Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SIEM] [CASES] Build lego blocks case details view #60864

Merged
merged 18 commits into from
Mar 23, 2020
Merged

[SIEM] [CASES] Build lego blocks case details view #60864

merged 18 commits into from
Mar 23, 2020

Conversation

XavierM
Copy link
Contributor

@XavierM XavierM commented Mar 22, 2020
edited
Loading

Summary

API

  • Add case user action saved object and service to keep track of every action of a user on a case and update every rest call who need to track actions
  • Add an API to get all user actions to show on the UI
  • Add an API to post all the information from service-now or other services + closing status of the case if configure like that
  • Fix the way to get all the total comment in cases page

UI

  • Change the state loading of the case details page
  • Push/Update case to service now
  • Show all the action (CRUD) of users on the case + plus pushing to service
  • add comment id in URL to be able to show the user the comment selected
  • Checking license and config to see if the user can push to service-now
  • Add participants
  • Add all url state for cases and timelines tabs
  • Update total comments in cases page

image

@XavierM XavierM added Team:SIEM v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.7.0 labels Mar 22, 2020
@XavierM XavierM requested a review from a team as a code owner March 22, 2020 04:03
@XavierM XavierM self-assigned this Mar 22, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

cnasikas
cnasikas reviewed Mar 23, 2020
View reviewed changes
Copy link
Member

@cnasikas cnasikas left a comment
edited by XavierM
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job!! Thank you for your time and effort!

Notes:

  • When the user does not have a connector configured a notice is being appeared. I think is good to include a link to the configuration page.
  • Align close case and push to ServiceNow buttons
  • When a new tag is added after the creation of a case (single case page view) an error is produced and the user actions are not shown.
  • Participants should not be shown when there are no comments.
  • Link to ServiceNow incident should open a new tab
  • Title and description are being updated to ServiceNow even when the fields have not been changed. The fields are being updated with the same value. As right now, we can not deal with this scenario, I think our best solution is to only allow overwrite.
  • The last comment is never being pushed to ServiceNow
  • When you push for the first time to ServiceNow the comments are not being added (comments attribute is an empty array). They are being added only on update.
  • When closure option is set to Automatically close SIEM cases when pushing new incident to third-party this error You cannot push a case who has been closed is being produced. I think is better to push the case first to the service and then close it. Not valid but you are right we are talking with @benskelker about changing this to info callout and not an error callout
  • Some EuiButton are missing area-label

@XavierM XavierM force-pushed the siem-cases-user-actions branch from af7488a to c14f1d4 Compare March 23, 2020 18:06
cnasikas
cnasikas approved these changes Mar 23, 2020
View reviewed changes
Copy link
Member

@cnasikas cnasikas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGMT! Great job!

@XavierM XavierM mentioned this pull request Mar 23, 2020
Closed
4 tasks
stephmilovic
stephmilovic approved these changes Mar 23, 2020
View reviewed changes
Copy link
Contributor

@stephmilovic stephmilovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nicely done @XavierM . This is the final piece of the puzzle. We have a few follow up issues, as we discussed in Slack, but let's get this code merged! Great work as usual LGTM 🚀 🎸

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@XavierM XavierM merged commit 81b3723 into elastic:master Mar 23, 2020
@XavierM XavierM mentioned this pull request Mar 23, 2020
Merged
XavierM added a commit to XavierM/kibana that referenced this pull request Mar 23, 2020
@XavierM @cnasikas
[SIEM] [CASES] Build lego blocks case details view (elastic#60864)
b23c446 
* modify API to get the total comments in _find + Add user action to track what user are doing + create _pushed api to know when case have been pushed

* fix rebase

* add connector name in case configuration saved object

* fix total comment in all cases

* totalComment bug on the API

* integrate user action API with UI

* fix merged issue

* integration APi to push to services with UI

* Fix bugs

* wip to show pushed service in ui

* finish the full flow with pushing to service now

* review about client discrepency

* clean up + review

* merge issue

* update error msgs to info

* add aria label + fix but on add/remove tags

* fix i18n

Co-authored-by: Christos Nasikas <christos.nasikas@elastic.co>
@stephmilovic stephmilovic deleted the siem-cases-user-actions branch March 24, 2020 02:20
stephmilovic pushed a commit that referenced this pull request Mar 24, 2020
@XavierM
[SIEM] [CASES] Build lego blocks case details view (#60864) (#61016)
daa8a3f
gmmorris added a commit to gmmorris/kibana that referenced this pull request Mar 24, 2020
@gmmorris
Merge branch 'master' into alerting/tls-warning
1b3d0b4 
* master: (34 commits)
  [APM] add service map config options to legacy plugin (elastic#61002)
  [App Arch] migrate legacy CSS to new platform (core_plugins/kibana_react) (elastic#59882)
  Migrated styles for "share" plugin to new platform (elastic#59981)
  [ML] Module setup with dynamic model memory estimation (elastic#60656)
  Drilldowns (elastic#59632)
  Upgrade mocha dev-dependency from 6.2.2 to 7.1.1 (elastic#60779)
  [SIEM] Overview: Recent cases widget (elastic#60993)
  [ML] Functional tests - stabilize df analytics clone tests (elastic#60497)
  [SIEM] Updates process and TLS tables to use ECS 1.5 fields (elastic#60854)
  Migrate doc view part of discover (elastic#58094)
  Revert "[APM] Collect telemetry about data/API performance (elastic#51612)"
  fix(NA): log rotation watchers usage (elastic#60956)
  [SIEM] [CASES] Build lego blocks case details view (elastic#60864)
  Create Painless Lab app (elastic#57538)
  [SIEM] Move Timeline Template field to first step of rule creation (elastic#60840)
  [Reporting/New Platform Migration] Use a new config service on server-side (elastic#55882)
  [Alerting] allow email action to not require auth (elastic#60839)
  [Maps] Default ES document layer scaling type to clusters and show scaling UI in the create wizard (elastic#60668)
  [APM] Collect telemetry about data/API performance (elastic#51612)
  Implement Kibana Login Selector (elastic#53010)
  ...
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cnasikas cnasikas cnasikas approved these changes

@stephmilovic stephmilovic stephmilovic approved these changes

Assignees

@XavierM XavierM

Labels
release_note:skip Skip the PR/issue when compiling release notes Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.7.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@XavierM @elasticmachine @kibanamachine @stephmilovic @cnasikas @MindyRS