github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

Make only a single api request for exceptions when opening an alert in timeline (#130941)

Browse source
This commit is contained in:
Kevin Qualters 2022-04-26 18:27:09 -04:00 committed by GitHub
parent e9328920e7
commit 330dbbe304
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 39 additions and 38 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.github/CODEOWNERS vendored
View file

@ -415,6 +415,7 @@
/x-pack/plugins/security_solution/cypress/integration/urls @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/common/components/alerts_viewer @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/detections/components/alerts_table/timeline_action @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/common/components/event_details @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/common/components/events_viewer @elastic/security-threat-hunting-investigations
/x-pack/plugins/security_solution/public/common/components/markdown_editor @elastic/security-threat-hunting-investigations

76
x-pack/plugins/security_solution/public/detections/components/alerts_table/timeline_actions/use_investigate_in_timeline.tsx
View file

@ -14,7 +14,7 @@ import { ALERT_RULE_EXCEPTIONS_LIST } from '@kbn/rule-data-utils';
import {
ExceptionListIdentifiers,
ExceptionListItemSchema,
ReadExceptionListSchema,
ExceptionListTypeEnum,
} from '@kbn/securitysolution-io-ts-list-types';
import { useApi } from '@kbn/securitysolution-list-hooks';
@ -51,48 +51,48 @@ export const useInvestigateInTimeline = ({
const getExceptions = useCallback(
async (ecsData: Ecs): Promise<ExceptionListItemSchema[]> => {
const exceptionsLists: ReadExceptionListSchema[] = (
getField(ecsData, ALERT_RULE_EXCEPTIONS_LIST) ?? []
)
.map((list: string) => JSON.parse(list))
.filter((list: ExceptionListIdentifiers) => list.type === 'detection');
const exceptionsLists = (getField(ecsData, ALERT_RULE_EXCEPTIONS_LIST) ?? []).reduce(
(acc: ExceptionListIdentifiers[], next: string) => {
const parsedList = JSON.parse(next);
if (parsedList.type === 'detection') {
const formattedList = {
id: parsedList.id,
listId: parsedList.list_id,
type: ExceptionListTypeEnum.DETECTION,
namespaceType: parsedList.namespace_type,
};
acc.push(formattedList);
}
return acc;
},
[]
);
const allExceptions: ExceptionListItemSchema[] = [];
if (exceptionsLists.length > 0) {
for (const list of exceptionsLists) {
if (list.id && list.list_id && list.namespace_type) {
await getExceptionListsItems({
lists: [
{
id: list.id,
listId: list.list_id,
type: 'detection',
namespaceType: list.namespace_type,
},
],
filterOptions: [],
pagination: {
page: 0,
perPage: 10000,
total: 10000,
},
showDetectionsListsOnly: true,
showEndpointListsOnly: false,
onSuccess: ({ exceptions }) => {
allExceptions.push(...exceptions);
},
onError: (err: string[]) => {
addError(err, {
title: i18n.translate(
'xpack.securitySolution.detectionEngine.alerts.fetchExceptionsFailure',
{ defaultMessage: 'Error fetching exceptions.' }
),
});
},
await getExceptionListsItems({
lists: exceptionsLists,
filterOptions: [],
pagination: {
page: 0,
perPage: 10000,
total: 10000,
},
showDetectionsListsOnly: true,
showEndpointListsOnly: false,
onSuccess: ({ exceptions }) => {
allExceptions.push(...exceptions);
},
onError: (err: string[]) => {
addError(err, {
title: i18n.translate(
'xpack.securitySolution.detectionEngine.alerts.fetchExceptionsFailure',
{ defaultMessage: 'Error fetching exceptions.' }
),
});
}
}
},
});
}
return allExceptions;
},