Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.17] [Security Solution] Fix timeline dynamic batching (#204034) #205676

Open
wants to merge 4 commits into
base: 8.17
Choose a base branch
from
Open

[8.17] [Security Solution] Fix timeline dynamic batching (#204034) #205676

wants to merge 4 commits into from
+858 −1,122

Conversation

logeekal
Copy link
Contributor

@logeekal logeekal commented Jan 7, 2025

Backport

This will backport the following commits from main to 8.17:

Questions ?

Please refer to the Backport tool documentation

@logeekal
[Security Solution] Fix timeline dynamic batching (elastic#204034)
4f46f7c 
## Summary

Handles :

### Issue with Batches
- elastic#201405
- Timeline had a bug where if users fetched multiple batches and then if
user adds a new column, the value of this new columns will only be
fetched for the latest batch and not old batches.
- This PR fixes that ✅ by cumulatively fetching the data for old batches
till current batch `iff a new column has been added`.
- For example, if user has already fetched the 3rd batch, data for
1st,2nd and 3rd will be fetched together when a column has been added,
otherwise, data will be fetched incrementally.

### Issue with Elastic search limit

- Elastic search has a limit of 10K hits at max but we throw error at
10K which should be allowed.
    - Error should be thrown at anything `>10K`. 10001 for example.
    - ✅  This PR fixes that just for timeline by allowing 10K hits.

### Removal of obsolete code

Below files related to old Timeline code are removed as well:
-
x-pack/plugins/security_solution/public/timelines/components/timeline/footer/index.test.tsx
-
x-pack/plugins/security_solution/public/timelines/components/timeline/footer/index.tsx

---------

Co-authored-by: Philippe Oberti <[email protected]>
(cherry picked from commit 088169f)

# Conflicts:
#	packages/kbn-babel-preset/styled_components_files.js
#	x-pack/plugins/security_solution/public/common/mock/mock_timeline_search_service.ts
#	x-pack/plugins/security_solution/public/timelines/components/timeline/footer/index.test.tsx
#	x-pack/plugins/security_solution/public/timelines/components/timeline/footer/index.tsx
#	x-pack/plugins/security_solution/public/timelines/components/timeline/tabs/query/index.tsx
#	x-pack/solutions/security/plugins/security_solution/public/timelines/containers/index.test.tsx
@logeekal logeekal enabled auto-merge (squash) January 7, 2025 07:20
@logeekal logeekal mentioned this pull request Jan 7, 2025
Merged
1 task
@elasticmachine
Copy link
Contributor

elasticmachine commented Jan 7, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

Test Failures

  • [job] [logs] Investigations - Security Solution Cypress Tests #2 / Unified Timeline table Row Actions should refresh the table when alert status is changed should refresh the table when alert status is changed

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 13.3MB 13.3MB +612.0B

History

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kibanamachine kibanamachine Awaiting requested review from kibanamachine kibanamachine is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@logeekal @elasticmachine