Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updates to log types related UX #694

Merged
merged 5 commits into from
Sep 5, 2023
Merged

Updates to log types related UX #694

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
0e3900a
updated log types related UX
amsiglan Sep 2, 2023
d01fbd7
added rule flyout in log type details page; removed log type column f…
amsiglan Sep 5, 2023
65af605
added search support
amsiglan Sep 5, 2023
754f1dd
using badge for severity in rules table
amsiglan Sep 5, 2023
0160b8b
fixed flaky test
amsiglan Sep 5, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/cypress-workflow.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ on:
env:
OPENSEARCH_DASHBOARDS_VERSION: '2.9.0'
OPENSEARCH_VERSION: '2.9.0-SNAPSHOT'
SECURITY_ANALYTICS_BRANCH: '2.x'
SECURITY_ANALYTICS_BRANCH: '2.9'
GRADLE_VERSION: '7.6.1'
amsiglan marked this conversation as resolved.
Show resolved Hide resolved

# If this variable is not empty, the package.json, opensearch_dashboards.json, and yarn.lock files will be replaced
Expand Down
3 changes: 2 additions & 1 deletion cypress/integration/1_detectors.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,7 @@ const validatePendingFieldMappingsPanel = (mappings) => {
const fillDetailsForm = (detectorName, dataSource) => {
getNameField().type(detectorName);
getDataSourceField().selectComboboxItem(dataSource);
getDataSourceField().blur();
getLogTypeField().selectComboboxItem(cypressLogTypeDns);
getLogTypeField().blur();
};
Expand Down Expand Up @@ -371,7 +372,7 @@ describe('Detectors', () => {
getDataSourceField().selectComboboxItem(cypressIndexWindows);
getDataSourceField().focus().blur();

cy.get('.euiCallOut')
cy.get('[data-test-subj="define-detector-diff-log-types-warning"]')
.should('be.visible')
.contains(
'To avoid issues with field mappings, we recommend creating separate detectors for different log types.'
Expand Down
52 changes: 43 additions & 9 deletions ...ges/CreateDetector/components/DefineDetector/components/DetectionRules/DetectionRules.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ import {
EuiHorizontalRule,
CriteriaWithPagination,
EuiText,
EuiEmptyPrompt,
EuiButton,
EuiIcon,
} from '@elastic/eui';

import React, { useMemo, useState } from 'react';
Expand All @@ -17,6 +20,7 @@ import { RuleItem, RuleItemInfo } from './types/interfaces';
import { RuleViewerFlyout } from '../../../../../Rules/components/RuleViewerFlyout/RuleViewerFlyout';
import { RuleTableItem } from '../../../../../Rules/utils/helpers';
import { RuleItemInfoBase } from '../../../../../../../types';
import { ROUTES } from '../../../../../../utils/constants';

export interface CreateDetectorRulesState {
allRules: RuleItemInfo[];
Expand All @@ -26,6 +30,7 @@ export interface CreateDetectorRulesState {
}

export interface DetectionRulesProps {
detectorType: string;
rulesState: CreateDetectorRulesState;
loading?: boolean;
onRuleToggle: (changedItem: RuleItem, isActive: boolean) => void;
Expand All @@ -34,6 +39,7 @@ export interface DetectionRulesProps {
}

export const DetectionRules: React.FC<DetectionRulesProps> = ({
detectorType,
rulesState,
loading,
onPageChange,
Expand All @@ -55,7 +61,7 @@ export const DetectionRules: React.FC<DetectionRulesProps> = ({
id: rule._id,
active: rule.enabled,
description: rule._source.description,
library: rule.prePackaged ? 'Sigma' : 'Custom',
library: rule.prePackaged ? 'Standard' : 'Custom',
logType: rule._source.category,
name: rule._source.title,
severity: rule._source.level,
Expand Down Expand Up @@ -106,14 +112,42 @@ export const DetectionRules: React.FC<DetectionRulesProps> = ({
isLoading={loading}
>
<EuiHorizontalRule margin={'xs'} />
<DetectionRulesTable
pageIndex={rulesState.page.index}
ruleItems={ruleItems}
onAllRulesToggled={onAllRulesToggle}
onRuleActivationToggle={onRuleToggle}
onTableChange={onTableChange}
onRuleDetails={onRuleDetails}
/>

{ruleItems.length ? (
<DetectionRulesTable
pageIndex={rulesState.page.index}
ruleItems={ruleItems}
onAllRulesToggled={onAllRulesToggle}
onRuleActivationToggle={onRuleToggle}
onTableChange={onTableChange}
onRuleDetails={onRuleDetails}
/>
) : (
<EuiEmptyPrompt
title={
<EuiTitle>
<h1>No detection rules {detectorType ? 'to display' : 'selected'}</h1>
</EuiTitle>
}
body={
<p>
{detectorType
? 'There are no applicable detection rules for the selected log type. Consider creating new detection rules.'
: 'Select a log type to be able to select detection rules.'}
</p>
}
actions={
detectorType
? [
<EuiButton href={`#${ROUTES.RULES}`} target="_blank">
Manage&nbsp;
<EuiIcon type={'popout'} />
</EuiButton>,
]
: undefined
}
/>
)}
</EuiAccordion>
</>
);
Expand Down
1 change: 1 addition & 0 deletions ...teDetector/components/DefineDetector/components/DetectorDataSource/DetectorDataSource.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,7 @@ export default class DetectorDataSource extends Component<
<EuiCallOut
title="The selected log sources contain different log types"
color="warning"
data-test-subj={'define-detector-diff-log-types-warning'}
>
<EuiTextColor color={'default'}>
To avoid issues with field mappings, we recommend creating separate detectors for
Expand Down
1 change: 1 addition & 0 deletions ...c/pages/CreateDetector/components/DefineDetector/components/DetectorType/DetectorType.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ export default class DetectorType extends Component<DetectorTypeProps, DetectorT

<EuiFormRow fullWidth={true}>
<DetectionRules
detectorType={detectorType}
rulesState={this.props.rulesState}
loading={this.props.loadingRules}
onPageChange={this.props.onPageChange}
Expand Down
5 changes: 4 additions & 1 deletion public/pages/CreateDetector/containers/CreateDetector.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,10 @@ export default class CreateDetector extends Component<CreateDetectorProps, Creat

this.state = {
currentStep: DetectorCreationStep.DEFINE_DETECTOR,
detector: EMPTY_DEFAULT_DETECTOR,
detector: {
...EMPTY_DEFAULT_DETECTOR,
detector_type: '',
},
fieldMappings: [],
stepDataValid: {
[DetectorCreationStep.DEFINE_DETECTOR]: false,
Expand Down
2 changes: 1 addition & 1 deletion public/pages/Detectors/components/DetectorRulesView/DetectorRulesView.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ const mapRuleItemToRuleTableItem = (ruleItem: RuleItem): RuleTableItem => {
description: ruleItem.description,
source: ruleItem.library,
ruleId: ruleItem.id,
ruleInfo: { ...ruleItem.ruleInfo, prePackaged: ruleItem.library === 'Sigma' },
ruleInfo: { ...ruleItem.ruleInfo, prePackaged: ruleItem.library === 'Standard' },
amsiglan marked this conversation as resolved.
Show resolved Hide resolved
};
};

Expand Down
8 changes: 4 additions & 4 deletions ...ages/Detectors/components/DetectorRulesView/__snapshots__/DetectorRulesView.test.tsx.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -478,7 +478,7 @@ exports[`<DetectorRulesView /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -587,7 +587,7 @@ exports[`<DetectorRulesView /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -768,7 +768,7 @@ exports[`<DetectorRulesView /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -1115,7 +1115,7 @@ exports[`<DetectorRulesView /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down
4 changes: 2 additions & 2 deletions public/pages/Detectors/components/UpdateRules/UpdateRules.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ export const UpdateDetectorRules: React.FC<UpdateDetectorRulesProps> = (props) =
id: rule._id,
severity: rule._source.level,
logType: rule._source.category,
library: 'Sigma',
library: 'Standard',
description: rule._source.description,
active: enabledRuleIds.includes(rule._id),
ruleInfo: rule,
Expand Down Expand Up @@ -140,7 +140,7 @@ export const UpdateDetectorRules: React.FC<UpdateDetectorRulesProps> = (props) =
.filter((rule) => rule.active);
await getRuleFieldsForEnabledRules(withCustomRulesUpdated);
break;
case 'Sigma':
case 'Standard':
const updatedPrePackgedRules: RuleItem[] = prePackagedRuleItems.map((rule) =>
rule.id === changedItem.id ? { ...rule, active: isActive } : rule
);
Expand Down
8 changes: 4 additions & 4 deletions public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3032,7 +3032,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -3141,7 +3141,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -3322,7 +3322,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -3669,7 +3669,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down
8 changes: 4 additions & 4 deletions .../Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1856,7 +1856,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -1965,7 +1965,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -2146,7 +2146,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down Expand Up @@ -2493,7 +2493,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
"name": "Source",
"options": Array [
Object {
"value": "Sigma",
"value": "Standard",
},
Object {
"value": "Custom",
Expand Down
3 changes: 2 additions & 1 deletion public/pages/LogTypes/components/LogTypeDetails.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,10 @@ export const LogTypeDetails: React.FC<LogTypeDetailsProps> = ({
return (
<ContentPanel
title="Details"
titleSize="l"
actions={
!isEditMode &&
logTypeDetails.source.toLocaleLowerCase() !== 'sigma' && [
logTypeDetails.source.toLocaleLowerCase() !== 'standard' && [
<EuiButton onClick={() => setIsEditMode(true)}>Edit</EuiButton>,
]
}
Expand Down
72 changes: 43 additions & 29 deletions public/pages/LogTypes/components/LogTypeDetectionRules.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,12 @@
* SPDX-License-Identifier: Apache-2.0
*/

import React from 'react';
import React, { useState, useCallback } from 'react';
import { RulesTable } from '../../Rules/components/RulesTable/RulesTable';
import { RuleTableItem } from '../../Rules/utils/helpers';
import { ContentPanel } from '../../../components/ContentPanel';
import { EuiButton, EuiFlexGroup, EuiFlexItem, EuiIcon, EuiSpacer, EuiText } from '@elastic/eui';
import { RuleViewerFlyout } from '../../Rules/components/RuleViewerFlyout/RuleViewerFlyout';

export interface LogTypeDetectionRulesProps {
rules: RuleTableItem[];
Expand All @@ -20,34 +21,47 @@ export const LogTypeDetectionRules: React.FC<LogTypeDetectionRulesProps> = ({
loadingRules,
refreshRules,
}) => {
const [flyoutData, setFlyoutData] = useState<RuleTableItem | undefined>(undefined);
const hideFlyout = useCallback(() => {
setFlyoutData(undefined);
}, []);

return (
<ContentPanel
title="Detection rules"
hideHeaderBorder={true}
actions={[<EuiButton onClick={refreshRules}>Refresh</EuiButton>]}
>
{rules.length === 0 ? (
<EuiFlexGroup justifyContent="center" alignItems="center" direction="column">
<EuiFlexItem grow={false}>
<EuiText color="subdued">
<p>There are no detection rules associated with this log type. </p>
</EuiText>
</EuiFlexItem>
<EuiFlexItem grow={false}>
<EuiButton
fill
href={`opensearch_security_analytics_dashboards#/create-rule`}
target="_blank"
>
Create detection rule&nbsp;
<EuiIcon type={'popout'} />
</EuiButton>
<EuiSpacer size="xl" />
</EuiFlexItem>
</EuiFlexGroup>
) : (
<RulesTable loading={loadingRules} ruleItems={rules} showRuleDetails={() => {}} />
)}
</ContentPanel>
<>
{flyoutData && <RuleViewerFlyout hideFlyout={hideFlyout} ruleTableItem={flyoutData} />}
<ContentPanel
title="Detection rules"
hideHeaderBorder={true}
actions={[<EuiButton onClick={refreshRules}>Refresh</EuiButton>]}
>
{rules.length === 0 ? (
<EuiFlexGroup justifyContent="center" alignItems="center" direction="column">
<EuiFlexItem grow={false}>
<EuiText color="subdued">
<p>There are no detection rules associated with this log type. </p>
</EuiText>
</EuiFlexItem>
<EuiFlexItem grow={false}>
<EuiButton
fill
href={`opensearch_security_analytics_dashboards#/create-rule`}
target="_blank"
>
Create detection rule&nbsp;
<EuiIcon type={'popout'} />
</EuiButton>
<EuiSpacer size="xl" />
</EuiFlexItem>
</EuiFlexGroup>
) : (
<RulesTable
loading={loadingRules}
ruleItems={rules}
columnsToHide={['category']}
showRuleDetails={setFlyoutData}
/>
)}
</ContentPanel>
</>
);
};
Loading