Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Detection Alerts] Fixes alert page refresh issues #111042

Merged
merged 4 commits into from
Sep 14, 2021

Conversation

dplumlee
Copy link
Contributor

@dplumlee dplumlee commented Sep 2, 2021

Summary

Addresses #108244

Fixes refresh problems on the Alert and rule details page when alerts status is updated and the table updates but the histogram and count table don't unless a hard refresh is run.

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@dplumlee dplumlee added bug Fixes for quality problems that affect the customer experience v8.0.0 release_note:skip Skip the PR/issue when compiling release notes Team:Detections and Resp Security Detection Response Team Feature:Detection Alerts Security Solution Detection Alerts Feature v7.15.0 v7.16.0 labels Sep 2, 2021
@dplumlee dplumlee self-assigned this Sep 2, 2021
@dplumlee dplumlee force-pushed the alert-status-refresh-bug branch from 22c3ee6 to 23dd074 Compare September 3, 2021 18:45
@dplumlee
Copy link
Contributor Author

dplumlee commented Sep 3, 2021

@elasticmachine merge upstream

@spong
Copy link
Member

spong commented Sep 3, 2021

Looks like adding an exceptions that results in a workflow status change (either close this alert or close all alerts that match) doesn't result in a refresh. Same behavior with the Alert Details -> Add Exception action.

@spong
Copy link
Member

spong commented Sep 3, 2021

Looks like changing the workflow status from alert details doesn't result in a refresh on the histogram & counts table:

@spong
Copy link
Member

spong commented Sep 3, 2021

Refresh isn't synced with workflow status updates in Timeline (via Investigate in Timeline action). I don't think this one has ever worked (would be nice, but not sure if all users expect this? cc @elastic/security-design), so maybe open an issue and we can address as a lower priority.

@spong
Copy link
Member

spong commented Sep 3, 2021

Generic comment about adding tests.™ 💙


(I know there's been a lot of movement and refactoring between all these components and it's no small effort to add robust test coverage around all this functionality, especially so late in the dev cycle, so perhaps we open an tech debt issue for test coverage around this area and ensure it's prioritized before new work.)

@dplumlee dplumlee force-pushed the alert-status-refresh-bug branch 2 times, most recently from 07d255d to 0782085 Compare September 9, 2021 19:12
@dplumlee dplumlee force-pushed the alert-status-refresh-bug branch from 0782085 to bb1d9c5 Compare September 13, 2021 18:32
@dplumlee dplumlee marked this pull request as ready for review September 13, 2021 18:33
@dplumlee dplumlee requested review from a team as code owners September 13, 2021 18:33
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@dplumlee
Copy link
Contributor Author

@spong issue for tracking the timeline refresh and adding tests in a follow up PR here: #112011

Copy link
Member

@spong spong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checked out, tested locally, and looked over code. Looks like there's one minor bug left (no refresh after adding an exception via Alert Details -> Take Action menu), but approving now as most issues have been resolved and these existing fixes are critical to have in the next BC. If not a super simple low-risk 1-liner, can you please open a follow-up issue to track this remaining work? Great simple fixes here @dplumlee -- thanks for seeing this one through! 👍 🚀 🙂

Testing update from past comments:

✅ Verified adding exception refreshes all views (#111042 (comment))
❌ Verified adding exception from the Alert Details -> Take Action menu does not refresh all views (#111042 (comment))
✅ Verified changing the workflow status from alert details refreshes all views #111042 (comment)

Copy link
Contributor

@stephmilovic stephmilovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thanks!!

@dplumlee dplumlee added the auto-backport Deprecated - use backport:version if exact versions are needed label Sep 14, 2021
@kibanamachine
Copy link
Contributor

💚 Backport successful

Status Branch Result
7.15
7.x

The backport PRs will be merged automatically after passing CI.

kibanamachine added a commit that referenced this pull request Sep 14, 2021
…#111042) (#112039)

Co-authored-by: Xavier Mouligneau <[email protected]>

Co-authored-by: Davis Plumlee <[email protected]>
Co-authored-by: Xavier Mouligneau <[email protected]>
kibanamachine added a commit that referenced this pull request Sep 14, 2021
…#111042) (#112038)

Co-authored-by: Xavier Mouligneau <[email protected]>

Co-authored-by: Davis Plumlee <[email protected]>
Co-authored-by: Xavier Mouligneau <[email protected]>
@dplumlee dplumlee deleted the alert-status-refresh-bug branch September 14, 2021 18:42
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 6.5MB 6.5MB +2.1KB
timelines 419.4KB 419.5KB +51.0B
total +2.1KB

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @dplumlee

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
auto-backport Deprecated - use backport:version if exact versions are needed bug Fixes for quality problems that affect the customer experience Feature:Detection Alerts Security Solution Detection Alerts Feature release_note:skip Skip the PR/issue when compiling release notes Team:Detections and Resp Security Detection Response Team v7.15.0 v7.16.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants