elastic · oatkiller · Jun 30, 2020 · Jun 29, 2020 · Jun 30, 2020 · Jun 29, 2020
diff --git a/x-pack/plugins/security_solution/public/resolver/store/data/reducer.ts b/x-pack/plugins/security_solution/public/resolver/store/data/reducer.ts
@@ -9,7 +9,6 @@ import { DataState } from '../../types';
 import { ResolverAction } from '../actions';
 
 const initialState: DataState = {
-  relatedEventsStats: new Map(),
   relatedEvents: new Map(),
   relatedEventsReady: new Map(),
 };

diff --git a/x-pack/plugins/security_solution/public/resolver/store/data/selectors.ts b/x-pack/plugins/security_solution/public/resolver/store/data/selectors.ts
@@ -301,3 +301,46 @@ export function databaseDocumentIDToAbort(state: DataState): string | null {
     return null;
   }
 }
+
+/**
+ * `ResolverNodeStats` for a process (`ResolverEvent`)
+ */
+const relatedEventStatsForProcess: (
+  state: DataState
+) => (event: ResolverEvent) => ResolverNodeStats | null = createSelector(
+  relatedEventsStats,
+  (statsMap) => {
+    if (!statsMap) {
+      return () => null;
+    }
+    return (event: ResolverEvent) => {
+      const nodeStats = statsMap.get(uniquePidForProcess(event));
+      if (!nodeStats) {
+        return null;
+      }
+      return nodeStats;
+    };
+  }
+);
+
+/**
+ * The sum of all related event categories for a process.
+ */
+export const relatedEventTotalForProcess: (
+  state: DataState
+) => (event: ResolverEvent) => number | null = createSelector(
+  relatedEventStatsForProcess,
+  (statsForProcess) => {
+    return (event: ResolverEvent) => {
+      const stats = statsForProcess(event);
+      if (!stats) {
+        return null;
+      }
+      let total = 0;
+      for (const value of Object.values(stats.events.byCategory)) {
+        total += value;
+      }
+      return total;
+    };
+  }
+);
diff --git a/x-pack/plugins/security_solution/public/resolver/store/middleware/index.ts b/x-pack/plugins/security_solution/public/resolver/store/middleware/index.ts
@@ -43,24 +43,26 @@ export const resolverMiddlewareFactory: MiddlewareFactory = (context) => {
         action.type === 'appDetectedMissingEventData'
       ) {
         const entityIdToFetchFor = action.payload;
-        let result: ResolverRelatedEvents;
+        let result: ResolverRelatedEvents | undefined;
         try {
           result = await context.services.http.get(
             `/api/endpoint/resolver/${entityIdToFetchFor}/events`,
             {
               query: { events: 100 },
             }
           );
+        } catch {
+          api.dispatch({
+            type: 'serverFailedToReturnRelatedEventData',
+            payload: action.payload,
+          });
+        }
 
+        if (result) {
           api.dispatch({
             type: 'serverReturnedRelatedEventData',
             payload: result,
           });
-        } catch (e) {
-          api.dispatch({
-            type: 'serverFailedToReturnRelatedEventData',
-            payload: action.payload,
-          });
         }
       }
     };

diff --git a/x-pack/plugins/security_solution/public/resolver/store/selectors.ts b/x-pack/plugins/security_solution/public/resolver/store/selectors.ts
@@ -188,6 +188,14 @@ const indexedProcessNodesAndEdgeLineSegments = composeSelectors(
   dataSelectors.visibleProcessNodePositionsAndEdgeLineSegments
 );
 
+/**
+ * Total count of related events for a process.
+ */
+export const relatedEventTotalForProcess = composeSelectors(
+  dataStateSelector,
+  dataSelectors.relatedEventTotalForProcess
+);
+
 /**
  * Return the visible edge lines and process nodes based on the camera position at `time`.
  * The bounding box represents what the camera can see. The camera position is a function of time because it can be

diff --git a/x-pack/plugins/security_solution/public/resolver/types.ts b/x-pack/plugins/security_solution/public/resolver/types.ts
@@ -7,12 +7,7 @@
 import { Store } from 'redux';
 import { BBox } from 'rbush';
 import { ResolverAction } from './store/actions';
-import {
-  ResolverEvent,
-  ResolverNodeStats,
-  ResolverRelatedEvents,
-  ResolverTree,
-} from '../../common/endpoint/types';
+import { ResolverEvent, ResolverRelatedEvents, ResolverTree } from '../../common/endpoint/types';
 
 /**
  * Redux state for the Resolver feature. Properties on this interface are populated via multiple reducers using redux's `combineReducers`.
@@ -176,7 +171,6 @@ export interface VisibleEntites {
  * State for `data` reducer which handles receiving Resolver data from the backend.
  */
 export interface DataState {
-  readonly relatedEventsStats: Map<string, ResolverNodeStats>;
   readonly relatedEvents: Map<string, ResolverRelatedEvents>;
   readonly relatedEventsReady: Map<string, boolean>;
   /**

diff --git a/x-pack/plugins/security_solution/public/resolver/view/map.tsx b/x-pack/plugins/security_solution/public/resolver/view/map.tsx
@@ -107,7 +107,7 @@ export const ResolverMap = React.memo(function ({
                 projectionMatrix={projectionMatrix}
                 event={processEvent}
                 adjacentNodeMap={adjacentNodeMap}
-                relatedEventsStats={
+                relatedEventsStatsForProcess={
                   relatedEventsStats ? relatedEventsStats.get(entityId(processEvent)) : undefined
                 }
                 isProcessTerminated={terminatedProcesses.has(processEntityId)}