Skip to content

Commit

Permalink
[Security Solution] Refactor NetworkDns to use Search Strategy (elast…
Browse files Browse the repository at this point in the history
  • Loading branch information
patrykkopycinski authored Sep 7, 2020
1 parent 2bdeb7c commit ccf48e9
Show file tree
Hide file tree
Showing 13 changed files with 600 additions and 231 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ import {
} from './hosts';
import {
NetworkQueries,
NetworkDnsStrategyResponse,
NetworkDnsRequestOptions,
NetworkTlsStrategyResponse,
NetworkTlsRequestOptions,
NetworkHttpStrategyResponse,
Expand Down Expand Up @@ -79,10 +81,12 @@ export type StrategyResponseType<T extends FactoryQueryTypes> = T extends HostsQ
? HostFirstLastSeenStrategyResponse
: T extends HostsQueries.uncommonProcesses
? HostUncommonProcessesStrategyResponse
: T extends NetworkQueries.tls
? NetworkTlsStrategyResponse
: T extends NetworkQueries.dns
? NetworkDnsStrategyResponse
: T extends NetworkQueries.http
? NetworkHttpStrategyResponse
: T extends NetworkQueries.tls
? NetworkTlsStrategyResponse
: T extends NetworkQueries.topCountries
? NetworkTopCountriesStrategyResponse
: T extends NetworkQueries.topNFlow
Expand All @@ -101,10 +105,12 @@ export type StrategyRequestType<T extends FactoryQueryTypes> = T extends HostsQu
? HostFirstLastSeenRequestOptions
: T extends HostsQueries.uncommonProcesses
? HostUncommonProcessesRequestOptions
: T extends NetworkQueries.tls
? NetworkTlsRequestOptions
: T extends NetworkQueries.dns
? NetworkDnsRequestOptions
: T extends NetworkQueries.http
? NetworkHttpRequestOptions
: T extends NetworkQueries.tls
? NetworkTlsRequestOptions
: T extends NetworkQueries.topCountries
? NetworkTopCountriesRequestOptions
: T extends NetworkQueries.topNFlow
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import { IEsSearchResponse } from '../../../../../../../../src/plugins/data/common';
import { CursorType, Inspect, Maybe, PageInfoPaginated, SortField } from '../../../common';
import { RequestOptionsPaginated } from '../..';

export enum NetworkDnsFields {
dnsName = 'dnsName',
queryCount = 'queryCount',
uniqueDomains = 'uniqueDomains',
dnsBytesIn = 'dnsBytesIn',
dnsBytesOut = 'dnsBytesOut',
}

export interface NetworkDnsRequestOptions extends RequestOptionsPaginated {
isPtrIncluded: boolean;
sort: SortField<NetworkDnsFields>;
stackByField?: Maybe<string>;
}

export interface NetworkDnsStrategyResponse extends IEsSearchResponse {
edges: NetworkDnsEdges[];
totalCount: number;
pageInfo: PageInfoPaginated;
inspect?: Maybe<Inspect>;
histogram?: Maybe<MatrixOverOrdinalHistogramData[]>;
}

export interface NetworkDnsEdges {
node: NetworkDnsItem;
cursor: CursorType;
}

export interface NetworkDnsItem {
_id?: Maybe<string>;
dnsBytesIn?: Maybe<number>;
dnsBytesOut?: Maybe<number>;
dnsName?: Maybe<string>;
queryCount?: Maybe<number>;
uniqueDomains?: Maybe<number>;
}

export interface MatrixOverOrdinalHistogramData {
x: string;
y: number;
g: string;
}

export interface NetworkDnsBuckets {
key: string;
doc_count: number;
unique_domains: {
value: number;
};
dns_bytes_in: {
value: number;
};
dns_bytes_out: {
value: number;
};
}
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,14 @@
*/

export * from './common';
export * from './dns';
export * from './http';
export * from './tls';
export * from './top_countries';
export * from './top_n_flow';

export enum NetworkQueries {
dns = 'dns',
http = 'http',
tls = 'tls',
topCountries = 'topCountries',
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,6 @@ import {
TopNetworkTablesEcsField,
} from '../common';

export enum NetworkDnsFields {
dnsName = 'dnsName',
queryCount = 'queryCount',
uniqueDomains = 'uniqueDomains',
dnsBytesIn = 'dnsBytesIn',
dnsBytesOut = 'dnsBytesOut',
}

export enum FlowTarget {
client = 'client',
destination = 'destination',
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/

import React from 'react';
import { connect } from 'react-redux';
import { compose } from 'redux';
import { DocumentNode } from 'graphql';
import { ScaleType } from '@elastic/charts';

import { MatrixHistogram } from '../../../common/components/matrix_histogram';
import {
MatrixHistogramOption,
GetSubTitle,
} from '../../../common/components/matrix_histogram/types';
import { UpdateDateRange } from '../../../common/components/charts/common';
import { GlobalTimeArgs } from '../../../common/containers/use_global_time';
import { withKibana } from '../../../common/lib/kibana';
import { QueryTemplatePaginatedProps } from '../../../common/containers/query_template_paginated';
import { DEFAULT_TABLE_ACTIVE_PAGE, DEFAULT_TABLE_LIMIT } from '../../../common/store/constants';
import { networkModel, networkSelectors } from '../../store';
import { State, inputsSelectors } from '../../../common/store';

export const HISTOGRAM_ID = 'networkDnsHistogramQuery';

interface DnsHistogramOwnProps extends QueryTemplatePaginatedProps {
dataKey: string | string[];
defaultStackByOption: MatrixHistogramOption;
errorMessage: string;
isDnsHistogram?: boolean;
query: DocumentNode;
scaleType: ScaleType;
setQuery: GlobalTimeArgs['setQuery'];
showLegend?: boolean;
stackByOptions: MatrixHistogramOption[];
subtitle?: string | GetSubTitle;
title: string;
type: networkModel.NetworkType;
updateDateRange: UpdateDateRange;
yTickFormatter?: (value: number) => string;
}

const makeMapHistogramStateToProps = () => {
const getNetworkDnsSelector = networkSelectors.dnsSelector();
const getQuery = inputsSelectors.globalQueryByIdSelector();
const mapStateToProps = (state: State, { id = HISTOGRAM_ID }: DnsHistogramOwnProps) => {
const { isInspected } = getQuery(state, id);
return {
...getNetworkDnsSelector(state),
activePage: DEFAULT_TABLE_ACTIVE_PAGE,
limit: DEFAULT_TABLE_LIMIT,
isInspected,
id,
};
};

return mapStateToProps;
};

export const NetworkDnsHistogramQuery = compose<React.ComponentClass<DnsHistogramOwnProps>>(
connect(makeMapHistogramStateToProps),
withKibana
)(MatrixHistogram);
Loading

0 comments on commit ccf48e9

Please sign in to comment.