mirror of
https://github.com/elastic/kibana.git
synced 2025-04-22 17:04:01 -04:00
091b5c133b
## Summary Handles elastic/security-team#6971 This PR mainly resolved below 3 issues: ### Rename to `Add To Timeline` control in conversation code blocks to `Investigate in Timeline` - `Add to Timeline` according to existing Security Solution actions means, adding a condition to the timeline with an `OR` clause without affecting the existing Timeline. - But the `Add to Timeline` control in the Security Assistant, creates a new timeline on each action by the user, which contradicts the above workflow. Hence, it might confuse user. - `Investigate in Timeline` already means that a new timeline will be created. ### `Add To Timeline` control was visible on types of codeblock. For example, it does not make sense for a `Query DSL` to have an `Add to Timeline` control. - This PR adds the list of eligible types of queries/code blocks on which `Add To Timeline` action can be added. - Currently, that list only contains `kql`, `dsl` and `eql`. Below is the complete list of types of query that can occur in code blocks. - Please feel free to suggest a change. ``` 'eql' | 'kql' | 'dsl' | 'json' | 'no-type'; ``` ### Lazy calculation of CodeBlockPortals and CodeBlock Action container - To add controls to the conversation code blocks, we need to follow below 2 steps. 1. get the codeBlock containers on which the controls can be added. 2. create portals in the HTML container with our `Add to Timeline` control. - Below are issues these steps sometime created. 1. We get codeBlock container in the `useLayoutEffect` but at the time, all conversations might not have loaded because of which containers are returns as the undefined. 2. Then, we try to create portal in the `undefined` container, which fails and hence, `Add to Timeline` controls are not visible. - Solution: 1. Instead of getting the codeblock container in useLayoutEffect, we get the function which will eventually return that container, whenever we are creating the portal. 2. Converted codeBlock Portal to a callback such that callback can be called during the rendering which makes sure that all needed conversations are available and using above step we can easily get the portal containers. Feel free to let me know if there are any issues with above strategy. ### Better Pattern matching. - Currently, when we are trying to identify the type of codeblock it might result in unexpected output because of below reason. 1. Let say, we are trying to identify KQL Query and for that we use below phrases to match in the `OpenAI` response. `'Kibana Query Language', 'KQL Query'` 2. Because of this, if the `OpenAI` response contains the phrase `KQL query` or `kql query`, that fails because of case senstivity when searching the above phrases. 3. This PR makes that part of pattern matching case insensitive ### Before |
||
|---|---|---|
| .. | ||
| kbn-alerting-state-types | ||
| kbn-elastic-assistant | ||
| kbn-infra-forge | ||
| kbn-random-sampling | ||
| kbn-slo-schema | ||
| maps/vector_tile_utils | ||
| ml | ||
| observability/alert_details | ||
| security-solution | ||