Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.x] [Security Solution][Serverless] - Improve security solution performance (#194241) #194588

Merged
merged 1 commit into from
Oct 1, 2024
Merged

[8.x] [Security Solution][Serverless] - Improve security solution performance (#194241) #194588

merged 1 commit into from
Oct 1, 2024

Conversation

michaelolo24
Copy link
Contributor

Backport

This will backport the following commits from main to 8.x:

Questions ?

Please refer to the Backport tool documentation

@michaelolo24
[Security Solution][Serverless] - Improve security solution performan…
fe33c66 
…ce (elastic#194241)

## Summary

The goal of this PR is to improve the default performance of many of our
security solution views.

1. Upon scale testing, it was observed that the default events histogram
aggregation was a source of application slowness, so to improve the
performance of the default security experience, we've made the default
breakdown for the events histogram `No Breakdown` similar to what is
seen in the default discover histogram experience.

2. After looking through some telemetry, it was observed that the field
list query run in the background for timeline can also take a
significant amount of time based on the user's field count, so we now
only run that query after timeline has been opened.

### Demos
#### 1. By default the events visualizations on the overview and explore
events pages will not have an aggregation. The user will have to
manually select the breakdown they desire:
elastic@d354d27

https://github.com/user-attachments/assets/a6d6987b-73fc-4735-9c37-973917c2fa2d

#### 2. Timeline fields list will only load after the first interaction
with timeline:
elastic@ad55726

**Before:**

https://github.com/user-attachments/assets/0ad2e903-ac15-4daa-925b-da8ad05e80dd

**After:**

https://github.com/user-attachments/assets/27d5d3d5-02c8-49b5-b699-239ebc36b16c
(cherry picked from commit e45d97b)
@michaelolo24 michaelolo24 enabled auto-merge (squash) October 1, 2024 14:19
@michaelolo24 michaelolo24 mentioned this pull request Oct 1, 2024
Merged
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 20.5MB 20.5MB +710.0B
Unknown metric groups

ESLint disabled line counts

id before after diff
securitySolution 542 543 +1

Total ESLint disabled count

id before after diff
securitySolution 628 629 +1

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@michaelolo24 michaelolo24 merged commit ca251ff into elastic:8.x Oct 1, 2024
34 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@janmonschke janmonschke janmonschke approved these changes

Assignees
No one assigned
Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@michaelolo24 @kibana-ci @janmonschke