diff --git a/src/plugins/home/public/application/components/__snapshots__/add_data.test.js.snap b/src/plugins/home/public/application/components/__snapshots__/add_data.test.js.snap
index 2545bbcb5114..9178d0e08f3e 100644
--- a/src/plugins/home/public/application/components/__snapshots__/add_data.test.js.snap
+++ b/src/plugins/home/public/application/components/__snapshots__/add_data.test.js.snap
@@ -195,7 +195,7 @@ exports[`apmUiEnabled 1`] = `
- Centralize security events for interactive investigation in ready-to-go visualizations.
+ Protect hosts, analyze security information and events, hunt threats, automate detections, and create cases.
}
footer={
@@ -212,7 +212,7 @@ exports[`apmUiEnabled 1`] = `
}
textAlign="left"
- title="Security"
+ title="SIEM + Endpoint Security"
titleSize="xs"
/>
@@ -461,7 +461,7 @@ exports[`isNewKibanaInstance 1`] = `
- Centralize security events for interactive investigation in ready-to-go visualizations.
+ Protect hosts, analyze security information and events, hunt threats, automate detections, and create cases.
}
footer={
@@ -478,7 +478,7 @@ exports[`isNewKibanaInstance 1`] = `
}
textAlign="left"
- title="Security"
+ title="SIEM + Endpoint Security"
titleSize="xs"
/>
@@ -758,7 +758,7 @@ exports[`mlEnabled 1`] = `
- Centralize security events for interactive investigation in ready-to-go visualizations.
+ Protect hosts, analyze security information and events, hunt threats, automate detections, and create cases.
}
footer={
@@ -775,7 +775,7 @@ exports[`mlEnabled 1`] = `
}
textAlign="left"
- title="Security"
+ title="SIEM + Endpoint Security"
titleSize="xs"
/>
@@ -1060,7 +1060,7 @@ exports[`render 1`] = `
- Centralize security events for interactive investigation in ready-to-go visualizations.
+ Protect hosts, analyze security information and events, hunt threats, automate detections, and create cases.
}
footer={
@@ -1077,7 +1077,7 @@ exports[`render 1`] = `
}
textAlign="left"
- title="Security"
+ title="SIEM + Endpoint Security"
titleSize="xs"
/>
diff --git a/src/plugins/home/public/application/components/add_data.js b/src/plugins/home/public/application/components/add_data.js
index fa1327b3fcd0..c35b7b04932f 100644
--- a/src/plugins/home/public/application/components/add_data.js
+++ b/src/plugins/home/public/application/components/add_data.js
@@ -81,12 +81,12 @@ const AddDataUi = ({ apmUiEnabled, isNewKibanaInstance, intl, mlEnabled }) => {
const siemData = {
title: intl.formatMessage({
id: 'home.addData.securitySolution.nameTitle',
- defaultMessage: 'Security',
+ defaultMessage: 'SIEM + Endpoint Security',
}),
description: intl.formatMessage({
id: 'home.addData.securitySolution.nameDescription',
defaultMessage:
- 'Centralize security events for interactive investigation in ready-to-go visualizations.',
+ 'Protect hosts, analyze security information and events, hunt threats, automate detections, and create cases.',
}),
ariaDescribedby: 'aria-describedby.addSiemButtonLabel',
};
diff --git a/x-pack/plugins/security_solution/public/common/components/header_global/index.tsx b/x-pack/plugins/security_solution/public/common/components/header_global/index.tsx
index 3a8f2f0c16b9..a1e7293ce974 100644
--- a/x-pack/plugins/security_solution/public/common/components/header_global/index.tsx
+++ b/x-pack/plugins/security_solution/public/common/components/header_global/index.tsx
@@ -63,26 +63,19 @@ export const HeaderGlobal = React.memo(({ hideDetectionEngine
-
+
- {indicesExist ? (
- key !== SecurityPageName.detections, navTabs)
- : navTabs
- }
- />
- ) : (
- key === SecurityPageName.overview, navTabs)}
- />
- )}
+ key !== SecurityPageName.detections, navTabs)
+ : navTabs
+ }
+ />
diff --git a/x-pack/plugins/security_solution/public/common/components/header_global/translations.ts b/x-pack/plugins/security_solution/public/common/components/header_global/translations.ts
index f67f665434a9..d3205be9bd2f 100644
--- a/x-pack/plugins/security_solution/public/common/components/header_global/translations.ts
+++ b/x-pack/plugins/security_solution/public/common/components/header_global/translations.ts
@@ -6,9 +6,12 @@
import { i18n } from '@kbn/i18n';
-export const SIEM = i18n.translate('xpack.securitySolution.headerGlobal.siem', {
- defaultMessage: 'SIEM',
-});
+export const SECURITY_SOLUTION = i18n.translate(
+ 'xpack.securitySolution.headerGlobal.securitySolution',
+ {
+ defaultMessage: 'Security solution',
+ }
+);
export const BUTTON_ADD_DATA = i18n.translate('xpack.securitySolution.headerGlobal.buttonAddData', {
defaultMessage: 'Add data',
diff --git a/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx b/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx
index 03ad6ad3396f..8ba7f7da7b8e 100644
--- a/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx
+++ b/x-pack/plugins/security_solution/public/common/containers/source/index.test.tsx
@@ -7,6 +7,7 @@
import { act, renderHook } from '@testing-library/react-hooks';
import { useWithSource, indicesExistOrDataTemporarilyUnavailable } from '.';
+import { NO_ALERT_INDEX } from '../../../../common/constants';
import { mockBrowserFields, mockIndexFields, mocksSource } from './mock';
jest.mock('../../lib/kibana');
@@ -79,6 +80,17 @@ describe('Index Fields & Browser Fields', () => {
});
});
+ test('Make sure we are not querying for NO_ALERT_INDEX and it is not includes in the index pattern', async () => {
+ const { result, waitForNextUpdate } = renderHook(() =>
+ useWithSource('default', [NO_ALERT_INDEX])
+ );
+
+ await waitForNextUpdate();
+ return expect(result.current.indexPattern.title).toEqual(
+ 'apm-*-transaction*,auditbeat-*,endgame-*,filebeat-*,logs-*,packetbeat-*,winlogbeat-*'
+ );
+ });
+
describe('indicesExistOrDataTemporarilyUnavailable', () => {
test('it returns true when undefined', () => {
let undefVar;
diff --git a/x-pack/plugins/security_solution/public/common/containers/source/index.tsx b/x-pack/plugins/security_solution/public/common/containers/source/index.tsx
index cc43dd6f4277..bbd00900105e 100644
--- a/x-pack/plugins/security_solution/public/common/containers/source/index.tsx
+++ b/x-pack/plugins/security_solution/public/common/containers/source/index.tsx
@@ -11,7 +11,7 @@ import { useEffect, useMemo, useState } from 'react';
import memoizeOne from 'memoize-one';
import { IIndexPattern } from 'src/plugins/data/public';
-import { DEFAULT_INDEX_KEY } from '../../../../common/constants';
+import { DEFAULT_INDEX_KEY, NO_ALERT_INDEX } from '../../../../common/constants';
import { useUiSetting$ } from '../../lib/kibana';
import { IndexField, SourceQuery } from '../../../graphql/types';
@@ -126,8 +126,9 @@ export const useWithSource = (
) => {
const [configIndex] = useUiSetting$(DEFAULT_INDEX_KEY);
const defaultIndex = useMemo(() => {
- if (indexToAdd != null && !isEmpty(indexToAdd)) {
- return onlyCheckIndexToAdd ? indexToAdd : [...configIndex, ...indexToAdd];
+ const filterIndexAdd = (indexToAdd ?? []).filter((item) => item !== NO_ALERT_INDEX);
+ if (!isEmpty(filterIndexAdd)) {
+ return onlyCheckIndexToAdd ? filterIndexAdd : [...configIndex, ...filterIndexAdd];
}
return configIndex;
}, [configIndex, indexToAdd, onlyCheckIndexToAdd]);
@@ -138,7 +139,7 @@ export const useWithSource = (
errorMessage: null,
indexPattern: getIndexFields(defaultIndex.join(), []),
indicesExist: indicesExistOrDataTemporarilyUnavailable(undefined),
- loading: false,
+ loading: true,
});
const apolloClient = useApolloClient();
@@ -155,7 +156,7 @@ export const useWithSource = (
try {
const result = await apolloClient.query({
query: sourceQuery,
- fetchPolicy: 'cache-first',
+ fetchPolicy: 'network-only',
variables: {
sourceId,
defaultIndex,
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/pre_packaged_rules/load_empty_prompt.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/pre_packaged_rules/load_empty_prompt.tsx
index f93f38046962..99968cd4d9fe 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/pre_packaged_rules/load_empty_prompt.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/pre_packaged_rules/load_empty_prompt.tsx
@@ -48,7 +48,6 @@ const PrePackagedRulesPromptComponent: React.FC = (
return (
{i18n.PRE_BUILT_TITLE}}
body={{i18n.PRE_BUILT_MSG}
}
actions={
diff --git a/x-pack/plugins/security_solution/public/detections/components/rules/step_rule_actions/index.tsx b/x-pack/plugins/security_solution/public/detections/components/rules/step_rule_actions/index.tsx
index 7bf151adde5c..2b842515d0b7 100644
--- a/x-pack/plugins/security_solution/public/detections/components/rules/step_rule_actions/index.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/step_rule_actions/index.tsx
@@ -33,7 +33,6 @@ import { useKibana } from '../../../../common/lib/kibana';
import { getSchema } from './schema';
import * as I18n from './translations';
import { APP_ID } from '../../../../../common/constants';
-import { SecurityPageName } from '../../../../app/types';
interface StepRuleActionsProps extends RuleStepProps {
defaultValues?: ActionsStepRule | null;
@@ -86,16 +85,13 @@ const StepRuleActionsComponent: FC = ({
});
const { submit } = form;
- // TO DO need to make sure that logic is still valid
- const kibanaAbsoluteUrl = useMemo(() => {
- const url = application.getUrlForApp(`${APP_ID}:${SecurityPageName.detections}`, {
- absolute: true,
- });
- if (url != null && url.includes('app/security/alerts')) {
- return url.replace('app/security/alerts', 'app/security');
- }
- return url;
- }, [application]);
+ const kibanaAbsoluteUrl = useMemo(
+ () =>
+ application.getUrlForApp(`${APP_ID}`, {
+ absolute: true,
+ }),
+ [application]
+ );
const onSubmit = useCallback(
async (enabled: boolean) => {
diff --git a/x-pack/plugins/security_solution/public/detections/containers/detection_engine/rules/fetch_index_patterns.tsx b/x-pack/plugins/security_solution/public/detections/containers/detection_engine/rules/fetch_index_patterns.tsx
index 9a2f43bb475b..6257a9980e00 100644
--- a/x-pack/plugins/security_solution/public/detections/containers/detection_engine/rules/fetch_index_patterns.tsx
+++ b/x-pack/plugins/security_solution/public/detections/containers/detection_engine/rules/fetch_index_patterns.tsx
@@ -70,7 +70,7 @@ export const useFetchIndexPatterns = (defaultIndices: string[] = []): Return =>
apolloClient
.query({
query: sourceQuery,
- fetchPolicy: 'cache-first',
+ fetchPolicy: 'network-only',
variables: {
sourceId: 'default',
defaultIndex: indices,
diff --git a/x-pack/plugins/security_solution/public/timelines/components/fields_browser/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/fields_browser/index.tsx
index 7b843b4f6944..f4e39ff8227c 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/fields_browser/index.tsx
+++ b/x-pack/plugins/security_solution/public/timelines/components/fields_browser/index.tsx
@@ -138,10 +138,9 @@ export const StatefulFieldsBrowserComponent: React.FC = ({
setShow(false);
}, []);
// only merge in the default category if the field browser is visible
- const browserFieldsWithDefaultCategory = useMemo(
- () => (show ? mergeBrowserFieldsWithDefaultCategory(browserFields) : {}),
- [show, browserFields]
- );
+ const browserFieldsWithDefaultCategory = useMemo(() => {
+ return show ? mergeBrowserFieldsWithDefaultCategory(browserFields) : {};
+ }, [show, browserFields]);
return (
diff --git a/x-pack/plugins/security_solution/public/timelines/components/timeline/search_or_filter/index.tsx b/x-pack/plugins/security_solution/public/timelines/components/timeline/search_or_filter/index.tsx
index 5f35bc5212d3..7ee7e12c0ef6 100644
--- a/x-pack/plugins/security_solution/public/timelines/components/timeline/search_or_filter/index.tsx
+++ b/x-pack/plugins/security_solution/public/timelines/components/timeline/search_or_filter/index.tsx
@@ -78,8 +78,7 @@ const StatefulSearchOrFilterComponent = React.memo(
serializedQuery: convertKueryToElasticSearchQuery(expression, indexPattern),
},
}),
- // eslint-disable-next-line react-hooks/exhaustive-deps
- [indexPattern, timelineId]
+ [applyKqlFilterQuery, indexPattern, timelineId]
);
const setFilterQueryDraftFromKueryExpression = useCallback(
@@ -91,8 +90,7 @@ const StatefulSearchOrFilterComponent = React.memo(
expression,
},
}),
- // eslint-disable-next-line react-hooks/exhaustive-deps
- [timelineId]
+ [timelineId, setKqlFilterQueryDraft]
);
const setFiltersInTimeline = useCallback(
@@ -101,8 +99,7 @@ const StatefulSearchOrFilterComponent = React.memo(
id: timelineId,
filters: newFilters,
}),
- // eslint-disable-next-line react-hooks/exhaustive-deps
- [timelineId]
+ [timelineId, setFilters]
);
const setSavedQueryInTimeline = useCallback(
@@ -111,8 +108,7 @@ const StatefulSearchOrFilterComponent = React.memo(
id: timelineId,
savedQueryId: newSavedQueryId,
}),
- // eslint-disable-next-line react-hooks/exhaustive-deps
- [timelineId]
+ [timelineId, setSavedQueryId]
);
const handleUpdateEventType = useCallback(
@@ -121,8 +117,7 @@ const StatefulSearchOrFilterComponent = React.memo(
id: timelineId,
eventType: newEventType,
}),
- // eslint-disable-next-line react-hooks/exhaustive-deps
- [timelineId]
+ [timelineId, updateEventType]
);
return (
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.test.ts
index 0d363e1f6f3c..95e6071e4def 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.test.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.test.ts
@@ -9,13 +9,13 @@ import { getNotificationResultsLink } from './utils';
describe('utils', () => {
it('getNotificationResultsLink', () => {
const resultLink = getNotificationResultsLink({
- kibanaSiemAppUrl: 'http://localhost:5601/app/siem',
+ kibanaSiemAppUrl: 'http://localhost:5601/app/security',
id: 'notification-id',
from: '00000',
to: '1111',
});
expect(resultLink).toEqual(
- `http://localhost:5601/app/siem#/detections/rules/id/notification-id?timerange=(global:(linkTo:!(timeline),timerange:(from:00000,kind:absolute,to:1111)),timeline:(linkTo:!(global),timerange:(from:00000,kind:absolute,to:1111)))`
+ `http://localhost:5601/app/security/detections/rules/id/notification-id?timerange=(global:(linkTo:!(timeline),timerange:(from:00000,kind:absolute,to:1111)),timeline:(linkTo:!(global),timerange:(from:00000,kind:absolute,to:1111)))`
);
});
});
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.ts
index c91c4490e8eb..983ee86598fa 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/notifications/utils.ts
@@ -4,8 +4,10 @@
* you may not use this file except in compliance with the Elastic License.
*/
+import { APP_PATH } from '../../../../common/constants';
+
export const getNotificationResultsLink = ({
- kibanaSiemAppUrl = '/app/siem',
+ kibanaSiemAppUrl = APP_PATH,
id,
from,
to,
@@ -17,5 +19,5 @@ export const getNotificationResultsLink = ({
}) => {
if (from == null || to == null) return '';
- return `${kibanaSiemAppUrl}#/detections/rules/id/${id}?timerange=(global:(linkTo:!(timeline),timerange:(from:${from},kind:absolute,to:${to})),timeline:(linkTo:!(global),timerange:(from:${from},kind:absolute,to:${to})))`;
+ return `${kibanaSiemAppUrl}/detections/rules/id/${id}?timerange=(global:(linkTo:!(timeline),timerange:(from:${from},kind:absolute,to:${to})),timeline:(linkTo:!(global),timerange:(from:${from},kind:absolute,to:${to})))`;
};
diff --git a/x-pack/plugins/translations/translations/ja-JP.json b/x-pack/plugins/translations/translations/ja-JP.json
index b87957ae4528..c1f0dc4c0c60 100644
--- a/x-pack/plugins/translations/translations/ja-JP.json
+++ b/x-pack/plugins/translations/translations/ja-JP.json
@@ -14067,7 +14067,6 @@
"xpack.securitySolution.header.editableTitle.editButtonAria": "クリックすると {title} を編集できます",
"xpack.securitySolution.header.editableTitle.save": "保存",
"xpack.securitySolution.headerGlobal.buttonAddData": "データの追加",
- "xpack.securitySolution.headerGlobal.siem": "Security",
"xpack.securitySolution.headerPage.pageSubtitle": "前回のイベント: {beat}",
"xpack.securitySolution.hooks.useAddToTimeline.addedFieldMessage": "{fieldOrValue}をタイムラインに追加しました",
"xpack.securitySolution.host.details.architectureLabel": "アーキテクチャー",
diff --git a/x-pack/plugins/translations/translations/zh-CN.json b/x-pack/plugins/translations/translations/zh-CN.json
index 01ffa4833a3b..0f2a51c8ff88 100644
--- a/x-pack/plugins/translations/translations/zh-CN.json
+++ b/x-pack/plugins/translations/translations/zh-CN.json
@@ -14073,7 +14073,6 @@
"xpack.securitySolution.header.editableTitle.editButtonAria": "通过单击,可以编辑 {title}",
"xpack.securitySolution.header.editableTitle.save": "保存",
"xpack.securitySolution.headerGlobal.buttonAddData": "添加数据",
- "xpack.securitySolution.headerGlobal.siem": "Security",
"xpack.securitySolution.headerPage.pageSubtitle": "最后事件:{beat}",
"xpack.securitySolution.hooks.useAddToTimeline.addedFieldMessage": "已将 {fieldOrValue} 添加到时间线",
"xpack.securitySolution.host.details.architectureLabel": "架构",