-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[8.x] [Security Solution] Update alert kpi to exclude closed alerts i…
…n document details flyout (#200268) (#200642) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Update alert kpi to exclude closed alerts in document details flyout (#200268)](#200268) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"christineweng","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-18T19:42:34Z","message":"[Security Solution] Update alert kpi to exclude closed alerts in document details flyout (#200268)\n\n## Summary\r\n\r\nThis PR made some changes to the alert count API in document details\r\nflyout. Closed alerts are now removed when showing total count and\r\ndistributions. Data fetching logic is updated to match the one used in\r\nhost flyout (https://github.com/elastic/kibana/pull/197102).\r\n\r\nNotable changes:\r\n- Closed alerts are now excluded\r\n- Number of alerts in alerts flyout should match the ones in host flyout\r\n- Clicking the number will open timeline with the specific entity and\r\n`NOT kibana.alert.workflow_status: closed` filters\r\n- If a host/user does not have active alerts (all closed), no\r\ndistribution bar is shown\r\n\r\n\r\nhttps://github.com/user-attachments/assets/3a1d6e36-527e-4b62-816b-e1f4de7314ca\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"a37a02efcff84282aafb1b94778fd09f0f2025f0","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","backport","v9.0.0","Team:Threat Hunting","Team:Threat Hunting:Investigations","v8.17.0"],"title":"[Security Solution] Update alert kpi to exclude closed alerts in document details flyout","number":200268,"url":"https://github.com/elastic/kibana/pull/200268","mergeCommit":{"message":"[Security Solution] Update alert kpi to exclude closed alerts in document details flyout (#200268)\n\n## Summary\r\n\r\nThis PR made some changes to the alert count API in document details\r\nflyout. Closed alerts are now removed when showing total count and\r\ndistributions. Data fetching logic is updated to match the one used in\r\nhost flyout (https://github.com/elastic/kibana/pull/197102).\r\n\r\nNotable changes:\r\n- Closed alerts are now excluded\r\n- Number of alerts in alerts flyout should match the ones in host flyout\r\n- Clicking the number will open timeline with the specific entity and\r\n`NOT kibana.alert.workflow_status: closed` filters\r\n- If a host/user does not have active alerts (all closed), no\r\ndistribution bar is shown\r\n\r\n\r\nhttps://github.com/user-attachments/assets/3a1d6e36-527e-4b62-816b-e1f4de7314ca\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"a37a02efcff84282aafb1b94778fd09f0f2025f0"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/200268","number":200268,"mergeCommit":{"message":"[Security Solution] Update alert kpi to exclude closed alerts in document details flyout (#200268)\n\n## Summary\r\n\r\nThis PR made some changes to the alert count API in document details\r\nflyout. Closed alerts are now removed when showing total count and\r\ndistributions. Data fetching logic is updated to match the one used in\r\nhost flyout (https://github.com/elastic/kibana/pull/197102).\r\n\r\nNotable changes:\r\n- Closed alerts are now excluded\r\n- Number of alerts in alerts flyout should match the ones in host flyout\r\n- Clicking the number will open timeline with the specific entity and\r\n`NOT kibana.alert.workflow_status: closed` filters\r\n- If a host/user does not have active alerts (all closed), no\r\ndistribution bar is shown\r\n\r\n\r\nhttps://github.com/user-attachments/assets/3a1d6e36-527e-4b62-816b-e1f4de7314ca\r\n\r\n\r\n\r\n### Checklist\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"a37a02efcff84282aafb1b94778fd09f0f2025f0"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: christineweng <[email protected]>
- Loading branch information
1 parent
6b57073
commit f41ddf0
Showing
6 changed files
with
211 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.