Skip to content

Commit

Permalink
[8.x] [Cloud Security] Alerts Datagrids for Contextual Flyout (elasti…
Browse files Browse the repository at this point in the history
…c#199573) (elastic#200245)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security] Alerts Datagrids for Contextual Flyout
(elastic#199573)](elastic#199573)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Rickyanto
Ang","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-14T19:07:26Z","message":"[Cloud
Security] Alerts Datagrids for Contextual Flyout (elastic#199573)\n\n##
Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual
Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for
User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot
2024-11-14 at 9 08
26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<[email protected]>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud
Security","backport:prev-minor","v8.17.0"],"title":"[Cloud Security]
Alerts Datagrids for Contextual
Flyout","number":199573,"url":"https://github.com/elastic/kibana/pull/199573","mergeCommit":{"message":"[Cloud
Security] Alerts Datagrids for Contextual Flyout (elastic#199573)\n\n##
Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual
Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for
User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot
2024-11-14 at 9 08
26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<[email protected]>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/199573","number":199573,"mergeCommit":{"message":"[Cloud
Security] Alerts Datagrids for Contextual Flyout (elastic#199573)\n\n##
Summary\r\n\r\nThis PR is for Alerts Datagrid component in Contextual
Flyout\r\n\r\nThis PR is for Alerts Datagrid in Contextual Flyout for
User name and\r\nHost name\r\n<img width=\"1480\" alt=\"Screenshot
2024-11-14 at 9 08
26 AM\"\r\nsrc=\"https://github.com/user-attachments/assets/46a254c8-b7f1-4b63-9637-2b1c281d5502\">\r\n\r\n---------\r\n\r\nCo-authored-by:
kibanamachine
<[email protected]>","sha":"ab965f75a6bdfb75e2a29454d8f3830d0cf4cf18"}},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Rickyanto Ang <[email protected]>
  • Loading branch information
kibanamachine and animehart authored Nov 14, 2024
1 parent 7ef99b3 commit aacda97
Show file tree
Hide file tree
Showing 18 changed files with 693 additions and 30 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import {
defaultErrorMessage,
buildMutedRulesFilter,
buildEntityFlyoutPreviewQuery,
buildEntityAlertsQuery,
} from './helpers';

const fallbackMessage = 'thisIsAFallBackMessage';
Expand Down Expand Up @@ -182,4 +183,78 @@ describe('test helper methods', () => {
expect(buildEntityFlyoutPreviewQuery(field)).toEqual(expectedQuery);
});
});

describe('buildEntityAlertsQuery', () => {
const getExpectedAlertsQuery = (size?: number) => {
return {
size: size || 0,
_source: false,
fields: [
'_id',
'_index',
'kibana.alert.rule.uuid',
'kibana.alert.severity',
'kibana.alert.rule.name',
'kibana.alert.workflow_status',
],
query: {
bool: {
filter: [
{
bool: {
must: [],
filter: [
{
match_phrase: {
'host.name': {
query: 'exampleHost',
},
},
},
],
should: [],
must_not: [],
},
},
{
range: {
'@timestamp': {
gte: 'Today',
lte: 'Tomorrow',
},
},
},
{
terms: {
'kibana.alert.workflow_status': ['open', 'acknowledged'],
},
},
],
},
},
};
};

it('should return the correct query when given all params', () => {
const field = 'host.name';
const query = 'exampleHost';
const to = 'Tomorrow';
const from = 'Today';
const size = 100;

expect(buildEntityAlertsQuery(field, to, from, query, size)).toEqual(
getExpectedAlertsQuery(size)
);
});

it('should return the correct query when not given size', () => {
const field = 'host.name';
const query = 'exampleHost';
const to = 'Tomorrow';
const from = 'Today';
const size = undefined;

expect(buildEntityAlertsQuery(field, to, from, query)).toEqual(getExpectedAlertsQuery(size));
});
});
});
57 changes: 57 additions & 0 deletions x-pack/packages/kbn-cloud-security-posture/common/utils/helpers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
* 2.0.
*/
import { QueryDslQueryContainer } from '@kbn/data-views-plugin/common/types';

import { i18n } from '@kbn/i18n';
import type { CspBenchmarkRulesStates } from '../schema/rules/latest';

