[SECURITY SOLUTION] Bundles _source -> Fields + able to sort on multiple fields in Timeline #83761
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
XavierM
added
release_note:enhancement
v8.0.0
v7.11.0
Team:Threat Hunting
angorayc
reviewed
Nov 23, 2020
...security_solution/public/timelines/components/timeline/body/column_headers/header/helpers.ts
Show resolved
Hide resolved
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
.../plugins/security_solution/server/search_strategy/timeline/factory/events/details/helpers.ts
Show resolved
Hide resolved
...ins/security_solution/server/search_strategy/timeline/factory/events/details/helpers.test.ts
Show resolved
Hide resolved
x-pack/plugins/security_solution/server/search_strategy/timeline/factory/events/all/helpers.ts
Show resolved
Hide resolved
...plugins/security_solution/public/timelines/components/timeline/body/column_headers/index.tsx
Outdated
Show resolved
Hide resolved
…imeline/body/column_headers/index.tsx Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
…o timeline-query-fields
angorayc
reviewed
Dec 7, 2020
patrykkopycinski
approved these changes
Dec 9, 2020
There was a problem hiding this comment.
we have paired on that PR multiple times, I've learned a lot, Thank you @XavierM 💪 ❤️
💚 Build SucceededMetrics [docs]Module Count
Async chunks
Distributable file count
History
To update your PR or re-run it, just comment with: |
XavierM
added a commit
to XavierM/kibana
that referenced
this pull request
Dec 10, 2020
…ple fields in Timeline (elastic#83761) * replace _source with fields * wip * unit test * regroup sorting and number together * fix bugs from review * mistake * Update x-pack/plugins/security_solution/public/timelines/components/timeline/body/column_headers/index.tsx Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com> * fix snapshot * review + fix topN and filter from detail view * fix tests * fix test Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Dec 10, 2020
* master: (53 commits) Fixing recovered instance reference bug (elastic#85412) Switch to new elasticsearch client for Visualizations (elastic#85245) Switch to new elasticsearch client for TSVB (elastic#85275) Switch to new elasticsearch client for Vega (elastic#85280) [ILM] Add shrink field to hot phase (elastic#84087) Add rolling-file appender to core logging (elastic#84735) [APM] Service overview: Dependencies table (elastic#83416) [Uptime ]Update empty message for certs list (elastic#78575) [Graph] Fix graph saved object references (elastic#85295) [APM] Create new API's to return Latency and Throughput charts (elastic#85242) [Advanced settings] Reset to default for empty strings (elastic#85137) [SECURITY SOLUTION] Bundles _source -> Fields + able to sort on multiple fields in Timeline (elastic#83761) [Fleet] Update agent listing for better status reporting (elastic#84798) [APM] enable 'sanitize_field_names' for Go (elastic#85373) Update dependency @elastic/charts to v24.4.0 (elastic#85452) Introduce external url service (elastic#81234) Deprecate disabling the security plugin (elastic#85159) [FLEET] New Integration Policy Details page for use in Integrations section (elastic#85355) [Security Solutions][Detection Engine] Fixes one liner access control with find_rules REST API chore: 🤖 remove extraPublicDirs (elastic#85454) ...
XavierM
added a commit
that referenced
this pull request
Dec 10, 2020
… multiple fields in Timeline (#83761) (#85505) * [SECURITY SOLUTION] Bundles _source -> Fields + able to sort on multiple fields in Timeline (#83761) * replace _source with fields * wip * unit test * regroup sorting and number together * fix bugs from review * mistake * Update x-pack/plugins/security_solution/public/timelines/components/timeline/body/column_headers/index.tsx Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com> * fix snapshot * review + fix topN and filter from detail view * fix tests * fix test Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com> * Update timeline_details.ts Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Bundle 1 -> _source to fields
Events and detail queries are not using anymore _source but it will use the fields attribute. This allow us to be a little bit more prepare to implement runtime fields in timeline and it also allow us to fix our nested/dotted/multi fields in timeline.
#81190
Bundle 2 -> Allow Multiple columns sorting on the timeline