Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SecuritySolutions] Create Asset Criticality CSV upload page #179891

Merged
merged 23 commits into from
Apr 12, 2024
Merged

[SecuritySolutions] Create Asset Criticality CSV upload page #179891

Show file tree
Hide file tree
Changes from 20 commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
8e15b90
Create a proof of concept to determine CSV parsing feasibility on cli…
machadoum Apr 2, 2024
7867e32
Improve first step
machadoum Apr 4, 2024
462ad83
Improve errors and rename asset classification to criticality
machadoum Apr 8, 2024
451dae9
Update example message
machadoum Apr 9, 2024
b5f53d9
Refactor and added some template tests
machadoum Apr 9, 2024
0a8fd96
Add last unit tests
machadoum Apr 10, 2024
f7b2341
Add asset criticality documentation link
machadoum Apr 10, 2024
ceee31c
Change column order on docs
machadoum Apr 10, 2024
adc63fb
Update translations
machadoum Apr 10, 2024
5623014
Update UI to match new types for AssetCriticalityCsvUploadResponse
machadoum Apr 10, 2024
b1b2eb7
Add cypress test
machadoum Apr 10, 2024
04aec07
Update one more copy
machadoum Apr 10, 2024
22d3ddf
Add telemetry
hop-dev Apr 10, 2024
00d95aa
Improve reducer state type
machadoum Apr 11, 2024
781624a
Self code review improvements
machadoum Apr 11, 2024
38c5603
Fix foolish errors
machadoum Apr 11, 2024
5007db5
Code review improvements 1 of 999
machadoum Apr 11, 2024
effe9ed
Fix CI
machadoum Apr 11, 2024
8f0b160
Code review improvements 2 of 999
machadoum Apr 11, 2024
8006df9
Fix CI 2
machadoum Apr 11, 2024
0b2b8fc
Code review improvement + fix broken cy test
machadoum Apr 12, 2024
515714c
Merge remote-tracking branch 'kibana/main' into siem-ea-9047
machadoum Apr 12, 2024
21f2fbc
Fix CI
machadoum Apr 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions packages/deeplinks/security/deep_links.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,5 +80,6 @@ export enum SecurityPageName {
usersRisk = 'users-risk',
entityAnalytics = 'entity_analytics',
entityAnalyticsManagement = 'entity_analytics-management',
entityAnalyticsAssetClassification = 'entity_analytics-asset-classification',
coverageOverview = 'coverage-overview',
}
1 change: 1 addition & 0 deletions packages/kbn-doc-links/src/get_doc_links.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -483,6 +483,7 @@ export const getDocLinks = ({ kibanaBranch, buildFlavor }: GetDocLinkOptions): D
hostRiskScore: `${SECURITY_SOLUTION_DOCS}host-risk-score.html`,
userRiskScore: `${SECURITY_SOLUTION_DOCS}user-risk-score.html`,
entityRiskScoring: `${SECURITY_SOLUTION_DOCS}entity-risk-scoring.html`,
assetCriticality: `${SECURITY_SOLUTION_DOCS}asset-criticality.html`,
},
detectionEngineOverview: `${SECURITY_SOLUTION_DOCS}detection-engine-overview.html`,
},
Expand Down
1 change: 1 addition & 0 deletions packages/kbn-doc-links/src/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -358,6 +358,7 @@ export interface DocLinks {
readonly hostRiskScore: string;
readonly userRiskScore: string;
readonly entityRiskScoring: string;
readonly assetCriticality: string;
};
readonly detectionEngineOverview: string;
};
Expand Down
2 changes: 2 additions & 0 deletions x-pack/plugins/security_solution/common/constants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,8 @@ export const BLOCKLIST_PATH = `${MANAGEMENT_PATH}/blocklist` as const;
export const RESPONSE_ACTIONS_HISTORY_PATH = `${MANAGEMENT_PATH}/response_actions_history` as const;
export const ENTITY_ANALYTICS_PATH = '/entity_analytics' as const;
export const ENTITY_ANALYTICS_MANAGEMENT_PATH = `/entity_analytics_management` as const;
export const ENTITY_ANALYTICS_ASSET_CRITICALITY_PATH =
`/entity_analytics_asset_criticality` as const;
export const APP_OVERVIEW_PATH = `${APP_PATH}${OVERVIEW_PATH}` as const;
export const APP_LANDING_PATH = `${APP_PATH}${LANDING_PATH}` as const;
export const APP_DETECTION_RESPONSE_PATH = `${APP_PATH}${DETECTION_RESPONSE_PATH}` as const;
Expand Down
7 changes: 7 additions & 0 deletions x-pack/plugins/security_solution/public/app/translations.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,13 @@ export const ENTITY_ANALYTICS_RISK_SCORE = i18n.translate(
}
);

export const ASSET_CRITICALITY = i18n.translate(
'xpack.securitySolution.navigation.assetCriticality',
{
defaultMessage: 'Asset criticality',
}
);

export const DETECTION_RESPONSE = i18n.translate(
'xpack.securitySolution.navigation.detectionResponse',
{
Expand Down
43 changes: 43 additions & 0 deletions x-pack/plugins/security_solution/public/common/icons/asset_criticality.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0; you may not use this file except in compliance with the Elastic License
* 2.0.
*/
import type { SVGProps } from 'react';
import React from 'react';
export const IconAssetCriticality: React.FC<SVGProps<SVGSVGElement>> = ({ ...props }) => (
<svg
fill="none"
xmlns="http://www.w3.org/2000/svg"
width="16"
height="16"
viewBox="0 0 32 32"
{...props}
>
<path
fillRule="evenodd"
clipRule="evenodd"
d="M4 24C6.20928 24 8 22.2093 8 20C8 17.7907 6.20928 16 4 16C1.79072 16 0 17.7907 0 20C0 22.2093 1.79072 24 4 24ZM4 18C5.10472 18 6 18.8953 6 20C6 21.1047 5.10472 22 4 22C2.89528 22 2 21.1047 2 20C2 18.8953 2.89528 18 4 18Z"
fill="#535766"
/>
<path d="M3 26H5V31H3V26Z" fill="#00BFB3" />
<path d="M3 1H5V17H3V1Z" fill="#535766" />
<path
fillRule="evenodd"
clipRule="evenodd"
d="M16 14C18.2093 14 20 12.2093 20 10C20 7.79072 18.2093 6 16 6C13.7907 6 12 7.79072 12 10C12 12.2093 13.7907 14 16 14ZM16 8C17.1047 8 18 8.89528 18 10C18 11.1047 17.1047 12 16 12C14.8953 12 14 11.1047 14 10C14 8.89528 14.8953 8 16 8Z"
fill="#535766"
/>
<path d="M15 16H17V31H15V16Z" fill="#00BFB3" />
<path d="M15 1H17V7H15V1Z" fill="#535766" />
<path
fillRule="evenodd"
clipRule="evenodd"
d="M28 24C30.2093 24 32 22.2093 32 20C32 17.7907 30.2093 16 28 16C25.7907 16 24 17.7907 24 20C24 22.2093 25.7907 24 28 24ZM28 18C29.1047 18 30 18.8953 30 20C30 21.1047 29.1047 22 28 22C26.8953 22 26 21.1047 26 20C26 18.8953 26.8953 18 28 18Z"
fill="#535766"
/>
<path d="M27 26H29V31H27V26Z" fill="#00BFB3" />
<path d="M27 1H29V17H27V1Z" fill="#535766" />
</svg>
);
3 changes: 3 additions & 0 deletions x-pack/plugins/security_solution/public/common/lib/telemetry/constants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ export enum TelemetryEventTypes {
AssistantMessageSent = 'Assistant Message Sent',
AssistantQuickPrompt = 'Assistant Quick Prompt',
AssistantSettingToggled = 'Assistant Setting Toggled',
AssetCriticalityCsvPreviewGenerated = 'Asset Criticality Csv Preview Generated',
AssetCriticalityFileSelected = 'Asset Criticality File Selected',
AssetCriticalityCsvImported = 'Asset Criticality CSV Imported',
EntityDetailsClicked = 'Entity Details Clicked',
EntityAlertsClicked = 'Entity Alerts Clicked',
EntityRiskFiltered = 'Entity Risk Filtered',
Expand Down
115 changes: 115 additions & 0 deletions ...ck/plugins/security_solution/public/common/lib/telemetry/events/entity_analytics/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,3 +99,118 @@ export const addRiskInputToTimelineClickedEvent: TelemetryEvent = {
},
},
};

export const assetCriticalityFileSelectedEvent: TelemetryEvent = {
eventType: TelemetryEventTypes.AssetCriticalityFileSelected,
schema: {
valid: {
type: 'boolean',
_meta: {
description: 'If the file is valid',
optional: false,
},
},
errorCode: {
type: 'keyword',
_meta: {
description: 'Error code if the file is invalid',
optional: true,
},
},
file: {
properties: {
size: {
type: 'long',
_meta: {
description: 'File size in bytes',
optional: false,
},
},
},
},
},
};

export const assetCriticalityCsvPreviewGeneratedEvent: TelemetryEvent = {
eventType: TelemetryEventTypes.AssetCriticalityCsvPreviewGenerated,
schema: {
file: {
properties: {
size: {
type: 'long',
_meta: {
description: 'File size in bytes',
optional: false,
},
},
},
},
processing: {
properties: {
startTime: {
type: 'date',
_meta: {
description: 'Processing start time',
optional: false,
},
},
endTime: {
type: 'date',
_meta: {
description: 'Processing end time',
optional: false,
},
},
tookMs: {
type: 'long',
_meta: {
description: 'Processing time in milliseconds',
optional: false,
},
},
},
},
stats: {
properties: {
validLines: {
type: 'long',
_meta: {
description: 'Number of valid lines',
optional: false,
},
},
invalidLines: {
type: 'long',
_meta: {
description: 'Number of invalid lines',
optional: false,
},
},
totalLines: {
type: 'long',
_meta: {
description: 'Total number of lines',
optional: false,
},
},
},
},
},
};

export const assetCriticalityCsvImportedEvent: TelemetryEvent = {
eventType: TelemetryEventTypes.AssetCriticalityCsvImported,
schema: {
file: {
properties: {
size: {
type: 'long',
_meta: {
description: 'File size in bytes',
optional: false,
},
},
},
},
},
};
47 changes: 46 additions & 1 deletion ...ck/plugins/security_solution/public/common/lib/telemetry/events/entity_analytics/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,46 @@ export interface ReportAddRiskInputToTimelineClickedParams {
quantity: number;
}

export interface ReportAssetCriticalityFileSelectedParams {
valid: boolean;
errorCode?: string;
file: {
size: number;
};
}

export interface ReportAssetCriticalityCsvPreviewGeneratedParams {
file: {
size: number;
};
processing: {
startTime: string;
endTime: string;
tookMs: number;
};
stats: {
validLines: number;
invalidLines: number;
totalLines: number;
};
}

export interface ReportAssetCriticalityCsvImportedParams {
file: {
size: number;
};
}

export type ReportEntityAnalyticsTelemetryEventParams =
| ReportEntityDetailsClickedParams
| ReportEntityAlertsClickedParams
| ReportEntityRiskFilteredParams
| ReportToggleRiskSummaryClickedParams
| ReportRiskInputsExpandedFlyoutOpenedParams
| ReportAddRiskInputToTimelineClickedParams;
| ReportAddRiskInputToTimelineClickedParams
| ReportAssetCriticalityCsvPreviewGeneratedParams
| ReportAssetCriticalityFileSelectedParams
| ReportAssetCriticalityCsvImportedParams;

export type EntityAnalyticsTelemetryEvent =
| {
Expand All @@ -61,4 +94,16 @@ export type EntityAnalyticsTelemetryEvent =
| {
eventType: TelemetryEventTypes.RiskInputsExpandedFlyoutOpened;
schema: RootSchema<ReportRiskInputsExpandedFlyoutOpenedParams>;
}
| {
eventType: TelemetryEventTypes.AssetCriticalityCsvPreviewGenerated;
schema: RootSchema<ReportAssetCriticalityCsvPreviewGeneratedParams>;
}
| {
eventType: TelemetryEventTypes.AssetCriticalityFileSelected;
schema: RootSchema<ReportAssetCriticalityFileSelectedParams>;
}
| {
eventType: TelemetryEventTypes.AssetCriticalityCsvImported;
schema: RootSchema<ReportAssetCriticalityCsvImportedParams>;
};
6 changes: 6 additions & 0 deletions x-pack/plugins/security_solution/public/common/lib/telemetry/events/telemetry_events.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@ import {
addRiskInputToTimelineClickedEvent,
RiskInputsExpandedFlyoutOpenedEvent,
toggleRiskSummaryClickedEvent,
assetCriticalityCsvPreviewGeneratedEvent,
assetCriticalityFileSelectedEvent,
assetCriticalityCsvImportedEvent,
} from './entity_analytics';
import {
assistantInvokedEvent,
Expand Down Expand Up @@ -150,6 +153,9 @@ export const telemetryEvents = [
entityClickedEvent,
entityAlertsClickedEvent,
entityRiskFilteredEvent,
assetCriticalityCsvPreviewGeneratedEvent,
assetCriticalityFileSelectedEvent,
assetCriticalityCsvImportedEvent,
toggleRiskSummaryClickedEvent,
RiskInputsExpandedFlyoutOpenedEvent,
addRiskInputToTimelineClickedEvent,
Expand Down
3 changes: 3 additions & 0 deletions x-pack/plugins/security_solution/public/common/lib/telemetry/telemetry_client.mock.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,4 +29,7 @@ export const createTelemetryClientMock = (): jest.Mocked<TelemetryClientStart> =
reportAddRiskInputToTimelineClicked: jest.fn(),
reportDetailsFlyoutOpened: jest.fn(),
reportDetailsFlyoutTabClicked: jest.fn(),
reportAssetCriticalityCsvPreviewGenerated: jest.fn(),
reportAssetCriticalityFileSelected: jest.fn(),
reportAssetCriticalityCsvImported: jest.fn(),
});
21 changes: 20 additions & 1 deletion x-pack/plugins/security_solution/public/common/lib/telemetry/telemetry_client.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,12 @@ import type {
ReportToggleRiskSummaryClickedParams,
ReportDetailsFlyoutOpenedParams,
ReportDetailsFlyoutTabClickedParams,
ReportAssetCriticalityCsvPreviewGeneratedParams,
ReportAssetCriticalityFileSelectedParams,
ReportAssetCriticalityCsvImportedParams,
ReportAddRiskInputToTimelineClickedParams,
} from './types';
import { TelemetryEventTypes } from './constants';
import type { ReportAddRiskInputToTimelineClickedParams } from './events/entity_analytics/types';

