maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/docs/management
History
Andrew Goldstein 56ff721867
[SIEM] New Overview Page (#54783) 
## [SIEM] Overview Page "1.5"

A redesigned SIEM Overview page that includes `Recent timelines`, a `Security news` feed, visualizations, and rolled-up event counts

![overview-day](https://user-images.githubusercontent.com/4459398/72396016-90f53600-36f8-11ea-9b41-6d54d09de589.png)

![overview-night](https://user-images.githubusercontent.com/4459398/72394575-fb57a780-36f3-11ea-868e-8fcd2c5c4543.png)

### Overview enhancements
- Added the global Search bar and Date picker to the Overview page
- New `Recent timelines` widget affords quick access to favorite and recently modified timelines
- New `Security news` widget
- New Kibana advanced settings (toggle switch) for enabling or disabling the news widget and configuring the news URL
![news-settings](https://user-images.githubusercontent.com/4459398/72362776-fd4c4700-36b0-11ea-805b-3c7353f2c1cd.png)
- New `Events count by dataset` widget
- Updated the `Host Events` and `Network Events` widgets to integrate with the Search bar and date picker input
- Enhanced the `Host Events` and `Network Events` widgets to use an accordion paradigm that summarizes stats by source (e.g. `Auditbeat`, `Endgame`)
- Enhanced the `Host Events` and `Network Events` widgets to visualize relative percentages of events collected as progress bars
- New `Alerts count by category` widget
- New `Signals count by MITRE ATT&CK™ category` widget
- New `View events`, `View alerts`, and `View signals` navigation buttons for their respective visualizations


### FTUE enhancements
- FTUE "no data" view design refresh
![ftue](https://user-images.githubusercontent.com/4459398/72361771-43a0a680-36af-11ea-969f-5872ac4a01a1.png)
- When the FTUE "no data" page is displayed, hide all global navigation links (i.e. `Hosts`, `Network`, `Detection engine`), such that only `Overview` appears in the global nav
- App Help popover design refresh
![help](https://user-images.githubusercontent.com/4459398/72362132-d80b0900-36af-11ea-9b58-1fd3b923b7c8.png)
- Removed the `Beta` badge and `Security Information & Event Management with the Elastic Stack` from the Overview header

- Tested in Chrome `79.0.3945.117`, Firefox `72.0.1`, and Safari `13.0.4`

## Known issues

- The `siem:newsFeedUrl` advanced setting is defaulted to `https://feeds.elastic.co/kibana`
- The `Signals count by MITRE ATT&CK™ category` visualization does not display all categories
- The `Signals count by MITRE ATT&CK™ category` visualization may require a different index pattern
- `EuiButtonGroup` throwing a `Can't perform a React state update on an unmounted component` warning when switching from the Overview tab

https://github.com/elastic/siem-team/issues/484
2020-01-14 21:03:57 -07:00
..
field-formatters Re-introducing docs on image url (#52458) 2019-12-07 14:54:56 +00:00
index-lifecycle-policies
index-patterns/images [DOCS] Moves index pattern doc to Discover (#53347) 2020-01-07 10:43:40 -08:00
rollups
snapshot-restore [DOCS] Updated links to snapshot-restore docs. (#52151) 2020-01-09 16:12:15 -08:00
upgrade-assistant
watcher-ui [DOCS] Updates links to Stack Overview (#48582) 2019-10-17 14:41:13 -07:00
advanced-options.asciidoc [SIEM] New Overview Page (#54783) 2020-01-14 21:03:57 -07:00
index-patterns.asciidoc [DOCS] Moves index pattern doc to Discover (#53347) 2020-01-07 10:43:40 -08:00
managing-beats.asciidoc [DOCS] Mark Beats central management as discontinued (#49423) 2019-11-18 11:17:40 -08:00
managing-fields.asciidoc [DOCS] Fixes moment.js link (#51210) 2019-11-20 13:08:27 -06:00
managing-indices.asciidoc [DOCS] Fixes broken links (#51634) 2019-11-26 12:36:35 -08:00
managing-licenses.asciidoc [DOCS] Adds licence expiry details (#54081) 2020-01-09 09:28:08 -08:00
managing-remote-clusters.asciidoc [DOCS] Updates links to Stack Overview (#48582) 2019-10-17 14:41:13 -07:00
managing-saved-objects.asciidoc