Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CTI] Adds links for threat.indicator.event url and reference on Summary Tab #96323

Closed
wants to merge 3 commits into from
Closed

[CTI] Adds links for threat.indicator.event url and reference on Summary Tab #96323

wants to merge 3 commits into from

Conversation

ecezalp
Copy link
Contributor

@ecezalp ecezalp commented Apr 6, 2021
edited
Loading

Closes elastic/security-team#967

Note: To test this change, #909 must be merged first.

Checklist

Delete any items that are not applicable to this PR.

  • Unit or functional tests were updated or added to match the most common scenarios
  • Any UI touched in this PR does not create any new axe failures (run axe in browser: FF, Chrome)

@ecezalp ecezalp added v7.13.0 release_note:feature Makes this part of the condensed release notes 7.13 candidate Team: CTI labels Apr 6, 2021
@ecezalp ecezalp requested review from rylnd and a team April 6, 2021 15:31
@ecezalp ecezalp self-assigned this Apr 6, 2021
@ecezalp
Copy link
Contributor Author

ecezalp commented Apr 12, 2021

@elasticmachine merge upstream

rylnd
rylnd approved these changes Apr 13, 2021
View reviewed changes
Copy link
Contributor

@rylnd rylnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

.../plugins/security_solution/public/timelines/components/timeline/body/renderers/constants.tsx
export const SIGNAL_RULE_NAME_FIELD_NAME = 'signal.rule.name';
export const SIGNAL_STATUS_FIELD_NAME = 'signal.status';
export const THREAT_INDICATOR_EVENT_URL_FIELD_NAME = 'threat.indicator.event.url';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you think I should remove these on my row renderer PR? I've got them in common/cti/constants so we could certainly consolidate this.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

consolidating them is a great idea, I can create a mini chore ticket to tackle this once both of our PRs are merged, I am currently killing this one for an updated implementation as a part of #998

@rylnd
Copy link
Contributor

rylnd commented Apr 13, 2021

@elasticmachine merge upstream

@kibanamachine
Copy link
Contributor

💛 Build succeeded, but was flaky

Test Failures

Kibana Pipeline / general / "before all" hook for "should contain the right query".Timeline query tab Query tab "before all" hook for "should contain the right query"

Link to Jenkins

Stack Trace

Failed Tests Reporter:
  - Test has not failed recently on tracked branches

AssertionError: Timed out retrying after 60000ms: Expected to find element: `[data-test-subj="title-13f1c210-9c80-11eb-a156-ab9eca9a4639"]`, but never found it.

Because this error occurred during a `before all` hook we are skipping the remaining tests in the current suite: `Timeline query tab`

Although you have test retries enabled, we do not retry tests when `before all` or `after all` hooks fail
    at Object.openTimelineById (http://localhost:6121/__cypress/tests?p=cypress/integration/timelines/query_tab.spec.ts:16078:15)
    at Context.eval (http://localhost:6121/__cypress/tests?p=cypress/integration/timelines/query_tab.spec.ts:15045:28)

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 7.3MB 7.3MB +388.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @ecezalp

@ecezalp
Copy link
Contributor Author

ecezalp commented Apr 13, 2021

Closing this PR as the event fields are no longer present on the Threat Summary view (as per the new ACs of elastic/security-team#998. A similar change will be implemented for #998 for the Threat Details section of the Threat Intel tab.

@ecezalp ecezalp closed this Apr 13, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rylnd rylnd rylnd approved these changes

Assignees

@ecezalp ecezalp

Labels
release_note:feature Makes this part of the condensed release notes Team: CTI v7.13.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ecezalp @rylnd @kibanamachine