Expand Down Expand Up @@ -62,3 +63,59 @@ export const buildEntityFlyoutPreviewQuery = (field: string, queryValue?: string
},
};
};

export const buildEntityAlertsQuery = (
field: string,
to: string,
from: string,
queryValue?: string,
size?: number
) => {
return {
size: size || 0,
_source: false,
fields: [
'_id',
'_index',
'kibana.alert.rule.uuid',
'kibana.alert.severity',
'kibana.alert.rule.name',
'kibana.alert.workflow_status',
],
query: {
bool: {
filter: [
{
bool: {
must: [],
filter: [
{
match_phrase: {
[field]: {
query: queryValue,
},
},
},
],
should: [],
must_not: [],
},
},
{
range: {
'@timestamp': {
gte: from,
lte: to,
},
},
},
{
terms: {
'kibana.alert.workflow_status': ['open', 'acknowledged'],
},
},
],
},
},
};
};
Original file line number Diff line number Diff line change
Expand Up @@ -40,10 +40,11 @@ export const useMisconfigurationFindings = (options: UseCspOptions) => {
params: buildMisconfigurationsFindingsQuery(options, rulesStates!),
})
);
if (!aggregations) throw new Error('expected aggregations to be defined');
if (!aggregations && options.ignore_unavailable === false)
throw new Error('expected aggregations to be defined');

return {
count: getMisconfigurationAggregationCount(aggregations.count.buckets),
count: getMisconfigurationAggregationCount(aggregations?.count.buckets),
rows: hits.hits.map((finding) => ({
result: finding._source?.result,
rule: finding?._source?.rule,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,9 @@ import { AlertsPreview } from './alerts_preview';
import { TestProviders } from '../../../common/mock/test_providers';
import { useExpandableFlyoutApi } from '@kbn/expandable-flyout';
import type { ParsedAlertsData } from '../../../overview/components/detection_response/alerts_by_status/types';
import { useMisconfigurationPreview } from '@kbn/cloud-security-posture/src/hooks/use_misconfiguration_preview';
import { useVulnerabilitiesPreview } from '@kbn/cloud-security-posture/src/hooks/use_vulnerabilities_preview';
import { useRiskScore } from '../../../entity_analytics/api/hooks/use_risk_score';

const mockAlertsData: ParsedAlertsData = {
open: {
Expand All @@ -29,16 +32,24 @@ const mockAlertsData: ParsedAlertsData = {
},
};

jest.mock(
'../../../detections/components/alerts_kpis/alerts_summary_charts_panel/use_summary_chart_data'
);
// Mock hooks
jest.mock('@kbn/cloud-security-posture/src/hooks/use_misconfiguration_preview');
jest.mock('@kbn/cloud-security-posture/src/hooks/use_vulnerabilities_preview');
jest.mock('../../../entity_analytics/api/hooks/use_risk_score');
jest.mock('@kbn/expandable-flyout');

describe('AlertsPreview', () => {
const mockOpenLeftPanel = jest.fn();

beforeEach(() => {
(useExpandableFlyoutApi as jest.Mock).mockReturnValue({ openLeftPanel: mockOpenLeftPanel });
(useVulnerabilitiesPreview as jest.Mock).mockReturnValue({
data: { count: { CRITICAL: 0, HIGH: 1, MEDIUM: 1, LOW: 0, UNKNOWN: 0 } },
});
(useRiskScore as jest.Mock).mockReturnValue({ data: [{ host: { risk: 75 } }] });
(useMisconfigurationPreview as jest.Mock).mockReturnValue({
data: { count: { passed: 1, failed: 1 } },
});
});
afterEach(() => {
jest.clearAllMocks();
Expand All @@ -47,17 +58,17 @@ describe('AlertsPreview', () => {
it('renders', () => {
const { getByTestId } = render(
<TestProviders>
<AlertsPreview alertsData={mockAlertsData} />
<AlertsPreview alertsData={mockAlertsData} name="host1" fieldName="host.name" />
</TestProviders>
);

expect(getByTestId('securitySolutionFlyoutInsightsAlertsTitleText')).toBeInTheDocument();
expect(getByTestId('securitySolutionFlyoutInsightsAlertsTitleLink')).toBeInTheDocument();
});

it('renders correct alerts number', () => {
const { getByTestId } = render(
<TestProviders>
<AlertsPreview alertsData={mockAlertsData} />
<AlertsPreview alertsData={mockAlertsData} name="host1" fieldName="host.name" />
</TestProviders>
);

Expand All @@ -67,7 +78,7 @@ describe('AlertsPreview', () => {
it('should render the correct number of distribution bar section based on the number of severities', () => {
const { queryAllByTestId } = render(
<TestProviders>
<AlertsPreview alertsData={mockAlertsData} />
<AlertsPreview alertsData={mockAlertsData} name="host1" fieldName="host.name" />
</TestProviders>
);

Expand Down
Loading

0 comments on commit aacda97

Please sign in to comment.