github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[SIEM] Remove Timezone since we are using epoch (#49199)

Browse source 
* We are using epoch time for our query so we should not using timezone with them

* update api integration
This commit is contained in:
Xavier Mouligneau 2019-10-24 14:14:27 -04:00 committed by GitHub
parent f4cf28f2e8
commit 213014bb88
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 220 additions and 251 deletions
Download patch file Download diff file Expand all files Collapse all files

2
x-pack/legacy/plugins/siem/common/graphql/shared/schema.gql.ts
View file

@ -14,8 +14,6 @@ export const sharedSchema = gql`
to: Float!
"The beginning of the timerange"
from: Float!
"The default browser set time zone"
timezone: String
}
type CursorType {

22
x-pack/legacy/plugins/siem/public/components/timeline/helpers.test.tsx
View file

@ -156,7 +156,7 @@ describe('Combined Queries', () => {
})
).toEqual({
filterQuery:
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}],"should":[],"must_not":[]}}',
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}],"should":[],"must_not":[]}}',
});
});
@ -174,7 +174,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -194,7 +194,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521848183232,"lte":1521848183232,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521848183232,"lte":1521848183232}}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -214,7 +214,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521848183232,"lte":1521848183232,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521848183232,"lte":1521848183232}}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -234,7 +234,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"match":{"event.end":1521848183232}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"match":{"event.end":1521848183232}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -254,7 +254,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"match":{"event.end":1521848183232}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"match":{"event.end":1521848183232}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -271,7 +271,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -289,7 +289,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -307,7 +307,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}}]}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}}]}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -327,7 +327,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"bool":{"should":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 3"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"name":"Provider 4"}}],"minimum_should_match":1}}]}}]}},{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 2"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"name":"Provider 5"}}],"minimum_should_match":1}}]}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"should":[{"bool":{"should":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 3"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"name":"Provider 4"}}],"minimum_should_match":1}}]}}]}},{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 2"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"name":"Provider 5"}}],"minimum_should_match":1}}]}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
@ -347,7 +347,7 @@ describe('Combined Queries', () => {
end: endDate,
})!;
expect(filterQuery).toEqual(
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"filter":[{"bool":{"should":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 3"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"name":"Provider 4"}}],"minimum_should_match":1}}]}}]}},{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 2"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"name":"Provider 5"}}],"minimum_should_match":1}}]}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}}]}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132,"time_zone":"America/New_York"}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253,"time_zone":"America/New_York"}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
'{"bool":{"must":[],"filter":[{"bool":{"filter":[{"bool":{"filter":[{"bool":{"should":[{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 1"}}],"minimum_should_match":1}},{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 3"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"name":"Provider 4"}}],"minimum_should_match":1}}]}}]}},{"bool":{"filter":[{"bool":{"should":[{"match_phrase":{"name":"Provider 2"}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"name":"Provider 5"}}],"minimum_should_match":1}}]}}],"minimum_should_match":1}},{"bool":{"should":[{"match_phrase":{"host.name":"host-1"}}],"minimum_should_match":1}}]}},{"bool":{"filter":[{"bool":{"should":[{"range":{"@timestamp":{"gte":1521830963132}}}],"minimum_should_match":1}},{"bool":{"should":[{"range":{"@timestamp":{"lte":1521862432253}}}],"minimum_should_match":1}}]}}]}}],"should":[],"must_not":[]}}'
);
});
});

2
x-pack/legacy/plugins/siem/public/containers/events/events_over_time/index.tsx
View file

@ -56,7 +56,6 @@ class EventsOverTimeComponentQuery extends QueryTemplate<
isInspected,
sourceId,
startDate,
timezone,
} = this.props;
return (
<Query<GetEventsOverTimeQuery.Query, GetEventsOverTimeQuery.Variables>
@ -70,7 +69,6 @@ class EventsOverTimeComponentQuery extends QueryTemplate<
interval: '12h',
from: startDate!,
to: endDate!,
timezone,
},
defaultIndex: chrome.getUiSettingsClient().get(DEFAULT_INDEX_KEY),
inspect: isInspected,

1
x-pack/legacy/plugins/siem/public/containers/query_template.tsx
View file

@ -17,7 +17,6 @@ export interface QueryTemplateProps {
skip?: boolean;
sourceId: string;
startDate?: number;
timezone?: string;
}
// eslint-disable-next-line @typescript-eslint/no-explicit-any
type FetchMoreOptionsArgs<TData, TVariables> = FetchMoreQueryOptions<any, any> &

6
x-pack/legacy/plugins/siem/public/graphql/introspection.json
View file

@ -2351,12 +2351,6 @@
"ofType": { "kind": "SCALAR", "name": "Float", "ofType": null }
},
"defaultValue": null
},
{
"name": "timezone",
"description": "The default browser set time zone",
"type": { "kind": "SCALAR", "name": "String", "ofType": null },
"defaultValue": null
}
],
"interfaces": null,

2
x-pack/legacy/plugins/siem/public/graphql/types.ts
View file

@ -27,8 +27,6 @@ export interface TimerangeInput {
to: number;
/** The beginning of the timerange */
from: number;
/** The default browser set time zone */
timezone?: Maybe<string>;
}
export interface PaginationInputPaginated {

5
x-pack/legacy/plugins/siem/public/lib/keury/index.ts
View file

@ -87,7 +87,10 @@ export const convertToBuildEsQuery = ({
}) => {
try {
return JSON.stringify(
buildEsQuery(indexPattern, queries, filters.filter(f => f.meta.disabled === false), config)
buildEsQuery(indexPattern, queries, filters.filter(f => f.meta.disabled === false), {
...config,
dateFormatTZ: null,
})
);
} catch (exp) {
return '';

2
x-pack/legacy/plugins/siem/public/pages/hosts/hosts.tsx
View file

@ -52,7 +52,7 @@ interface HostsComponentDispatchProps {
}>;
}
export type HostsQueryProps = { timezone?: string } & GlobalTimeArgs;
export type HostsQueryProps = GlobalTimeArgs;
export type HostsComponentProps = HostsComponentReduxProps &
HostsComponentDispatchProps &

2
x-pack/legacy/plugins/siem/public/pages/hosts/hosts_body.tsx
View file

@ -33,7 +33,6 @@ const HostsBodyComponent = memo<HostsBodyComponentProps>(
query,
setAbsoluteRangeDatePicker,
setQuery,
timezone,
to,
}) => {
const core = useKibanaCore();
@ -55,7 +54,6 @@ const HostsBodyComponent = memo<HostsBodyComponentProps>(
skip: isInitializing,
setQuery,
startDate: from,
timezone,
type: hostsModel.HostsType.page,
indexPattern,
narrowDateRange: (score: Anomaly, interval: string) => {

417
x-pack/legacy/plugins/siem/public/pages/hosts/index.tsx
View file

@ -20,8 +20,6 @@ import { HostsTableType } from '../../store/hosts/model';
import { GlobalTime } from '../../containers/global_time';
import { SiemPageName } from '../home/types';
import { Hosts } from './hosts';
import { useKibanaUiSetting } from '../../lib/settings/use_kibana_ui_setting';
import { DEFAULT_TIMEZONE_BROWSER } from '../../../common/constants';
const hostsPagePath = `/:pageName(${SiemPageName.hosts})`;
@ -42,223 +40,214 @@ const getHostDetailsTabPath = (pagePath: string) =>
type Props = Partial<RouteComponentProps<{}>> & { url: string };
export const HostsContainer = React.memo<Props>(({ url }) => {
const [timezone] = useKibanaUiSetting(DEFAULT_TIMEZONE_BROWSER);
return (
<GlobalTime>
{({ to, from, setQuery, deleteQuery, isInitializing }) => (
<Switch>
<Route
strict
exact
path={hostsPagePath}
render={() => (
export const HostsContainer = React.memo<Props>(({ url }) => (
<GlobalTime>
{({ to, from, setQuery, deleteQuery, isInitializing }) => (
<Switch>
<Route
strict
exact
path={hostsPagePath}
render={() => (
<Route
path={hostsPagePath}
render={() => (
<>
<Hosts from={from} to={to} setQuery={setQuery} isInitializing={isInitializing} />
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={HostsQueryTabBody}
/>
</>
)}
/>
)}
/>
<Route
strict
exact
path={getHostsTabPath(hostsPagePath)}
render={() => (
<>
<Hosts from={from} to={to} setQuery={setQuery} isInitializing={isInitializing} />
<Route
path={hostsPagePath}
path={`${hostsPagePath}/:tabName(${HostsTableType.hosts})`}
render={() => (
<>
<Hosts
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
/>
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={HostsQueryTabBody}
/>
</>
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={HostsQueryTabBody}
/>
)}
/>
)}
/>
<Route
strict
exact
path={getHostsTabPath(hostsPagePath)}
render={() => (
<>
<Hosts from={from} to={to} setQuery={setQuery} isInitializing={isInitializing} />
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.hosts})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={HostsQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.authentications})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={AuthenticationsQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.uncommonProcesses})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={UncommonProcessQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.anomalies})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={AnomaliesQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.events})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
timezone={timezone}
setQuery={setQuery}
isInitializing={isInitializing}
children={EventsQueryTabBody}
/>
)}
/>
</>
)}
/>
<Route
strict
exact
path={getHostDetailsTabPath(hostsPagePath)}
render={props => (
<>
<HostDetails
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.hosts})`}
render={() => (
<HostDetailsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={HostsQueryTabBody}
detailName={props.match.params.detailName}
/>
)}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.authentications})`}
render={() => (
<HostDetailsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
children={AuthenticationsQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.uncommonProcesses})`}
render={() => (
<HostDetailsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
children={UncommonProcessQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.anomalies})`}
render={() => (
<HostDetailsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
children={AnomaliesQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.events})`}
render={() => (
<HostDetailsBody
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
children={EventsQueryTabBody}
/>
)}
/>
</>
)}
/>
<Route
path={`${url}/:detailName`}
render={({ location: { search = '' } }) => (
<Redirect
from={`${url}/:detailName`}
to={`${url}/:detailName/${HostsTableType.authentications}${search}`}
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.authentications})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={AuthenticationsQueryTabBody}
/>
)}
/>
)}
/>
<Route
path={`/${SiemPageName.hosts}/`}
render={({ location: { search = '' } }) => (
<Redirect
from={`/${SiemPageName.hosts}/"`}
to={`/${SiemPageName.hosts}/${HostsTableType.hosts}${search}`}
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.uncommonProcesses})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={UncommonProcessQueryTabBody}
/>
)}
/>
)}
/>
</Switch>
)}
</GlobalTime>
);
});
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.anomalies})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={AnomaliesQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:tabName(${HostsTableType.events})`}
render={() => (
<HostsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={EventsQueryTabBody}
/>
)}
/>
</>
)}
/>
<Route
strict
exact
path={getHostDetailsTabPath(hostsPagePath)}
render={props => (
<>
<HostDetails
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.hosts})`}
render={() => (
<HostDetailsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
children={HostsQueryTabBody}
detailName={props.match.params.detailName}
/>
)}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.authentications})`}
render={() => (
<HostDetailsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
children={AuthenticationsQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.uncommonProcesses})`}
render={() => (
<HostDetailsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
children={UncommonProcessQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.anomalies})`}
render={() => (
<HostDetailsBody
deleteQuery={deleteQuery}
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
children={AnomaliesQueryTabBody}
/>
)}
/>
<Route
path={`${hostsPagePath}/:detailName/:tabName(${HostsTableType.events})`}
render={() => (
<HostDetailsBody
from={from}
to={to}
setQuery={setQuery}
isInitializing={isInitializing}
detailName={props.match.params.detailName}
children={EventsQueryTabBody}
/>
)}
/>
</>
)}
/>
<Route
path={`${url}/:detailName`}
render={({ location: { search = '' } }) => (
<Redirect
from={`${url}/:detailName`}
to={`${url}/:detailName/${HostsTableType.authentications}${search}`}
/>
)}
/>
<Route
path={`/${SiemPageName.hosts}/`}
render={({ location: { search = '' } }) => (
<Redirect
from={`/${SiemPageName.hosts}/"`}
to={`/${SiemPageName.hosts}/${HostsTableType.hosts}${search}`}
/>
)}
/>
</Switch>
)}
</GlobalTime>
));
HostsContainer.displayName = 'HostsContainer';

2
x-pack/legacy/plugins/siem/public/pages/hosts/navigation/events_query_tab_body.tsx
View file

@ -21,7 +21,6 @@ export const EventsQueryTabBody = ({
filterQuery,
setQuery,
startDate,
timezone,
updateDateRange = () => {},
}: HostsComponentsQueryProps) => {
return (
@ -31,7 +30,6 @@ export const EventsQueryTabBody = ({
filterQuery={filterQuery}
sourceId="default"
startDate={startDate}
timezone={timezone}
type={hostsModel.HostsType.page}
>
{({ eventsOverTime, loading, id, inspect, refetch, totalCount }) => (

1
x-pack/legacy/plugins/siem/public/pages/hosts/navigation/types.ts
View file

@ -29,7 +29,6 @@ interface QueryTabBodyProps {
type: hostsModel.HostsType;
startDate: number;
endDate: number;
timezone?: string;
filterQuery?: string | ESTermQuery;
}

2
x-pack/legacy/plugins/siem/server/graphql/types.ts
View file

@ -29,8 +29,6 @@ export interface TimerangeInput {
to: number;
/** The beginning of the timerange */
from: number;
/** The default browser set time zone */
timezone?: Maybe<string>;
}
export interface PaginationInputPaginated {

3
x-pack/legacy/plugins/siem/server/lib/events/query.events_over_time.dsl.ts
View file

@ -8,7 +8,7 @@ import { RequestBasicOptions } from '../framework';
export const buildEventsOverTimeQuery = ({
filterQuery,
timerange: { from, timezone, to },
timerange: { from, to },
defaultIndex,
sourceConfiguration: {
fields: { timestamp },
@ -21,7 +21,6 @@ export const buildEventsOverTimeQuery = ({
[timestamp]: {
gte: from,
lte: to,
...(timezone && { time_zone: timezone }),
},
},
},

2
x-pack/test/api_integration/apis/siem/events_over_time.ts
View file

@ -29,7 +29,6 @@ export default function({ getService }: FtrProviderContext) {
interval: '12h',
to: TO,
from: FROM,
timezone: 'America/Denver',
},
defaultIndex: ['auditbeat-*', 'filebeat-*', 'packetbeat-*', 'winlogbeat-*'],
inspect: false,
@ -70,7 +69,6 @@ export default function({ getService }: FtrProviderContext) {
interval: '12h',
to: TO,
from: FROM,
timezone: 'America/Denver',
},
defaultIndex: ['auditbeat-*', 'filebeat-*', 'packetbeat-*', 'winlogbeat-*'],
inspect: false,