No description

Find a file

Andrew Goldstein 16320cc249 [Security Solution] Restores Alerts table local storage persistence and the Remove Column action (#114742 ) ## [Security Solution] Restores Alerts table local storage persistence and the Remove Column action This PR implements the following changes summarized below to address <https://github.com/elastic/kibana/issues/113090>, as proposed [here](https://github.com/elastic/kibana/issues/113090#issuecomment-935143690): - Configures the `Columns` popover to be consistent with `Discover` - Changes the `Hide column` action to `Remove column`, to be consistent with `Discover` - Persists updates to the `Columns` popover order in `local storage` - Restores the feature to persist column widths in `local storage` ### Configures the `Columns` popover to be consistent with `Discover` - We now pass `false` to the `allowHide` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid): ![allow_hide](https://user-images.githubusercontent.com/4459398/136114714-02f25b97-86af-47e5-9adc-1177d5a2c715.png) This makes all `EuiDataGrid`-based views in the Security Solution consistent with `Discover`'s use of the `EuiDataGrid` `Columns` popover. In `7.15`, the `Columns` popover includes the _hide column_ toggle, as shown in the screenshot below: ![alerts_columns_popover_7_15](https://user-images.githubusercontent.com/4459398/136112441-455ddbeb-dea3-4837-81ad-32d6c82c11fe.png) _Above: The `Columns` popover in the `7.15` `Alerts` table_ The `Columns` popover in `Discover`'s `EuiDataGrid`-based table does not display the hide column toggle, as shown the screenshot below: ![columns_popover_discover](https://user-images.githubusercontent.com/4459398/136112856-7e42c822-2260-4759-ac78-5bea63a171c7.png) _Above: The `EuiDataGrid` `Columns` popover in `Discover`, in `master`_ Passing `false` to the `allowHide` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API makes the `Columns` popover in all `EuiDataGrid`-based views in the Security Solution consistent with `Discover`, as illustrated by the screenshot below: ![alerts_columns_popover_no_hide](https://user-images.githubusercontent.com/4459398/136112980-d4219fbd-1443-4612-8cdb-b97bee8b97ef.png) _Above: The `Columns` popover is now consistent with `Discover`_ ## Changes the `Hide column` action to `Remove column`, to be consistent with `Discover` - The `Hide column` action shown in the `7.15` alerts table is changed to `Remove column`, making it consistent with `Discover`'s use of `EuiDataGrid` In `7.15`, the `Alerts` table has a `Hide column` action, as shown in the screenshot below: ![hide_column](https://user-images.githubusercontent.com/4459398/136115681-9e0da144-a981-4352-8092-9368d74cd153.png) _Above: The `Hide Column` action in the `7.15` `Alerts` table_ In `7.15`, clicking the `Hide Column` action shown in the screenshot above hides the column, but does not remove it. In `7.15`, columns may only be removed by un-checking them in the `Fields` browser, or by un-toggling them in the Alerts / Events details popover. Both of those methods require multiple clicks, and require uses to re-find the field in the modal or popover before it may be toggled for removal. In `Discover`, users don't hide columns. In `Discover`, users directly remove columns by clicking the `Remove column` action, shown in the screenshot below: ![discover_remove_column](https://user-images.githubusercontent.com/4459398/136114295-f018a561-f9ee-4ce4-a9c6-0fcd7f71e67b.png) _Above: The `Remove column` action in `Discover`'s use of `EuiDataGrid` in `master`_ All `EuiDataGrid`-based views in the Security Solution were made consistent with `Discover` by replacing the `Hide column` action with `Remove column`, per the screenshot below: ![remove_column_after](https://user-images.githubusercontent.com/4459398/137047582-3c4d6cb0-ac12-4c50-9c34-0c4ef5536550.png) _Above: The `Remove column` action in the Alerts table_ Note: the `Remove column` action shown above appears as the last item in the popover because it's specified via the `EuiDataGrid` `EuiDataGridColumnActions` > `additonal` API, which appends additonal actions to the end of popover, after the built-in actions: ![additional](https://user-images.githubusercontent.com/4459398/137047825-625002b3-5cd6-4b3e-87da-e76dbaf2a827.png) ## Persists updates to the `Columns` popover order in `local storage` - Persist column order updates to `local storage` when users update the order of columns via the `Columns` popover The following PR <https://github.com/elastic/kibana/pull/110685> restored partial support for persisting columns across page refreshes via `local storage`, but the Redux store was not updated when users sort columns via the `Columns` popover, an shown in the animated gif below: ![ordering_via_columns](https://user-images.githubusercontent.com/4459398/136119497-65f76f49-091c-4a45-b8d3-1e5ef80ccbb2.gif) _Above: Ordering via the `Columns` popover is not persisted to `local storage` in `7.15`_ This PR utilizes the `setVisibleColumns` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API as a callback to update Redux when the columns are sorted, which will in-turn update `local storage` to persist the new order across page refreshes: ![setVisibleColumns](https://user-images.githubusercontent.com/4459398/136117249-628bb147-a860-4ccf-811a-0e57a99296fb.png) ## Restores the feature to persist column widths in `local storage` In previous releases, resized column widths were peristed in `local storage` to persist across page refreshes, as documented in <https://github.com/elastic/kibana/issues/110524> : ``` { "detections-page":{ "id":"detections-page", "activeTab":"query", "prevActiveTab":"query", "columns":[ { "category":"base", "columnHeaderType":"not-filtered", "description":"Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events.", "example":"2016-05-23T08:05:34.853Z", "id":"@timestamp", "type":"date", "aggregatable":true, "width":190 }, { "category":"cloud", "columnHeaderType":"not-filtered", "description":"The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.", "example":"666777888999", "id":"cloud.account.id", "type":"string", "aggregatable":true, "width":180 }, { "category":"cloud", "columnHeaderType":"not-filtered", "description":"Availability zone in which this host is running.", "example":"us-east-1c", "id":"cloud.availability_zone", "type":"string", "aggregatable":true, "width":180 }, // ... } ], // ... } } ``` _Above: column widths were persisted to `local storage` in previous release, (going at least back to `7.12`)_ In this PR, we utilize the `onColumnResize` [EuiDataGrid API](https://elastic.github.io/eui/#/tabular-content/data-grid) API as a callback to update Redux when the columns are sorted via the `Columns` popover. Updating Redux will in-turn update `local storage`, so resized columns widths will persist across page refreshes: ![onColumnResize](https://user-images.githubusercontent.com/4459398/136120062-3b0bebce-9c44-47fc-9956-48fe07a30f83.png) ### Other changes The Alerts page `Trend` chart and table were updated to include the following additional `Stack by` fields (CC @paulewing): ``` process.name file.name hash.sha256 ``` per the before / after screenshots below: ![alerts-trend-before](https://user-images.githubusercontent.com/4459398/137045011-7da4530b-0259-4fd4-b903-9eee6c26d02f.png) _Above: The Alerts `Trend` Stack by fields in `7.15` (before)_ ![alerts-trend-after](https://user-images.githubusercontent.com/4459398/137045023-d0ae987c-a474-4123-a05b-a6ad2fc52922.png) _Above: The Alerts `Trend` `Stack by` fields (after the addition of the `process.name`, `file.name`, and `hash.sha256` fields)_ CC: @monina-n @paulewing		2021-10-16 14:44:19 -04:00
.buildkite	Disable APM e2e tests	2021-10-15 17:35:04 -04:00
.ci
.github	Add API integration tests for Interactive Setup. (#111879 )	2021-10-14 20:14:01 +02:00
api_docs	Add pluginTeam to plugin API ci stats (#115007 )	2021-10-14 11:54:35 -04:00
config	fix default appender config example (#115159 )	2021-10-15 16:24:05 +02:00
dev_docs	Update kibana_platform_plugin_intro with more details on packages vs plugins (#114713 )	2021-10-13 14:01:46 -04:00
docs	fix default appender config example (#115159 )	2021-10-15 16:24:05 +02:00
examples	Replace EuiCodeEditor with CodeEditor in app-services code (#114316 )	2021-10-13 14:52:48 +02:00
legacy_rfcs
licenses
packages	[Security Solutions] Fix host isolation exception list showing up on the exceptions list (#114987 )	2021-10-15 15:30:42 -04:00
plugins
scripts	Add API integration tests for Interactive Setup. (#111879 )	2021-10-14 20:14:01 +02:00
src	[build] Dockerfile update (#115237 )	2021-10-15 23:05:37 +01:00
test	Removes deprecated telemetry.url and telemetry.optInStatusUrl from telemetry plugin config (#114737 )	2021-10-15 14:26:43 -04:00
typings
vars	Disable APM e2e tests	2021-10-15 17:35:04 -04:00
x-pack	[Security Solution] Restores Alerts table local storage persistence and the Remove Column action (#114742 )	2021-10-16 14:44:19 -04:00
.backportrc.json
.bazelignore
.bazeliskversion
.bazelrc
.bazelrc.common
.bazelversion
.browserslistrc
.editorconfig
.eslintignore
.eslintrc.js	[Security solutions] Adds linter rule to forbid usage of no-non-null-assertion (TypeScript ! bang operator) (#114375 )	2021-10-14 20:24:01 -06:00
.fossa.yml
.gitattributes
.gitignore
.i18nrc.json	[MetricVis] Move the expression function and renderer to a separate plugin. (#113427 )	2021-10-08 08:42:44 +03:00
.node-version
.npmrc
.nvmrc
.prettierignore
.prettierrc
.stylelintignore
.stylelintrc
.telemetryrc.json
.yarnrc
api-documenter.json
BUILD.bazel
CODE_OF_CONDUCT.md
CONTRIBUTING.md
FAQ.md
github_checks_reporter.json
Jenkinsfile
jest.config.integration.js
jest.config.js
kibana.d.ts
LICENSE.txt
NOTICE.txt
package.json	[i18n] remove angular i18n and move the remains to monitoring plugin (#115003 )	2021-10-15 12:09:19 +03:00
preinstall_check.js
README.md
renovate.json5	[deps] Renovate-bot default to draftPR and datavis reviewers (#114060 )	2021-10-15 10:20:30 +02:00
RISK_MATRIX.mdx
SECURITY.md
STYLEGUIDE.mdx
tsconfig.base.json
tsconfig.bazel.json
tsconfig.browser.json
tsconfig.browser_bazel.json
tsconfig.json
tsconfig.types.json
TYPESCRIPT.md
WORKSPACE.bazel
yarn.lock	[i18n] remove angular i18n and move the remains to monitoring plugin (#115003 )	2021-10-15 12:09:19 +03:00

README.md

Kibana

Kibana is your window into the Elastic Stack. Specifically, it's a browser-based analytics and search dashboard for Elasticsearch.

Getting Started
- Using a Kibana Release
- Building and Running Kibana, and/or Contributing Code
Documentation
Version Compatibility with Elasticsearch
Questions? Problems? Suggestions?

Getting Started

If you just want to try Kibana out, check out the Elastic Stack Getting Started Page to give it a whirl.

If you're interested in diving a bit deeper and getting a taste of Kibana's capabilities, head over to the Kibana Getting Started Page.

Using a Kibana Release

If you want to use a Kibana release in production, give it a test run, or just play around:

Download the latest version on the Kibana Download Page.
Learn more about Kibana's features and capabilities on the Kibana Product Page.
We also offer a hosted version of Kibana on our Cloud Service.

Building and Running Kibana, and/or Contributing Code

You might want to build Kibana locally to contribute some code, test out the latest features, or try out an open PR:

CONTRIBUTING.md will help you get Kibana up and running.
If you would like to contribute code, please follow our STYLEGUIDE.mdx.
For all other questions, check out the FAQ.md and wiki.

Documentation

Visit Elastic.co for the full Kibana documentation.

For information about building the documentation, see the README in elastic/docs.

Version Compatibility with Elasticsearch

Ideally, you should be running Elasticsearch and Kibana with matching version numbers. If your Elasticsearch has an older version number or a newer major number than Kibana, then Kibana will fail to run. If Elasticsearch has a newer minor or patch number than Kibana, then the Kibana Server will log a warning.

Note: The version numbers below are only examples, meant to illustrate the relationships between different types of version numbers.

Situation	Example Kibana version	Example ES version	Outcome
Versions are the same.	5.1.2	5.1.2	💚 OK
ES patch number is newer.	5.1.2	5.1.5	⚠️ Logged warning
ES minor number is newer.	5.1.2	5.5.0	⚠️ Logged warning
ES major number is newer.	5.1.2	6.0.0	🚫 Fatal error
ES patch number is older.	5.1.2	5.1.0	⚠️ Logged warning
ES minor number is older.	5.1.2	5.0.0	🚫 Fatal error
ES major number is older.	5.1.2	4.0.0	🚫 Fatal error

Questions? Problems? Suggestions?

If you've found a bug or want to request a feature, please create a GitHub Issue. Please check to make sure someone else hasn't already created an issue for the same topic.
Need help using Kibana? Ask away on our Kibana Discuss Forum and a fellow community member or Elastic engineer will be glad to help you out.