Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Endpoint] Hide agent types on Types filter when on a flyout and other UI changes #176280

Merged

Conversation

ashokaditya
Copy link
Member

@ashokaditya ashokaditya commented Feb 6, 2024

Summary

For Types filter on a flyout/responder (when a single agent is selected), that shows agent type and action type filter options, it doesn't make sense to allow selecting agent types as there can only be one agent type. This PR fixes that bug by:

  1. Not showing the agent types filter options

Additionally the PR updates

  1. Agent type name to Elastic Defend instead of Endpoint.
  2. Adds Agent type value to expanded output tray.
  3. Uses the correct field for getting host names for sentinel one hosts from sentinel one alerts
  4. Correctly calculates the available filter options in Types filter.

Team consensus

  • remove agent types from flyout types filter

clip/screenshot (Types filter)

flyout/responder view

Screenshot 2024-02-06 at 5 04 38 PM

history page view

Screenshot 2024-02-06 at 5 05 01 PM

Output sections

Screenshot 2024-02-06 at 4 40 53 PM
Screenshot 2024-02-06 at 4 41 01 PM

Updated Responder header info for Sentinel One host

Screenshot 2024-02-06 at 5 07 50 PM

Checklist

@ashokaditya ashokaditya added release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution OLM Sprint v8.1.3 labels Feb 6, 2024
@ashokaditya ashokaditya self-assigned this Feb 6, 2024
@ashokaditya ashokaditya marked this pull request as ready for review February 6, 2024 10:30
@ashokaditya ashokaditya requested a review from a team as a code owner February 6, 2024 10:30
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

Copy link
Contributor

@gergoabraham gergoabraham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the fix! 🙌

Copy link

@caitlinbetz caitlinbetz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This makes sense to me, looks good!

We decided to not show agent types for single agent views where selecting agent type doesn't make sense
@ashokaditya ashokaditya requested a review from a team as a code owner February 6, 2024 15:28
@ashokaditya ashokaditya changed the title [Security Solution][Endpoint] Preselect agent types on Types filter when on a flyout [Security Solution][Endpoint] Hide agent types on Types filter when on a flyout and other UI changes Feb 6, 2024
Copy link
Contributor

@gergoabraham gergoabraham left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image

I like the new approach! ☝️ 💯

thanks for all the modifications, I think this is ready to 🚢

Comment on lines +349 to +351
const numFilters = useMemo(
() => items.filter((item) => item.key && item.checked !== 'on').length,
[items]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice catch!

@ashokaditya ashokaditya enabled auto-merge (squash) February 7, 2024 09:46
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #56 / aiops log rate analysis with 'kibana_sample_data_logstsdb' kibana sample data logs displays index details
  • [job] [logs] FTR Configs #47 / fleet rejects request to create a new fleet server hosts if host url is different from default

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 11.4MB 11.4MB +372.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 69.9KB 69.9KB +6.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @ashokaditya

@ashokaditya ashokaditya merged commit 71c06b8 into elastic:main Feb 7, 2024
39 checks passed
@ashokaditya ashokaditya removed the v8.1.3 label Feb 7, 2024
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Feb 7, 2024
@ashokaditya ashokaditya deleted the task/dw-agent-type-filters-update branch February 7, 2024 11:56
@elastic elastic deleted a comment from kibanamachine Feb 7, 2024
fkanout pushed a commit to fkanout/kibana that referenced this pull request Feb 7, 2024
… on a flyout and other UI changes (elastic#176280)

## Summary

For `Types` filter on a flyout/responder (when a single agent is
selected), that shows agent type and action type filter options, it
doesn't make sense to allow selecting agent types as there can only be
one agent type. This PR fixes that bug by:

1. Not showing the agent types filter options


Additionally the PR updates 
1. Agent type name to **Elastic Defend** _instead of Endpoint_.
2. Adds `Agent type` value to expanded output tray.
3. Uses the correct field for getting host names for sentinel one hosts
from sentinel one alerts
4. Correctly calculates the available filter options in Types filter.


