[Security Solution][Investigations] - Integrate details flyout with session view

[michaelolo24]

Summary

Based on this PR: #127991

Screen.Recording.2022-03-23.at.9.21.29.AM.mov

Checklist

Delete any items that are not applicable to this PR.

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Documentation was added for features that require explanation or tutorials
• Unit or functional tests were updated or added to match the most common scenarios
• Any UI touched in this PR is usable by keyboard only (learn more about keyboard accessibility)
• Any UI touched in this PR does not create any new axe failures (run axe in browser: FF, Chrome)
• If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the docker list
• This renders correctly on smaller devices using a responsive layout. (You can test this in your browser)
• This was checked for cross-browser compatibility

Risk Matrix

Delete this section if it is not applicable to this PR.

Before closing this PR, invite QA, stakeholders, and other developers to identify risks that should be tested prior to the change/feature release.

When forming the risk matrix, consider some of the following examples and how they may potentially impact the change:

Risk	Probability	Severity	Mitigation/Notes
Multiple Spaces—unexpected behavior in non-default Kibana Space.	Low	High	Integration tests will verify that all features are still supported in non-default Kibana Space and when user switches between spaces.
Multiple nodes—Elasticsearch polling might have race conditions when multiple Kibana nodes are polling for the same tasks.	High	Low	Tasks are idempotent, so executing them multiple times will not result in logical error, but will degrade performance. To test for this case we add plenty of unit tests around this logic and document manual testing procedure.
Code should gracefully handle cases when feature X or plugin Y are disabled.	Medium	High	Unit tests will verify that any feature flag or plugin combination still results in our service operational.
See more potential risk examples

For maintainers

• This was checked for breaking API changes and was labeled appropriately

[kibana-ci]

💔 Build Failed

• Buildkite Build
• Commit: 801d012
• Interpreting CI Failures
• Storybooks Preview
• Webpack Bundle Analyzer

Failed CI Steps

• Jest Tests #3
• Jest Tests #4
• Checks

Test Failures

• [job] [logs] Jest Tests #4 / alert actions determineToAndFrom it uses original_time and threshold_result.from for threshold alerts
• [job] [logs] Jest Tests #4 / alert actions sendAlertToTimelineAction apolloClient is not defined it invokes createTimeline with timelineDefaults
• [job] [logs] Jest Tests #4 / alert actions sendAlertToTimelineAction Eql with NO signal.group.id
• [job] [logs] Jest Tests #4 / alert actions sendAlertToTimelineAction Eql with signal.group.id
• [job] [logs] Jest Tests #4 / alert actions sendAlertToTimelineAction timeline id is NOT empty string and apollo client exists it invokes createTimeline with default timeline if apolloClient throws
• [job] [logs] Jest Tests #4 / alert actions sendAlertToTimelineAction timeline id is NOT empty string and apollo client exists it invokes createTimeline with designated timeline template if "timelineTemplate" exists
• [job] [logs] Jest Tests #4 / alert actions sendAlertToTimelineAction timelineId is empty string it invokes createTimeline with timelineDefaults
• [job] [logs] Jest Tests #4 / alert actions show toasts when data is malformed renders a toast and calls create timeline with basic defaults
• [job] [logs] Jest Tests #3 / GraphOverlay when used in an events viewer (i.e. in the Detections view, or the Host > Events view) it gets index pattern from default data view
• [job] [logs] Jest Tests #3 / GraphOverlay when used in an events viewer (i.e. in the Detections view, or the Host > Events view) it has 100% width when NOT in full screen mode
• [job] [logs] Jest Tests #3 / GraphOverlay when used in an events viewer (i.e. in the Detections view, or the Host > Events view) it has a fixed position when in full screen mode
• [job] [logs] Jest Tests #3 / GraphOverlay when used in the active timeline it gets index pattern from Timeline data view

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id	before	after	diff
securitySolution	2953	2955	+2

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id	before	after	diff
sessionView	0	7	+7

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id	before	after	diff
observability	415.9KB	416.1KB	+215.0B
securitySolution	4.8MB	4.8MB	+5.7KB
sessionView	39.1KB	39.2KB	+114.0B
total			+6.0KB

Public APIs missing exports

Total count of every type that is part of your API that should be exported but is not. This will cause broken links in the API documentation system. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats exports for more detailed information.

id	before	after	diff
sessionView	0	1	+1

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
securitySolution	246.6KB	247.1KB	+522.0B
timelines	285.7KB	285.8KB	+20.0B
total			+542.0B

Unknown metric groups

API count

id	before	after	diff
sessionView	0	7	+7

async chunk count

id	before	after	diff
securitySolution	23	24	+1

ESLint disabled in files

id	before	after	diff
apm	15	14	-1
securitySolution	68	67	-1
total			-2

ESLint disabled line counts

id	before	after	diff
apm	88	85	-3
securitySolution	439	440	+1
total			-2

Total ESLint disabled count

id	before	after	diff
apm	103	99	-4

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

[zizhouW]

Session view callbacks looks good to me! I am wondering if we want to utilize the jumpToEvent prop now for session view in Alerts, to have session view jump to the event that triggered the alert.

[michaelolo24]

Closing this as it's already been incorporated here: #127520