github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 09:48:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

[8.x] [SecuritySolution] Fix entities list initial sorting (#197465) (#197657)

Browse source 
# Backport

This will backport the following commits from `main` to `8.x`:
- [[SecuritySolution] Fix entities list initial sorting
(#197465)](https://github.com/elastic/kibana/pull/197465)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Pablo
Machado","email":"pablo.nevesmachado@elastic.co"},"sourceCommit":{"committedDate":"2024-10-24T14:04:13Z","message":"[SecuritySolution]
Fix entities list initial sorting (#197465)\n\n## Summary\r\n\r\nThe
entity list initial sorting wasn't working because it referenced
an\r\nold
field.","sha":"7a8d813a9ccb3dcb3aa8c7524f2e07f8d0ce5781","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:
SecuritySolution","Theme: entity_analytics","Feature:Entity
Analytics","Team:Entity
Analytics","v8.16.0","backport:version","v8.17.0"],"title":"[SecuritySolution]
Fix entities list initial
sorting","number":197465,"url":"https://github.com/elastic/kibana/pull/197465","mergeCommit":{"message":"[SecuritySolution]
Fix entities list initial sorting (#197465)\n\n## Summary\r\n\r\nThe
entity list initial sorting wasn't working because it referenced
an\r\nold
field.","sha":"7a8d813a9ccb3dcb3aa8c7524f2e07f8d0ce5781"}},"sourceBranch":"main","suggestedTargetBranches":["8.16","8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/197465","number":197465,"mergeCommit":{"message":"[SecuritySolution]
Fix entities list initial sorting (#197465)\n\n## Summary\r\n\r\nThe
entity list initial sorting wasn't working because it referenced
an\r\nold
field.","sha":"7a8d813a9ccb3dcb3aa8c7524f2e07f8d0ce5781"}},{"branch":"8.16","label":"v8.16.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.x","label":"v8.17.0","branchLabelMappingKey":"^v8.17.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Pablo Machado <pablo.nevesmachado@elastic.co>
This commit is contained in:
Kibana Machine 2024-10-25 02:47:48 +11:00 committed by GitHub
parent cf3c3e6c7d
commit ccc7398809
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 123 additions and 104 deletions
Download patch file Download diff file Expand all files Collapse all files

2
x-pack/plugins/security_solution/public/entity_analytics/components/entity_store/entities_list.tsx
View file

@ -34,7 +34,7 @@ export const EntitiesList: React.FC = () => {
const [limit, setLimit] = useState(10);
const { toggleStatus } = useQueryToggle(ENTITIES_LIST_TABLE_ID);
const [sorting, setSorting] = useState({
field: 'entity.last_seen_timestamp',
field: '@timestamp',
direction: Direction.desc,
});

2
x-pack/plugins/security_solution/server/lib/entity_analytics/entity_store/routes/entities/list.ts
View file

@ -53,7 +53,7 @@ export const listEntitiesRoute = (router: EntityAnalyticsRoutesDeps['router'], l
const {
page = 1,
per_page: perPage = 10,
sort_field: sortField = 'entity.last_seen_timestamp',
sort_field: sortField = '@timestamp',
sort_order: sortOrder = 'desc',
entities_types: entityTypes,
filterQuery,

32
x-pack/test/functional/es_archives/security_solution/entity_store/data.json
View file

@ -4,6 +4,7 @@
"id": "a4cf452c1e0375c3d4412cb550ad1783358468a3b3b777da4829d72c7d6fb74f",
"index": ".entities.v1.latest.security_user_default",
"source": {
"@timestamp": "2024-09-11T11:24:15.588Z",
"event": {
"ingested": "2024-09-11T11:26:49.706875Z"
},
@ -17,16 +18,10 @@
"hash": []
},
"entity": {
"last_seen_timestamp": "2024-09-11T11:24:15.588Z",
"schema_version": "v1",
"definition_version": "1.0.0",
"display_name": "hinamatsumoto",
"identity_fields": [
"user.name"
],
"id": "LBQAgKHGmpup0Kg9nlKmeQ==",
"type": "node",
"definition_id": "security_user_default"
"name": "hinamatsumoto",
"id": "hinamatsumoto",
"type": "user",
"source": ".ds-logs-endpoint.alerts-default-2024.10.23-000001"
}
}
}
@ -38,6 +33,7 @@
"id": "a2cf452c1e0375c3d4412cb550bd1783358468a3b3b777da4829d72c7d6fb71f",
"index": ".entities.v1.latest.security_host_default",
"source": {
"@timestamp": "2024-09-11T11:24:15.591Z",
"event": {
"ingested": "2024-09-11T11:26:49.641707Z"
},
@ -67,17 +63,11 @@
]
},
"entity": {
"last_seen_timestamp": "2024-09-11T11:24:15.591Z",
"schema_version": "v1",
"definition_version": "1.0.0",
"display_name": "ali-ubuntu-server",
"identity_fields": [
"host.name"
],
"id": "ZXKm6GEcUJY6NHkMgPPmGQ==",
"type": "node",
"definition_id": "security_host_default"
"name": "ali-ubuntu-server",
"id": "ali-ubuntu-server",
"type": "host",
"source": ".ds-logs-endpoint.events.process-default-2024.10.23-000001"
}
}
}
}
}

