[Security Solution][Alerts] resolves alerts suppression review feedback #155839
Conversation
vitaliidm
added
release_note:skip
vitaliidm
changed the title
…taliidm/kibana into alerts_8_8/suppression-feedback
|
@elasticmachine merge upstream |
…taliidm/kibana into alerts_8_8/suppression-feedback
vitaliidm
added
backport:prev-minor
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
|
||
| return ( | ||
| <EuiPopover button={button} isOpen={isPopoverOpen} closePopover={closePopover}> | ||
| <EuiText style={{ width: POPOVER_WIDTH }}> |
There was a problem hiding this comment.
nit: Text size feels a bit big in the popover at 16px IMO, especially since the regular text below is at 14px. To be honest though, we're not consistent here with our rich text 'tooltips', so could go either way here.
Suppression 16px
Execution Log 14px
Integrations 14px
Rule Monitoring 16px
There was a problem hiding this comment.
it makes sense to set text size to 14px in my case.
Thanks for the suggestion
| <IntendedRuleTypeEuiFormRow | ||
| $isVisible={isQueryRule(ruleType)} | ||
| data-test-subj="alertSuppressionMissingFields" | ||
| label={ | ||
| <span> | ||
| {i18n.ALERT_SUPPRESSION_MISSING_FIELDS_FORM_ROW_LABEL} <SuppressionInfoIcon /> | ||
| </span> | ||
| } | ||
| > | ||
| <UseMultiFields | ||
| fields={{ | ||
| suppressionMissingFields: { | ||
| path: 'suppressionMissingFields', | ||
| }, | ||
| }} |
There was a problem hiding this comment.
nit: might be nice to add a little extra width here to prevent text wrapping and save on vertical space
current:
w/ extra width so no line-wrap
There was a problem hiding this comment.
like this idea!
Implemented
| <RuleTypeEuiFormRow | ||
| $isVisible={isQueryRule(ruleType)} | ||
| data-test-subj="alertSuppressionInput" |
There was a problem hiding this comment.
ux nit: May want to consider hiding the suppression configuration UI until a field is selected, as it's in a disabled state until the user selects a field, which adds extra information to an already well populated form
current:
hidden w/o selection:
visible w/ selection:
We do something similar w/ the expanded Severity/Risk Score override UI:
There was a problem hiding this comment.
Thanks for suggestions with different approaches on UI.
We, actually, considered each of them + accordion, to wrap all suppression settings, on Advanced Correlation Workgroup meetings with Product and UI teams.
#150101 (comment)
#150101 (comment)
In the end, we decided to stick to current implementation: just intend suppression settings fields on rules form.
| const IntendedRuleTypeEuiFormRow = styled(RuleTypeEuiFormRow)` | ||
| ${({ theme }) => `padding-left: ${theme.eui.euiSizeXL};`} | ||
| `; | ||
|
|
There was a problem hiding this comment.
I heard in passing that we're encouraged to use emotion over styled-components these days. I honestly prefer the style-components way you're using here by declaring a new semantic 'component', but figured I'd bring it up in case others know more or could point to relevant resources, as we currently have conflicting information in our dev docs here & here. 🤷♂️
There was a problem hiding this comment.
tried first emotion, but it wasn't working. That's how I discovered issues and workaround related to CSS-in-JS, when it styled-components conflict with emotion, when speaking with eui team up.
I decided then to leave it as it was implemented, to not mix for one component both css-in-js and styled components
x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/schema.tsx
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Checked out, tested locally, code reviewed, and LGTM! 👍 🚀 🙌
Left a few ux nits, but not required -- pick and choose as you and the design folks see fit. Thanks for these enhancements @vitaliidm, appreciate it! 🙂
|
@gchaps Thanks for pinging about this. Looks like that help message is actually already a popover component and not a tooltip, so the message will be "sticky" and the user should be able to easily click the "Learn more" link. I confirmed this with a local build, and also confirmed that the docs link points to the correct page/heading. As for any revisions to popover text, I think we'll go with what we have. The first line does echo the option name/title a bit, but with a complex feature like this I'm OK with a little repetition for the sake of additional explanation. |
…rules/step_define_rule/schema.tsx Co-authored-by: Garrett Spong <spong@users.noreply.github.com>
Yes, component is popover, that allows clicking on link documentation |
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Module Count
Async chunks
Page load bundle
Unknown metric groupsESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: cc @vitaliidm |
…ck (elastic#155839) ## Summary - addresses review feedback on elastic#155055 - addresses UI changes from elastic#150101 - removes accordion in favour of intended suppression components - adds popover with a link to documentation - changes wording - addresses elastic#156247 ### Before <img width="1017" alt="Screenshot 2023-04-24 at 19 44 33" src="https://user-images.githubusercontent.com/92328789/234824612-b0ed2870-8aa0-44af-a37d-c061358c54a3.png"> ### After #### Intended Fields <img width="1016" alt="Screenshot 2023-05-05 at 10 42 46" src="https://user-images.githubusercontent.com/92328789/236426053-279d2f5b-46ea-434b-9cfa-696c71321661.png"> #### Tooltip <img width="1016" alt="Screenshot 2023-05-05 at 10 43 41" src="https://user-images.githubusercontent.com/92328789/236426061-1c39a5c2-63ca-4a36-b15e-2a1c1943481d.png"> --------- Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Garrett Spong <spong@users.noreply.github.com> (cherry picked from commit 31b6062)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
…feedback (#155839) (#157192) # Backport This will backport the following commits from `main` to `8.8`: - [[Security Solution][Alerts] resolves alerts suppression review feedback (#155839)](#155839) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Vitalii Dmyterko","email":"92328789+vitaliidm@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-05-09T16:12:20Z","message":"[Security Solution][Alerts] resolves alerts suppression review feedback (#155839)\n\n## Summary\r\n\r\n- addresses review feedback on\r\nhttps://github.com//pull/155055\r\n- addresses UI changes from\r\nhttps://github.com//issues/150101\r\n - removes accordion in favour of intended suppression components\r\n - adds popover with a link to documentation\r\n - changes wording\r\n- addresses https://github.com/elastic/kibana/issues/156247\r\n\r\n### Before\r\n<img width=\"1017\" alt=\"Screenshot 2023-04-24 at 19 44 33\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/234824612-b0ed2870-8aa0-44af-a37d-c061358c54a3.png\">\r\n\r\n### After\r\n\r\n#### Intended Fields\r\n<img width=\"1016\" alt=\"Screenshot 2023-05-05 at 10 42 46\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/236426053-279d2f5b-46ea-434b-9cfa-696c71321661.png\">\r\n\r\n#### Tooltip\r\n<img width=\"1016\" alt=\"Screenshot 2023-05-05 at 10 43 41\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/236426061-1c39a5c2-63ca-4a36-b15e-2a1c1943481d.png\">\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Garrett Spong <spong@users.noreply.github.com>","sha":"31b6062148b55f712015fc9061172eca54c0acd4","branchLabelMapping":{"^v8.9.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Team:Detection Alerts","backport:prev-minor","v8.8.0","v8.9.0"],"number":155839,"url":"https://github.com/elastic/kibana/pull/155839","mergeCommit":{"message":"[Security Solution][Alerts] resolves alerts suppression review feedback (#155839)\n\n## Summary\r\n\r\n- addresses review feedback on\r\nhttps://github.com//pull/155055\r\n- addresses UI changes from\r\nhttps://github.com//issues/150101\r\n - removes accordion in favour of intended suppression components\r\n - adds popover with a link to documentation\r\n - changes wording\r\n- addresses https://github.com/elastic/kibana/issues/156247\r\n\r\n### Before\r\n<img width=\"1017\" alt=\"Screenshot 2023-04-24 at 19 44 33\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/234824612-b0ed2870-8aa0-44af-a37d-c061358c54a3.png\">\r\n\r\n### After\r\n\r\n#### Intended Fields\r\n<img width=\"1016\" alt=\"Screenshot 2023-05-05 at 10 42 46\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/236426053-279d2f5b-46ea-434b-9cfa-696c71321661.png\">\r\n\r\n#### Tooltip\r\n<img width=\"1016\" alt=\"Screenshot 2023-05-05 at 10 43 41\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/236426061-1c39a5c2-63ca-4a36-b15e-2a1c1943481d.png\">\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Garrett Spong <spong@users.noreply.github.com>","sha":"31b6062148b55f712015fc9061172eca54c0acd4"}},"sourceBranch":"main","suggestedTargetBranches":["8.8"],"targetPullRequestStates":[{"branch":"8.8","label":"v8.8.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.9.0","labelRegex":"^v8.9.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/155839","number":155839,"mergeCommit":{"message":"[Security Solution][Alerts] resolves alerts suppression review feedback (#155839)\n\n## Summary\r\n\r\n- addresses review feedback on\r\nhttps://github.com//pull/155055\r\n- addresses UI changes from\r\nhttps://github.com//issues/150101\r\n - removes accordion in favour of intended suppression components\r\n - adds popover with a link to documentation\r\n - changes wording\r\n- addresses https://github.com/elastic/kibana/issues/156247\r\n\r\n### Before\r\n<img width=\"1017\" alt=\"Screenshot 2023-04-24 at 19 44 33\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/234824612-b0ed2870-8aa0-44af-a37d-c061358c54a3.png\">\r\n\r\n### After\r\n\r\n#### Intended Fields\r\n<img width=\"1016\" alt=\"Screenshot 2023-05-05 at 10 42 46\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/236426053-279d2f5b-46ea-434b-9cfa-696c71321661.png\">\r\n\r\n#### Tooltip\r\n<img width=\"1016\" alt=\"Screenshot 2023-05-05 at 10 43 41\"\r\nsrc=\"https://user-images.githubusercontent.com/92328789/236426061-1c39a5c2-63ca-4a36-b15e-2a1c1943481d.png\">\r\n\r\n---------\r\n\r\nCo-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>\r\nCo-authored-by: Garrett Spong <spong@users.noreply.github.com>","sha":"31b6062148b55f712015fc9061172eca54c0acd4"}}]}] BACKPORT--> Co-authored-by: Vitalii Dmyterko <92328789+vitaliidm@users.noreply.github.com> Co-authored-by: Pedro Jaramillo <pedro.jaramillo@elastic.co>
![https://user-images.githubusercontent.com/92328789/234824612-b0ed2870-8aa0-44af-a37d-c061358c54a3.png\">\r\n\r\n###](https://user-images.githubusercontent.com/92328789/234824612-b0ed2870-8aa0-44af-a37d-c061358c54a3.png\">\r\n\r\n###){kind=link}
![https://user-images.githubusercontent.com/92328789/236426053-279d2f5b-46ea-434b-9cfa-696c71321661.png\">\r\n\r\n####](https://user-images.githubusercontent.com/92328789/236426053-279d2f5b-46ea-434b-9cfa-696c71321661.png\">\r\n\r\n####){kind=link}
![https://user-images.githubusercontent.com/92328789/236426061-1c39a5c2-63ca-4a36-b15e-2a1c1943481d.png\">\r\n\r\n---------\r\n\r\nCo-authored-by](https://user-images.githubusercontent.com/92328789/236426061-1c39a5c2-63ca-4a36-b15e-2a1c1943481d.png\">\r\n\r\n---------\r\n\r\nCo-authored-by){kind=link}
Summary
Before
After
Intended Fields
Tooltip