Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Explore] - Add Hosts Session Tab #125950

Closed
6 tasks done
Tracked by #126054
michaelolo24 opened this issue Feb 17, 2022 · 3 comments
Closed
6 tasks done
Tracked by #126054

[Security Solution][Explore] - Add Hosts Session Tab #125950

michaelolo24 opened this issue Feb 17, 2022 · 3 comments
Assignees
Labels
8.2 candidate considered, but not committed, for 8.2 release Feature: Session View Team:Threat Hunting:Investigations Security Solution Investigations Team Team:Threat Hunting Security Solution Threat Hunting Team

Comments

@michaelolo24
Copy link
Contributor

michaelolo24 commented Feb 17, 2022

Background

The security solution will be integrating the session viewer tool within the Host page. A new tab on the Host page, titled session will be added, where users will see an EuiDataGrid table focused on session events and be able to launch the session viewer in an investigative timeline. Similar to how External Alerts are currently focused on events from the endpoint and can launch the analyzer

Tasks

  • Add Session Tab
  • Add t-grid table with query focused on session events
  • Confirm the session viewer is properly launched from this view in timeline

Testing

  • The session table loads as expected
  • The query returns the expected data with the expected number of requests
  • The session viewer is launched as expected
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@kqualters-elastic kqualters-elastic self-assigned this Mar 1, 2022
@opauloh opauloh self-assigned this Mar 14, 2022
@opauloh
Copy link
Contributor

opauloh commented Mar 14, 2022

@kqualters-elastic I have started on this one based on inputs from our sync, I'm working on modifying <StatefulEventsViewerComponent/> to add a new entity type sessions to load the props needed for the sessions leaders table and updating search strategy on the backend based on the entity type sessions. I will ping you once there's a PR up for this.

@michaelolo24
Copy link
Contributor Author

Closing this as this work has been completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
8.2 candidate considered, but not committed, for 8.2 release Feature: Session View Team:Threat Hunting:Investigations Security Solution Investigations Team Team:Threat Hunting Security Solution Threat Hunting Team
Projects
None yet
Development

No branches or pull requests

5 participants