### Team consensus
- [x] remove agent types from flyout types filter

### clip/screenshot (Types filter)
#### flyout/responder view
![Screenshot 2024-02-06 at 5 04
38 PM](https://github.com/elastic/kibana/assets/1849116/e0540bcc-cf51-4983-97df-de1561c23930)

#### history page view
![Screenshot 2024-02-06 at 5 05
01 PM](https://github.com/elastic/kibana/assets/1849116/27546ece-2327-4a9f-82f6-97f83c5826b9)

#### Output sections 
![Screenshot 2024-02-06 at 4 40
53 PM](https://github.com/elastic/kibana/assets/1849116/c31ff450-a626-4652-9298-d777af11f057)
![Screenshot 2024-02-06 at 4 41
01 PM](https://github.com/elastic/kibana/assets/1849116/5ba77d8b-d898-4921-8dff-00faf85b5d3f)

### Updated Responder header info for Sentinel One host
![Screenshot 2024-02-06 at 5 07
50 PM](https://github.com/elastic/kibana/assets/1849116/97ea17ba-2f4c-4850-bcac-20c822465b96)


### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
CoenWarmer pushed a commit to CoenWarmer/kibana that referenced this pull request Feb 15, 2024
… on a flyout and other UI changes (elastic#176280)

## Summary

For `Types` filter on a flyout/responder (when a single agent is
selected), that shows agent type and action type filter options, it
doesn't make sense to allow selecting agent types as there can only be
one agent type. This PR fixes that bug by:

1. Not showing the agent types filter options


Additionally the PR updates 
1. Agent type name to **Elastic Defend** _instead of Endpoint_.
2. Adds `Agent type` value to expanded output tray.
3. Uses the correct field for getting host names for sentinel one hosts
from sentinel one alerts
4. Correctly calculates the available filter options in Types filter.


### Team consensus
- [x] remove agent types from flyout types filter

### clip/screenshot (Types filter)
#### flyout/responder view
![Screenshot 2024-02-06 at 5 04
38 PM](https://github.com/elastic/kibana/assets/1849116/e0540bcc-cf51-4983-97df-de1561c23930)

#### history page view
![Screenshot 2024-02-06 at 5 05
01 PM](https://github.com/elastic/kibana/assets/1849116/27546ece-2327-4a9f-82f6-97f83c5826b9)

#### Output sections 
![Screenshot 2024-02-06 at 4 40
53 PM](https://github.com/elastic/kibana/assets/1849116/c31ff450-a626-4652-9298-d777af11f057)
![Screenshot 2024-02-06 at 4 41
01 PM](https://github.com/elastic/kibana/assets/1849116/5ba77d8b-d898-4921-8dff-00faf85b5d3f)

### Updated Responder header info for Sentinel One host
![Screenshot 2024-02-06 at 5 07
50 PM](https://github.com/elastic/kibana/assets/1849116/97ea17ba-2f4c-4850-bcac-20c822465b96)


### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
fkanout pushed a commit to fkanout/kibana that referenced this pull request Mar 4, 2024
… on a flyout and other UI changes (elastic#176280)

## Summary

For `Types` filter on a flyout/responder (when a single agent is
selected), that shows agent type and action type filter options, it
doesn't make sense to allow selecting agent types as there can only be
one agent type. This PR fixes that bug by:

1. Not showing the agent types filter options


Additionally the PR updates 
1. Agent type name to **Elastic Defend** _instead of Endpoint_.
2. Adds `Agent type` value to expanded output tray.
3. Uses the correct field for getting host names for sentinel one hosts
from sentinel one alerts
4. Correctly calculates the available filter options in Types filter.


### Team consensus
- [x] remove agent types from flyout types filter

### clip/screenshot (Types filter)
#### flyout/responder view
![Screenshot 2024-02-06 at 5 04
38 PM](https://github.com/elastic/kibana/assets/1849116/e0540bcc-cf51-4983-97df-de1561c23930)

#### history page view
![Screenshot 2024-02-06 at 5 05
01 PM](https://github.com/elastic/kibana/assets/1849116/27546ece-2327-4a9f-82f6-97f83c5826b9)

#### Output sections 
![Screenshot 2024-02-06 at 4 40
53 PM](https://github.com/elastic/kibana/assets/1849116/c31ff450-a626-4652-9298-d777af11f057)
![Screenshot 2024-02-06 at 4 41
01 PM](https://github.com/elastic/kibana/assets/1849116/5ba77d8b-d898-4921-8dff-00faf85b5d3f)

### Updated Responder header info for Sentinel One host
![Screenshot 2024-02-06 at 5 07
50 PM](https://github.com/elastic/kibana/assets/1849116/97ea17ba-2f4c-4850-bcac-20c822465b96)


### Checklist
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [x] Any UI touched in this PR is usable by keyboard only (learn more
about [keyboard accessibility](https://webaim.org/techniques/keyboard/))
- [x] Any UI touched in this PR does not create any new axe failures
(run axe in browser:
[FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/),
[Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US))
- [x] This renders correctly on smaller devices using a responsive
layout. (You can test this [in your
browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
- [x] This was checked for [cross-browser
compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:skip This commit does not require backporting OLM Sprint release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v8.13.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants