-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SIEM] Adds ability to infer the newsfeed.enabled setting #56236
Conversation
Without a contract, dependent plugins have no way of knowing whether the plugin is enabled or not as the contract will always be undefined.
So that dependent plugins can use them.
We're going to use the availability of the newsfeed plugin as part of our determination for whether or not to show the security newsfeed. If users set `newsfeed.enabled: false`, the plugin will be unavailable and the security feed will not be shown.
Pinging @elastic/siem (Team:SIEM) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See if my suggested change can be made and let you avoid the eslint-disable
The presence of the newsfeed plugin means that newsfeed.enabled is true. If both that and our local setting are true, we will show the Security feed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
reviewed the code only
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @rylnd for implementing this request from @MikePaquette! 🙏
When the newsfeed.enabled
setting in config/kibana.yml
is changed from it's default value to false
, the Security news
widget in the SIEM Overview will not make a network request for news, and the Security news
widget will not be displayed in the Overview.
Setting newsfeed.enabled
to false
in config/kibana.yml
overrides the setting shown in the screenshot below:
I desk tested this with @rylnd over a zoom.
LGTM 🚀 📰
@elasticmachine merge upstream |
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
@rylnd @tsullivan After discussing with Ryland, we are loading newsfeed through |
) * Always return a contract from the newsfeed plugin Without a contract, dependent plugins have no way of knowing whether the plugin is enabled or not as the contract will always be undefined. * Export newsfeed contract types from public index So that dependent plugins can use them. * Declare newsfeed as an optional dependency of SIEM We're going to use the availability of the newsfeed plugin as part of our determination for whether or not to show the security newsfeed. If users set `newsfeed.enabled: false`, the plugin will be unavailable and the security feed will not be shown. * Respect global newsfeed.enabled config in Security newsfeed The presence of the newsfeed plugin means that newsfeed.enabled is true. If both that and our local setting are true, we will show the Security feed. * Prefer object type over empty interface Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
…56265) * Always return a contract from the newsfeed plugin Without a contract, dependent plugins have no way of knowing whether the plugin is enabled or not as the contract will always be undefined. * Export newsfeed contract types from public index So that dependent plugins can use them. * Declare newsfeed as an optional dependency of SIEM We're going to use the availability of the newsfeed plugin as part of our determination for whether or not to show the security newsfeed. If users set `newsfeed.enabled: false`, the plugin will be unavailable and the security feed will not be shown. * Respect global newsfeed.enabled config in Security newsfeed The presence of the newsfeed plugin means that newsfeed.enabled is true. If both that and our local setting are true, we will show the Security feed. * Prefer object type over empty interface Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
…56266) * Always return a contract from the newsfeed plugin Without a contract, dependent plugins have no way of knowing whether the plugin is enabled or not as the contract will always be undefined. * Export newsfeed contract types from public index So that dependent plugins can use them. * Declare newsfeed as an optional dependency of SIEM We're going to use the availability of the newsfeed plugin as part of our determination for whether or not to show the security newsfeed. If users set `newsfeed.enabled: false`, the plugin will be unavailable and the security feed will not be shown. * Respect global newsfeed.enabled config in Security newsfeed The presence of the newsfeed plugin means that newsfeed.enabled is true. If both that and our local setting are true, we will show the Security feed. * Prefer object type over empty interface Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
* master: (31 commits) [SIEM] Overview page feedback (elastic#56261) refactor (elastic#56131) [NP Cleanup] Remove ui/public/inspector (elastic#55677) [SIEM] [TIMELINE] Only add endpoint logo when on event.module === endgame (elastic#56263) Basic Functionality Alert List (elastic#55800) [SIEM] Fix filters on Hosts and Network page (elastic#56234) [SIEM] Adds ability to infer the newsfeed.enabled setting (elastic#56236) [SIEM][Detection Engine] critical blocker for updated rules [SIEM][Detection Engine] critical blocker, fixes ordering issue that causes rules to not run the first time [SIEM] Add link to endpoint app through reference.url (elastic#56211) [Metrics UI] Fixing title truncation in Metrics Explorer (elastic#55917) [SIEM] Put the notice for rules in comment block (elastic#56123) [SIEM][Detection Engine] critical blocker with the UI crashing Consistent timeouts for the Space onPostAuth interceptor tests (elastic#56158) Skip tests that depend on other skipped test [SIEM] [Detection Engine] Timestamps for rules (elastic#56197) Sort server-side in SavedObject export (elastic#55128) [Reporting] Document the 8.0 breaking changes (elastic#56187) Revert "[Monitoring] Change all configs to `monitoring.*`" (elastic#56214) add owners for es_archiver (elastic#56184) ...
…55831 * '7.x' of github.com:elastic/kibana: (78 commits) Re-enable watcher FireFox functional test (elastic#56112) (elastic#56294) [Metrics UI] Fixing title truncation in Metrics Explorer (elastic#55917) (elastic#56248) [APM] x-axis labels on Error occurrences chart are incorrect based on Kibana timezone (elastic#55686) (elastic#56288) Migrate saved_object_save_as_checkbox directive to timelion (elastic#56114) (elastic#56286) [APM] Treat error.exception.stacktrace.line as optional (elastic#55733) (elastic#55840) Remove alerts and actions from feature catalogue (elastic#56140) (elastic#56208) Migrate UI capabilities to use new platform APIs (elastic#56070) (elastic#56207) [ML] Add functional tests for analytics UI: creation addition and regression/outlier results (elastic#56059) (elastic#56191) [SIEM] Overview page feedback (elastic#56261) (elastic#56276) [NP Cleanup] Remove ui/public/inspector (elastic#55677) (elastic#56271) [Index template] Fix editor should support mappings types (elastic#55804) fixes map index message (elastic#56104) (elastic#56194) [SIEM] [TIMELINE] Only add endpoint logo when on event.module === endgame (elastic#56263) (elastic#56269) [SIEM] Fix filters on Hosts and Network page (elastic#56234) (elastic#56267) [SIEM] Adds ability to infer the newsfeed.enabled setting (elastic#56236) (elastic#56265) [SIEM][Detection Engine] critical blocker for updated rules (elastic#56259) [SIEM] Put the notice for rules in comment block (elastic#56123) (elastic#56246) [SIEM][Detection Engine] critical blocker, fixes ordering issue that causes rules to not run the first time (elastic#56256) [Reporting/NP] Migration of Reporting Security dependency (elastic#56046) (elastic#56198) [SIEM] Add link to endpoint app through reference.url (elastic#56211) (elastic#56250) ... # Conflicts: # x-pack/plugins/watcher/public/plugin.ts
Summary
In order to determine whether to show the new Security news feed within the SIEM app, we first need to know whether the newsfeed is disabled globally.
Since we are no longer able to access the
newsfeed.enabled
setting directly from the kibana config, we needed to make some changes to the newsfeed plugin in order to infer that setting's value. With these changes, dependent plugins can predicate upon the presence/absence of the newsfeed plugin in the same way as thenewsfeed.enabled
boolean.Checklist
Use
strikethroughsto remove checklist items you don't feel are applicable to this PR.[ ] This was checked for cross-browser compatibility, including a check against IE11-~~ [ ] Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support~~
[ ] Documentation was added for features that require explanation or tutorials[ ] Unit or functional tests were updated or added to match the most common scenarios[ ] This was checked for keyboard-only and screenreader accessibilityFor maintainers