/**
* Client which aggregate all the available telemetry tracking functions
Expand Down Expand Up @@ -108,6 +111,22 @@ export class TelemetryClient implements TelemetryClientStart {
});
};

public reportAssetCriticalityCsvPreviewGenerated = (
params: ReportAssetCriticalityCsvPreviewGeneratedParams
) => {
this.analytics.reportEvent(TelemetryEventTypes.AssetCriticalityCsvPreviewGenerated, params);
};

public reportAssetCriticalityFileSelected = (
params: ReportAssetCriticalityFileSelectedParams
) => {
this.analytics.reportEvent(TelemetryEventTypes.AssetCriticalityFileSelected, params);
};

public reportAssetCriticalityCsvImported = (params: ReportAssetCriticalityCsvImportedParams) => {
this.analytics.reportEvent(TelemetryEventTypes.AssetCriticalityCsvImported, params);
};

public reportMLJobUpdate = (params: ReportMLJobUpdateParams) => {
this.analytics.reportEvent(TelemetryEventTypes.MLJobUpdate, params);
};
Expand Down
13 changes: 12 additions & 1 deletion x-pack/plugins/security_solution/public/common/lib/telemetry/types.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,9 @@ import type {
ReportEntityRiskFilteredParams,
ReportRiskInputsExpandedFlyoutOpenedParams,
ReportToggleRiskSummaryClickedParams,
ReportAssetCriticalityCsvPreviewGeneratedParams,
ReportAssetCriticalityFileSelectedParams,
ReportAssetCriticalityCsvImportedParams,
} from './events/entity_analytics/types';
import type {
AssistantTelemetryEvent,
Expand All @@ -56,6 +59,9 @@ export type {
ReportRiskInputsExpandedFlyoutOpenedParams,
ReportToggleRiskSummaryClickedParams,
ReportAddRiskInputToTimelineClickedParams,
ReportAssetCriticalityCsvPreviewGeneratedParams,
ReportAssetCriticalityFileSelectedParams,
ReportAssetCriticalityCsvImportedParams,
} from './events/entity_analytics/types';
export * from './events/document_details/types';

Expand Down Expand Up @@ -118,7 +124,12 @@ export interface TelemetryClientStart {
reportToggleRiskSummaryClicked(params: ReportToggleRiskSummaryClickedParams): void;
reportRiskInputsExpandedFlyoutOpened(params: ReportRiskInputsExpandedFlyoutOpenedParams): void;
reportAddRiskInputToTimelineClicked(params: ReportAddRiskInputToTimelineClickedParams): void;

// Entity Analytics Asset Criticality
reportAssetCriticalityFileSelected(params: ReportAssetCriticalityFileSelectedParams): void;
reportAssetCriticalityCsvPreviewGenerated(
params: ReportAssetCriticalityCsvPreviewGeneratedParams
): void;
reportAssetCriticalityCsvImported(params: ReportAssetCriticalityCsvImportedParams): void;
reportCellActionClicked(params: ReportCellActionClickedParams): void;

reportAnomaliesCountClicked(params: ReportAnomaliesCountClickedParams): void;
Expand Down
1 change: 1 addition & 0 deletions x-pack/plugins/security_solution/public/common/mock/storybook_providers.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ const coreMock = {
settings: {
client: {
get: () => {},
get$: () => new Subject(),
set: () => {},
},
},
Expand Down
Loading