-2fc1232f58d1.png)
  • Loading branch information
andrew-goldstein committed Mar 2, 2020
1 parent bf89b9d commit c7febd7
Show file tree
Hide file tree
Showing 4 changed files with 49 additions and 5 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,7 @@ describe('helpers', () => {
description: '',
deletedEventIds: [],
eventIdToNoteIds: {},
eventType: 'raw',
eventType: 'all',
filters: [],
highlightedDropAndProviderId: '',
historyIds: [],
Expand Down Expand Up @@ -330,7 +330,7 @@ describe('helpers', () => {
description: '',
deletedEventIds: [],
eventIdToNoteIds: {},
eventType: 'raw',
eventType: 'all',
filters: [],
highlightedDropAndProviderId: '',
historyIds: [],
Expand Down Expand Up @@ -417,7 +417,7 @@ describe('helpers', () => {
description: '',
deletedEventIds: [],
eventIdToNoteIds: {},
eventType: 'raw',
eventType: 'all',
filters: [],
highlightedDropAndProviderId: '',
historyIds: [],
Expand Down Expand Up @@ -539,7 +539,7 @@ describe('helpers', () => {
description: '',
deletedEventIds: [],
eventIdToNoteIds: {},
eventType: 'raw',
eventType: 'all',
filters: [
{
$state: {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,7 @@ const PickEventTypeComponents: React.FC<PickEventTypeProps> = ({
return (
<PickEventContainer>
<EuiSuperSelect
data-test-subj="pick-event-type"
fullWidth={false}
valueOfSelected={eventType}
onChange={onChangeEventType}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -208,6 +208,49 @@ describe('Timeline', () => {

expect(wrapper.find('[data-test-subj="table-pagination"]').exists()).toEqual(false);
});

test('it defaults to showing `All events`', () => {
const wrapper = mount(
<TestProviders>
<MockedProvider mocks={mocks}>
<TimelineComponent
browserFields={mockBrowserFields}
columns={defaultHeaders}
id="foo"
dataProviders={mockDataProviders}
end={endDate}
filters={[]}
flyoutHeight={testFlyoutHeight}
flyoutHeaderHeight={flyoutHeaderHeight}
indexPattern={indexPattern}
indexToAdd={[]}
isLive={false}
itemsPerPage={5}
itemsPerPageOptions={[5, 10, 20]}
kqlMode="search"
kqlQueryExpression=""
loadingIndexName={false}
onChangeDataProviderKqlQuery={jest.fn()}
onChangeDroppableAndProvider={jest.fn()}
onChangeItemsPerPage={jest.fn()}
onDataProviderEdited={jest.fn()}
onDataProviderRemoved={jest.fn()}
onToggleDataProviderEnabled={jest.fn()}
onToggleDataProviderExcluded={jest.fn()}
show={true}
showCallOutUnauthorizedMsg={false}
start={startDate}
sort={sort}
toggleColumn={jest.fn()}
/>
</MockedProvider>
</TestProviders>
);

expect(wrapper.find('[data-test-subj="pick-event-type"] button').text()).toEqual(
'All events'
);
});
});

describe('event wire up', () => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ export const timelineDefaults: SubsetTimelineModel & Pick<TimelineModel, 'filter
dataProviders: [],
deletedEventIds: [],
description: '',
eventType: 'raw',
eventType: 'all',
eventIdToNoteIds: {},
highlightedDropAndProviderId: '',
historyIds: [],
Expand Down

0 comments on commit c7febd7

Please sign in to comment.