Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Cloud Security] Adds KQL filter to graph component #205570

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

[Cloud Security] Adds KQL filter to graph component #205570

wants to merge 6 commits into from

Conversation

kfirpeled
Copy link
Contributor

@kfirpeled kfirpeled commented Jan 5, 2025
edited
Loading

Summary

This PR includes the following changes to the graph investigation component:

  • Added KQL filter to graph investigation component
  • Shows toast message on syntax error
  • Includes the KQL filter in timeline investigation through the graph
Screen.Recording.2025-01-08.at.14.43.22.mov

How to test:

To test this PR using storybook (alternatively access to storybooks attached to this build)

yarn storybook cloud_security_posture_packages

To test e2e:

  • Enable the feature flag

kibana.dev.yml:

uiSettings.overrides.securitySolution:enableVisualizationsInFlyout: true
xpack.securitySolution.enableExperimental: ['graphVisualizationInFlyoutEnabled']
  • Load mocked data:
node scripts/es_archiver load x-pack/test/cloud_security_posture_functional/es_archives/logs_gcp_audit \ 
  --es-url http://elastic:changeme@localhost:9200 \
  --kibana-url http://elastic:changeme@localhost:5601

node scripts/es_archiver load x-pack/test/cloud_security_posture_functional/es_archives/security_alerts \
  --es-url http://elastic:changeme@localhost:9200 \
  --kibana-url http://elastic:changeme@localhost:5601
  • Make sure you include data from Oct 13 2024. (in the video I use Last year)

To run FTR tests:

yarn test:ftr:server --config x-pack/test/cloud_security_posture_functional/config.ts
yarn test:ftr:runner --config x-pack/test/cloud_security_posture_functional/config.ts --grep="Graph visualization"
E2E tests 📹
Screen.Recording.2025-01-08.at.14.22.22.mov

Checklist

@kfirpeled kfirpeled linked an issue Jan 5, 2025 that may be closed by this pull request
Add search bar to graph investigation #204975
Open
3 tasks
@kfirpeled
Added kql filter to graph investigation
571da79 
- Filters based on KQL filter
- Added e2e tests and UT
- Shows toast message on syntax error
- Adapts the kql filter when open timeline for investigation
@kfirpeled kfirpeled force-pushed the cspm/graph-add-kql-filter branch from 4ec15fe to 571da79 Compare January 8, 2025 14:33
@kfirpeled kfirpeled added release_note:skip Skip the PR/issue when compiling release notes Team:Cloud Security Cloud Security team related backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) labels Jan 8, 2025
@kfirpeled kfirpeled marked this pull request as ready for review January 8, 2025 14:46
@kfirpeled kfirpeled requested review from a team as code owners January 8, 2025 14:46
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-cloud-security-posture (Team:Cloud Security)

@kfirpeled kfirpeled changed the title [WIP] [Cloud Security] Adds KQL filter to graph component [Cloud Security] Adds KQL filter to graph component Jan 8, 2025
@kibanamachine
Copy link
Contributor

Flaky Test Runner Stats

🎉 All tests passed! - kibana-flaky-test-suite-runner#7669

[✅] x-pack/test/cloud_security_posture_functional/config.ts: 25/25 tests passed.

see run history

opauloh
opauloh reviewed Jan 8, 2025
View reviewed changes
...curity-posture/graph/src/components/graph_investigation/graph_investigation.stories.test.tsx
});

it('calls refresh on submit button click', () => {
const mockRefresh = action('refresh');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For better maintainability, we should define a central place where we store Storybook actions in a constant, otherwise, as it grows it can become tricky to understand where actions such as refresh and notifications:addError are coming from

@elasticmachine
Copy link
Contributor

elasticmachine commented Jan 8, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 22.2MB 22.2MB +1.5KB

History

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@opauloh opauloh opauloh left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) release_note:skip Skip the PR/issue when compiling release notes Team:Cloud Security Cloud Security team related
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add search bar to graph investigation
4 participants
@kfirpeled @elasticmachine @kibanamachine @opauloh