191
x-pack/test/functional/es_archives/security_solution/entity_store/mappings.json
View file

@ -33,17 +33,27 @@
}
],
"properties": {
"@timestamp": {
"type": "date"
},
"asset": {
"properties": {
"criticality": {
"type": "keyword"
}
}
},
"entity": {
"properties": {
"definition_id": {
"definitionId": {
"type": "keyword",
"ignore_above": 1024
},
"definition_version": {
"definitionVersion": {
"type": "keyword",
"ignore_above": 1024
},
"display_name": {
"displayName": {
"type": "text",
"fields": {
"keyword": {
@ -52,20 +62,34 @@
}
}
},
"firstSeenTimestamp": {
"type": "date"
},
"id": {
"type": "keyword",
"ignore_above": 1024
},
"identity_fields": {
"identityFields": {
"type": "keyword"
},
"last_seen_timestamp": {
"lastSeenTimestamp": {
"type": "date"
},
"schema_version": {
"name": {
"type": "text",
"fields": {
"text": {
"type": "keyword"
}
}
},
"schemaVersion": {
"type": "keyword",
"ignore_above": 1024
},
"source": {
"type": "keyword"
},
"type": {
"type": "keyword",
"ignore_above": 1024
@ -82,58 +106,41 @@
"host": {
"properties": {
"architecture": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"domain": {
"type": "keyword"
},
"hostname": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"id": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"ip": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "ip"
},
"mac": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
"type": "keyword"
},
"name": {
"type": "keyword"
},
"risk": {
"properties": {
"calculated_level": {
"type": "keyword"
},
"calculated_score": {
"type": "float"
},
"calculated_score_norm": {
"type": "float"
}
}
},
"name": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": {
"type": "keyword"
}
}
},
@ -191,17 +198,27 @@
}
],
"properties": {
"@timestamp": {
"type": "date"
},
"asset": {
"properties": {
"criticality": {
"type": "keyword"
}
}
},
"entity": {
"properties": {
"definition_id": {
"definitionId": {
"type": "keyword",
"ignore_above": 1024
},
"definition_version": {
"definitionVersion": {
"type": "keyword",
"ignore_above": 1024
},
"display_name": {
"displayName": {
"type": "text",
"fields": {
"keyword": {
@ -210,20 +227,34 @@
}
}
},
"firstSeenTimestamp": {
"type": "date"
},
"id": {
"type": "keyword",
"ignore_above": 1024
},
"identity_fields": {
"identityFields": {
"type": "keyword"
},
"last_seen_timestamp": {
"lastSeenTimestamp": {
"type": "date"
},
"schema_version": {
"name": {
"type": "text",
"fields": {
"text": {
"type": "keyword"
}
}
},
"schemaVersion": {
"type": "keyword",
"ignore_above": 1024
},
"source": {
"type": "keyword"
},
"type": {
"type": "keyword",
"ignore_above": 1024
@ -247,40 +278,38 @@
"user": {
"properties": {
"domain": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"email": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"full_name": {
"type": "keyword"
},
"hash": {
"type": "keyword"
},
"id": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
"type": "keyword"
},
"name": {
"type": "keyword"
},
"risk": {
"properties": {
"calculated_level": {
"type": "keyword"
},
"calculated_score": {
"type": "float"
},
"calculated_score_norm": {
"type": "float"
}
}
},
"name": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"roles": {
"type": "keyword"
}
}
}
@ -294,4 +323,4 @@
}
}
}
}
}