Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Rules migration] Add sorting functionality to rules migration table (#11379) #203396

Merged
merged 6 commits into from
Dec 9, 2024

Conversation

e40pud
Copy link
Contributor

@e40pud e40pud commented Dec 9, 2024

Summary

Internal link to the feature details

These changes add sorting functionality to the migration rules table. It is possible to sort migration rules by next columns: Updated, Name, Status, Risk Score, Severity and Author.

Other changes

Next fixes and adjustments were also implemented as part of this PR:

  • Installed status in migration rules table to indicate whether the rule was installed
  • Rules selection and installation of selected rules
  • Disable selection for not fully translated rules
  • Author column to show whether the translated rule matched one of the existing Elastic prebuilt rules
  • Install and enable and Install without enabling buttons within the migration rule details flyout

@e40pud e40pud added release_note:skip Skip the PR/issue when compiling release notes Team:Threat Hunting Security Solution Threat Hunting Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) labels Dec 9, 2024
@e40pud e40pud requested a review from semd December 9, 2024 11:23
@e40pud e40pud self-assigned this Dec 9, 2024
@e40pud e40pud requested a review from a team as a code owner December 9, 2024 11:23
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@@ -46,6 +46,7 @@ export type FieldMap<T extends string = string> = Record<
array?: boolean;
doc_values?: boolean;
enabled?: boolean;
fields?: Record<string, { type: string }>;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@semd I extended FieldMap to have fields as well. We need it to be able to do sort by title field which has text type. And in order to sort by this field we need to add sub-field of a keyword type.

https://www.elastic.co/guide/en/elasticsearch/reference/current/text.html#before-enabling-fielddata

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

removing it for now since it does not cover anything and I have a separate task to add all tests

direction === 'desc' ? '_last' : '_first';

const sortingOptions = {
author(direction: estypes.SortOrder = 'asc'): estypes.SortCombinations {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Calling this "author" is something specific to the UI, In the API we should call it matchedPrebuiltRule or customTranslation (opposite).

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@@ -395,3 +407,89 @@ const conditions = {
return [this.isFullyTranslated(), this.isNotInstalled()];
},
};

const missing = (direction: estypes.SortOrder = 'asc') =>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function name is vague, can we call it sortMissingValue or something more descriptive?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

Comment on lines 483 to 495
const getSortingOptions = (sort?: RuleMigrationSort): estypes.Sort => {
if (!sort?.sortField) {
return DEFAULT_SORTING;
}
const sortingOptionsMap: { [key: string]: estypes.Sort } = {
'elastic_rule.title': sortingOptions.name(sort.sortDirection),
'elastic_rule.severity': sortingOptions.severity(sort.sortDirection),
'elastic_rule.prebuilt_rule_id': sortingOptions.author(sort.sortDirection),
translation_result: sortingOptions.status(sort.sortDirection),
updated_at: sortingOptions.updated(sort.sortDirection),
};
return sortingOptionsMap[sort.sortField] ?? DEFAULT_SORTING;
};
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouln't it be better to create the map only once?

Suggested change
const getSortingOptions = (sort?: RuleMigrationSort): estypes.Sort => {
if (!sort?.sortField) {
return DEFAULT_SORTING;
}
const sortingOptionsMap: { [key: string]: estypes.Sort } = {
'elastic_rule.title': sortingOptions.name(sort.sortDirection),
'elastic_rule.severity': sortingOptions.severity(sort.sortDirection),
'elastic_rule.prebuilt_rule_id': sortingOptions.author(sort.sortDirection),
translation_result: sortingOptions.status(sort.sortDirection),
updated_at: sortingOptions.updated(sort.sortDirection),
};
return sortingOptionsMap[sort.sortField] ?? DEFAULT_SORTING;
};
const sortingOptionsMap: { [key: string]: estypes.Sort } = {
'elastic_rule.title': sortingOptions.name,
'elastic_rule.severity': sortingOptions.severity,
'elastic_rule.prebuilt_rule_id': sortingOptions.author,
translation_result: sortingOptions.status,
updated_at: sortingOptions.updated,
};
const getSortingOptions = (sort?: RuleMigrationSort): estypes.Sort => {
if (!sort?.sortField) {
return DEFAULT_SORTING;
}
return sortingOptionsMap[sort.sortField]?.(sort.sortDirection) ?? DEFAULT_SORTING;
};

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

if (!sort?.sortField) {
return DEFAULT_SORTING;
}
const sortingOptionsMap: { [key: string]: estypes.Sort } = {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be good to have a union type with the fields we support sorting for, instead of using string

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

Copy link
Contributor Author

@e40pud e40pud Dec 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now, instead of returning only one condition estypes.SortCombinations we can return an array of conditions estypes.SortCombinations[]. I actually used that in case of sorting by status 😄

@@ -395,3 +407,89 @@ const conditions = {
return [this.isFullyTranslated(), this.isNotInstalled()];
},
};

Copy link
Contributor

@semd semd Dec 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This file is starting to grow too much.
Would it make sense to move these sorting helpers to a separate place?
Maybe:

  • server/lib/siem_migrations/rules/data/rule_migrations_data_rules_client/sort.ts

And the conditions object to:

  • server/lib/siem_migrations/rules/data/rule_migrations_data_rules_client/search.ts

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@elasticmachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 6347 6349 +2

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 14.6MB 14.7MB +3.5KB

History

cc @e40pud

@e40pud e40pud merged commit 70a5bb3 into elastic:main Dec 9, 2024
8 checks passed
@kibanamachine
Copy link
Contributor

Starting backport for target branches: 8.x

https://github.com/elastic/kibana/actions/runs/12242755200

kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Dec 9, 2024
…lastic#11379) (elastic#203396)

## Summary

[Internal link](elastic/security-team#10820)
to the feature details

These changes add sorting functionality to the migration rules table. It
is possible to sort migration rules by next columns: `Updated`, `Name`,
`Status`, `Risk Score`, `Severity` and `Author`.

### Other changes

Next fixes and adjustments were also implemented as part of this PR:
* `Installed` status in migration rules table to indicate whether the
rule was installed
* Rules selection and installation of selected rules
* Disable selection for not fully translated rules
* `Author` column to show whether the translated rule matched one of the
existing Elastic prebuilt rules
* `Install and enable` and `Install without enabling` buttons within the
migration rule details flyout

(cherry picked from commit 70a5bb3)
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.x

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

kibanamachine added a commit that referenced this pull request Dec 9, 2024
…table (#11379) (#203396) (#203486)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Rules migration] Add sorting functionality to rules migration table
(#11379) (#203396)](#203396)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ievgen
Sorokopud","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-12-09T19:21:16Z","message":"[Rules
migration] Add sorting functionality to rules migration table (#11379)
(#203396)\n\n## Summary\r\n\r\n[Internal
link](https://github.com/elastic/security-team/issues/10820)\r\nto the
feature details\r\n\r\nThese changes add sorting functionality to the
migration rules table. It\r\nis possible to sort migration rules by next
columns: `Updated`, `Name`,\r\n`Status`, `Risk Score`, `Severity` and
`Author`.\r\n\r\n### Other changes\r\n\r\nNext fixes and adjustments
were also implemented as part of this PR:\r\n* `Installed` status in
migration rules table to indicate whether the\r\nrule was installed\r\n*
Rules selection and installation of selected rules\r\n* Disable
selection for not fully translated rules\r\n* `Author` column to show
whether the translated rule matched one of the\r\nexisting Elastic
prebuilt rules\r\n* `Install and enable` and `Install without enabling`
buttons within the\r\nmigration rule details
flyout","sha":"70a5bb33c438912b64259ea4c7a3c77c41f93f45","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat
Hunting","Team: SecuritySolution","backport:prev-minor"],"title":"[Rules
migration] Add sorting functionality to rules migration table
(#11379)","number":203396,"url":"https://github.com/elastic/kibana/pull/203396","mergeCommit":{"message":"[Rules
migration] Add sorting functionality to rules migration table (#11379)
(#203396)\n\n## Summary\r\n\r\n[Internal
link](https://github.com/elastic/security-team/issues/10820)\r\nto the
feature details\r\n\r\nThese changes add sorting functionality to the
migration rules table. It\r\nis possible to sort migration rules by next
columns: `Updated`, `Name`,\r\n`Status`, `Risk Score`, `Severity` and
`Author`.\r\n\r\n### Other changes\r\n\r\nNext fixes and adjustments
were also implemented as part of this PR:\r\n* `Installed` status in
migration rules table to indicate whether the\r\nrule was installed\r\n*
Rules selection and installation of selected rules\r\n* Disable
selection for not fully translated rules\r\n* `Author` column to show
whether the translated rule matched one of the\r\nexisting Elastic
prebuilt rules\r\n* `Install and enable` and `Install without enabling`
buttons within the\r\nmigration rule details
flyout","sha":"70a5bb33c438912b64259ea4c7a3c77c41f93f45"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/203396","number":203396,"mergeCommit":{"message":"[Rules
migration] Add sorting functionality to rules migration table (#11379)
(#203396)\n\n## Summary\r\n\r\n[Internal
link](https://github.com/elastic/security-team/issues/10820)\r\nto the
feature details\r\n\r\nThese changes add sorting functionality to the
migration rules table. It\r\nis possible to sort migration rules by next
columns: `Updated`, `Name`,\r\n`Status`, `Risk Score`, `Severity` and
`Author`.\r\n\r\n### Other changes\r\n\r\nNext fixes and adjustments
were also implemented as part of this PR:\r\n* `Installed` status in
migration rules table to indicate whether the\r\nrule was installed\r\n*
Rules selection and installation of selected rules\r\n* Disable
selection for not fully translated rules\r\n* `Author` column to show
whether the translated rule matched one of the\r\nexisting Elastic
prebuilt rules\r\n* `Install and enable` and `Install without enabling`
buttons within the\r\nmigration rule details
flyout","sha":"70a5bb33c438912b64259ea4c7a3c77c41f93f45"}}]}]
BACKPORT-->

---------

Co-authored-by: Ievgen Sorokopud <[email protected]>
Samiul-TheSoccerFan pushed a commit to Samiul-TheSoccerFan/kibana that referenced this pull request Dec 10, 2024
…lastic#11379) (elastic#203396)

## Summary

[Internal link](elastic/security-team#10820)
to the feature details

These changes add sorting functionality to the migration rules table. It
is possible to sort migration rules by next columns: `Updated`, `Name`,
`Status`, `Risk Score`, `Severity` and `Author`.

### Other changes

Next fixes and adjustments were also implemented as part of this PR:
* `Installed` status in migration rules table to indicate whether the
rule was installed
* Rules selection and installation of selected rules
* Disable selection for not fully translated rules
* `Author` column to show whether the translated rule matched one of the
existing Elastic prebuilt rules
* `Install and enable` and `Install without enabling` buttons within the
migration rule details flyout
CAWilson94 pushed a commit to CAWilson94/kibana that referenced this pull request Dec 12, 2024
…lastic#11379) (elastic#203396)

## Summary

[Internal link](elastic/security-team#10820)
to the feature details

These changes add sorting functionality to the migration rules table. It
is possible to sort migration rules by next columns: `Updated`, `Name`,
`Status`, `Risk Score`, `Severity` and `Author`.

### Other changes

Next fixes and adjustments were also implemented as part of this PR:
* `Installed` status in migration rules table to indicate whether the
rule was installed
* Rules selection and installation of selected rules
* Disable selection for not fully translated rules
* `Author` column to show whether the translated rule matched one of the
existing Elastic prebuilt rules
* `Install and enable` and `Install without enabling` buttons within the
migration rule details flyout
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) release_note:skip Skip the PR/issue when compiling release notes Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v8.18.0 v9.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants