Analyzer does not include indices to use in requests #89337
Assignees
Labels
bug
Fixes for quality problems that affect the customer experience
Team:Threat Hunting
Security Solution Threat Hunting Team
v7.11.1
Comments
jonathan-buttner
added
bug
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
|
cc: @aarju |
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Kibana version:
7.11
Describe the bug:
When viewing the graphical analyzer view for a process graph, the UI does not populate the indices field of the request to the backend. I believe this causes the backend to query all local indices in ES. This fails for CCS where the events are not located on the local ES instance.
Steps to reproduce:
Open the analyzer and observe the network requests in the developer tools.
Expected behavior:
indexPatternsis populated with the same values as the/treeAPI request.Screenshots (if relevant):
/treerequest has the correct valuesNotice that the
/eventsAPI'sindexPatternsis an empty array.Other context:
I believe the issue is that this selector is being called:
https://github.com/elastic/kibana/blob/master/x-pack/plugins/security_solution/public/resolver/store/data/selectors.ts#L289
which returns
nullafter the/treeAPI has returned. A new selector likely needs to be created to return the appropriate parameters depending on the state of the/treerequest.The text was updated successfully, but these errors were encountered: