github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Entity Analytics] [Entity Store] Show errors on entity store enablement (#198263)

Browse source 
## Summary

This PR adds user feedback for errors that happen when enabling the
entity store.
Any errors during the async setup of store resources will show up as
toasts, whist initial INIT request failures will appear as an error
callout.

![Screenshot 2024-10-29 at 16 48
03](https://github.com/user-attachments/assets/12aa9af3-1e27-44b1-85e5-5053255bd333)
![Screenshot 2024-10-29 at 16 47
19](https://github.com/user-attachments/assets/31790981-599b-4fba-a423-b75e31dbe7be)

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Tiago Vila Verde 2024-10-31 04:44:43 +01:00 committed by GitHub
parent 4e7d43a031
commit 4538481be0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
11 changed files with 107 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
oas_docs/output/kibana.serverless.yaml
View file

@ -48345,6 +48345,8 @@ components:
Security_Entity_Analytics_API_EngineDescriptor:
type: object
properties:
error:
type: object
fieldHistoryLength:
type: integer
filter:

2
oas_docs/output/kibana.yaml
View file

@ -56730,6 +56730,8 @@ components:
Security_Entity_Analytics_API_EngineDescriptor:
type: object
properties:
error:
type: object
fieldHistoryLength:
type: integer
filter:

1
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/common.gen.ts
View file

@ -36,6 +36,7 @@ export const EngineDescriptor = z.object({
status: EngineStatus,
filter: z.string().optional(),
fieldHistoryLength: z.number().int(),
error: z.object({}).optional(),
});
export type InspectQuery = z.infer<typeof InspectQuery>;

2
x-pack/plugins/security_solution/common/api/entity_analytics/entity_store/common.schema.yaml
View file

@ -30,6 +30,8 @@ components:
type: string
fieldHistoryLength:
type: integer
error:
type: object
EngineStatus:
type: string

2
x-pack/plugins/security_solution/docs/openapi/ess/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml
View file

@ -785,6 +785,8 @@ components:
EngineDescriptor:
type: object
properties:
error:
type: object
fieldHistoryLength:
type: integer
filter:

2
x-pack/plugins/security_solution/docs/openapi/serverless/security_solution_entity_analytics_api_2023_10_31.bundled.schema.yaml
View file

@ -785,6 +785,8 @@ components:
EngineDescriptor:
type: object
properties:
error:
type: object
fieldHistoryLength:
type: integer
filter:

62
x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/components/dashboard_panels.tsx
View file

@ -15,6 +15,7 @@ import {
EuiLoadingLogo,
EuiPanel,
EuiImage,
EuiCallOut,
} from '@elastic/eui';
import { FormattedMessage } from '@kbn/i18n-react';
@ -50,9 +51,25 @@ const EntityStoreDashboardPanelsComponent = () => {
const entityStore = useEntityEngineStatus();
const riskEngineStatus = useRiskEngineStatus();
const { enable: enableStore } = useEntityStoreEnablement();
const { enable: enableStore, query } = useEntityStoreEnablement();
const { mutate: initRiskEngine } = useInitRiskEngineMutation();
const callouts = entityStore.errors.map((err, i) => (
<EuiCallOut
title={
<FormattedMessage
id="xpack.securitySolution.entityAnalytics.entityStore.enablement.errors.title"
defaultMessage={'An error occurred during entity store resource initialization'}
/>
}
color="danger"
iconType="error"
>
<p>{err?.message}</p>
</EuiCallOut>
));
const enableEntityStore = (enable: Enablements) => () => {
setModalState({ visible: false });
if (enable.riskScore) {
@ -74,6 +91,26 @@ const EntityStoreDashboardPanelsComponent = () => {
}
};
if (query.error) {
return (
<>
<EuiCallOut
title={
<FormattedMessage
id="xpack.securitySolution.entityAnalytics.entityStore.enablement.errors.queryErrorTitle"
defaultMessage={'There was a problem initializing the entity store'}
/>
}
color="danger"
iconType="error"
>
<p>{(query.error as { body: { message: string } }).body.message}</p>
</EuiCallOut>
{callouts}
</>
);
}
if (entityStore.status === 'loading') {
return (
<EuiPanel hasBorder>
@ -110,6 +147,29 @@ const EntityStoreDashboardPanelsComponent = () => {
return (
<EuiFlexGroup direction="column" data-test-subj="entityStorePanelsGroup">
{entityStore.status === 'error' && isRiskScoreAvailable && (
<>
{callouts}
<EuiFlexItem>
<EntityAnalyticsRiskScores riskEntity={RiskScoreEntity.user} />
</EuiFlexItem>
<EuiFlexItem>
<EntityAnalyticsRiskScores riskEntity={RiskScoreEntity.host} />
</EuiFlexItem>
</>
)}
{entityStore.status === 'error' && !isRiskScoreAvailable && (
<>
{callouts}
<EuiFlexItem>
<EnableEntityStore
onEnable={() => setModalState({ visible: true })}
loadingRiskEngine={riskEngineInitializing}
enablements="riskScore"
/>
</EuiFlexItem>
</>
)}
{entityStore.status === 'enabled' && isRiskScoreAvailable && (
<>
<EuiFlexItem>

13
x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entity_engine_status.ts
View file

@ -17,6 +17,10 @@ interface Options {
polling?: UseQueryOptions<ListEntityEnginesResponse>['refetchInterval'];
}
interface EngineError {
message: string;
}
export const useEntityEngineStatus = (opts: Options = {}) => {
// QUESTION: Maybe we should have an `EnablementStatus` API route for this?
const { listEntityEngines } = useEntityStoreRoutes();
@ -33,6 +37,10 @@ export const useEntityEngineStatus = (opts: Options = {}) => {
return 'not_installed';
}
if (data?.engines?.some((engine) => engine.status === 'error')) {
return 'error';
}
if (data?.engines?.every((engine) => engine.status === 'stopped')) {
return 'stopped';
}
@ -52,7 +60,12 @@ export const useEntityEngineStatus = (opts: Options = {}) => {
return 'enabled';
})();
const errors = (data?.engines
?.filter((engine) => engine.status === 'error')
.map((engine) => engine.error) ?? []) as EngineError[];
return {
status,
errors,
};
};

6
x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/hooks/use_entity_store.ts
View file

@ -41,7 +41,7 @@ export const useEntityStoreEnablement = () => {
});
const { initEntityStore } = useEntityStoreRoutes();
const { refetch: initialize } = useQuery({
const { refetch: initialize, ...query } = useQuery({
queryKey: [ENTITY_STORE_ENABLEMENT_INIT],
queryFn: async () =>
initEntityStore('user').then((usr) => initEntityStore('host').then((host) => [usr, host])),
@ -52,10 +52,10 @@ export const useEntityStoreEnablement = () => {
telemetry?.reportEntityStoreInit({
timestamp: new Date().toISOString(),
});
initialize().then(() => setPolling(true));
return initialize().then(() => setPolling(true));
}, [initialize, telemetry]);
return { enable };
return { enable, query };
};
export const INIT_ENTITY_ENGINE_STATUS_KEY = ['POST', 'INIT_ENTITY_ENGINE'];

19
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/entity_store_data_client.ts
View file

@ -290,7 +290,14 @@ export class EntityStoreDataClient {
error: err.message,
});
await this.engineClient.update(entityType, ENGINE_STATUS.ERROR);
await this.engineClient.update(entityType, {
status: ENGINE_STATUS.ERROR,
error: {
message: err.message,
stack: err.stack,
action: 'init',
},
});
await this.delete(entityType, taskManager, { deleteData: true, deleteEngine: false });
}
@ -335,7 +342,7 @@ export class EntityStoreDataClient {
await this.entityClient.startEntityDefinition(fullEntityDefinition);
this.log('debug', entityType, `Started entity definition`);
return this.engineClient.update(entityType, ENGINE_STATUS.STARTED);
return this.engineClient.updateStatus(entityType, ENGINE_STATUS.STARTED);
}
public async stop(entityType: EntityType) {
@ -362,7 +369,7 @@ export class EntityStoreDataClient {
await this.entityClient.stopEntityDefinition(fullEntityDefinition);
this.log('debug', entityType, `Stopped entity definition`);
return this.engineClient.update(entityType, ENGINE_STATUS.STOPPED);
return this.engineClient.updateStatus(entityType, ENGINE_STATUS.STOPPED);
}
public async get(entityType: EntityType) {
@ -560,7 +567,7 @@ export class EntityStoreDataClient {
}
// Update savedObject status
await this.engineClient.update(engine.type, ENGINE_STATUS.UPDATING);
await this.engineClient.updateStatus(engine.type, ENGINE_STATUS.UPDATING);
try {
// Update entity manager definition
@ -573,12 +580,12 @@ export class EntityStoreDataClient {
});
// Restore the savedObject status and set the new index pattern
await this.engineClient.update(engine.type, originalStatus);
await this.engineClient.updateStatus(engine.type, originalStatus);
return { type: engine.type, changes: { indexPatterns } };
} catch (error) {
// Rollback the engine initial status when the update fails
await this.engineClient.update(engine.type, originalStatus);
await this.engineClient.updateStatus(engine.type, originalStatus);
throw error;
}

8
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/saved_object/engine_descriptor.ts
View file

@ -78,17 +78,21 @@ export class EngineDescriptorClient {
return attributes;
}
async update(entityType: EntityType, status: EngineStatus) {
async update(entityType: EntityType, engine: Partial<EngineDescriptor>) {
const id = this.getSavedObjectId(entityType);
const { attributes } = await this.deps.soClient.update<EngineDescriptor>(
entityEngineDescriptorTypeName,
id,
{ status },
engine,
{ refresh: 'wait_for' }
);
return attributes;
}
async updateStatus(entityType: EntityType, status: EngineStatus) {
return this.update(entityType, { status });
}
async find(entityType: EntityType): Promise<SavedObjectsFindResponse<EngineDescriptor>> {
return this.deps.soClient.find<EngineDescriptor>({
type: entityEngineDescriptorTypeName,