From 26fbac56669314da2652726f9bea97e7d4f3ca66 Mon Sep 17 00:00:00 2001 From: Michael Olorunnisola Date: Tue, 18 Oct 2022 12:29:34 -0400 Subject: [PATCH] show threat data in flyout --- .../event_details/event_details.tsx | 29 ++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/public/common/components/event_details/event_details.tsx b/x-pack/plugins/security_solution/public/common/components/event_details/event_details.tsx index c63fcf7bf5c3a..228c0027c8f39 100644 --- a/x-pack/plugins/security_solution/public/common/components/event_details/event_details.tsx +++ b/x-pack/plugins/security_solution/public/common/components/event_details/event_details.tsx @@ -15,11 +15,14 @@ import { EuiFlexGroup, EuiFlexItem, EuiLoadingSpinner, + EuiTitle, } from '@elastic/eui'; import React, { useCallback, useMemo, useState } from 'react'; import styled from 'styled-components'; +import { css } from '@emotion/css'; import { isEmpty } from 'lodash'; +import { getMitreTitleAndDescription } from '../../../detections/pages/alert_details/tabs/summary/get_mitre_threat_component'; import type { AlertRawEventData } from './osquery_tab'; import { useOsqueryTab } from './osquery_tab'; import { EventFieldsBrowser } from './event_fields_browser'; @@ -50,6 +53,13 @@ import { defaultRowRenderers } from '../../../timelines/components/timeline/body export const EVENT_DETAILS_CONTEXT_ID = 'event-details'; +const threatTacticContainerStyles = css` + flex-wrap: nowrap; + & .euiFlexGroup { + flex-wrap: nowrap; + } +`; + type EventViewTab = EuiTabbedContentTab; export type EventViewId = @@ -160,6 +170,7 @@ const EventDetailsComponent: React.FC = ({ range, } = useInvestigationTimeEnrichment(eventFields); + const threatDetails = useMemo(() => getMitreTitleAndDescription(data), [data]); const allEnrichments = useMemo(() => { if (isEnrichmentsLoading || !enrichmentsResponse?.enrichments) { return existingEnrichments; @@ -227,7 +238,22 @@ const EventDetailsComponent: React.FC = ({ }} goToTable={goToTableTab} /> - + + + {threatDetails && threatDetails[0] && ( + <> + +
{threatDetails[0].title}
+
+ {threatDetails[0].description} + + )} +
= ({ isLicenseValid, isReadOnly, renderer, + threatDetails, timelineId, userRisk, ]