[Security Solution] Refactor Hosts Kpi to use Search Strategy (#77606)

Author: patrykkopycinski

x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/index.ts

@@ -9,6 +9,7 @@ export * from './authentications';
 export * from './common';
 export * from './details';
 export * from './first_last_seen';
+export * from './kpi';
 export * from './overview';
 export * from './uncommon_processes';
 

x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/kpi/authentications/index.ts

@@ -0,0 +1,24 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IEsSearchResponse } from '../../../../../../../../../src/plugins/data/common';
+import { Inspect, Maybe } from '../../../../common';
+import { RequestBasicOptions } from '../../..';
+import { HostsKpiHistogramData } from '../common';
+
+export interface HostsKpiAuthenticationsHistogramCount {
+  doc_count: number;
+}
+
+export type HostsKpiAuthenticationsRequestOptions = RequestBasicOptions;
+
+export interface HostsKpiAuthenticationsStrategyResponse extends IEsSearchResponse {
+  authenticationsSuccess: Maybe<number>;
+  authenticationsSuccessHistogram: Maybe<HostsKpiHistogramData[]>;
+  authenticationsFailure: Maybe<number>;
+  authenticationsFailureHistogram: Maybe<HostsKpiHistogramData[]>;
+  inspect?: Maybe<Inspect>;
+}

x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/kpi/common/index.ts

@@ -0,0 +1,29 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { Maybe } from '../../../../common';
+
+export interface HostsKpiHistogramData {
+  x?: Maybe<number>;
+  y?: Maybe<number>;
+}
+
+export interface HostsKpiHistogram<T> {
+  key_as_string: string;
+  key: number;
+  doc_count: number;
+  count: T;
+}
+
+export interface HostsKpiGeneralHistogramCount {
+  value: number;
+}

x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/kpi/hosts/index.ts

@@ -0,0 +1,18 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IEsSearchResponse } from '../../../../../../../../../src/plugins/data/common';
+import { Inspect, Maybe } from '../../../../common';
+import { RequestBasicOptions } from '../../..';
+import { HostsKpiHistogramData } from '../common';
+
+export type HostsKpiHostsRequestOptions = RequestBasicOptions;
+
+export interface HostsKpiHostsStrategyResponse extends IEsSearchResponse {
+  hosts: Maybe<number>;
+  hostsHistogram: Maybe<HostsKpiHistogramData[]>;
+  inspect?: Maybe<Inspect>;
+}

x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/kpi/index.ts

@@ -0,0 +1,25 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+export * from './authentications';
+export * from './common';
+export * from './hosts';
+export * from './unique_ips';
+
+import { HostsKpiAuthenticationsStrategyResponse } from './authentications';
+import { HostsKpiHostsStrategyResponse } from './hosts';
+import { HostsKpiUniqueIpsStrategyResponse } from './unique_ips';
+
+export enum HostsKpiQueries {
+  kpiAuthentications = 'hostsKpiAuthentications',
+  kpiHosts = 'hostsKpiHosts',
+  kpiUniqueIps = 'hostsKpiUniqueIps',
+}
+
+export type HostsKpiStrategyResponse =
+  | Omit<HostsKpiAuthenticationsStrategyResponse, 'rawResponse'>
+  | Omit<HostsKpiHostsStrategyResponse, 'rawResponse'>
+  | Omit<HostsKpiUniqueIpsStrategyResponse, 'rawResponse'>;

x-pack/plugins/security_solution/common/search_strategy/security_solution/hosts/kpi/unique_ips/index.ts

@@ -0,0 +1,20 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License;
+ * you may not use this file except in compliance with the Elastic License.
+ */
+
+import { IEsSearchResponse } from '../../../../../../../../../src/plugins/data/common';
+import { Inspect, Maybe } from '../../../../common';
+import { RequestBasicOptions } from '../../..';
+import { HostsKpiHistogramData } from '../common';
+
+export type HostsKpiUniqueIpsRequestOptions = RequestBasicOptions;
+
+export interface HostsKpiUniqueIpsStrategyResponse extends IEsSearchResponse {
+  uniqueSourceIps: Maybe<number>;
+  uniqueSourceIpsHistogram: Maybe<HostsKpiHistogramData[]>;
+  uniqueDestinationIps: Maybe<number>;
+  uniqueDestinationIpsHistogram: Maybe<HostsKpiHistogramData[]>;
+  inspect?: Maybe<Inspect>;
+}

x-pack/plugins/security_solution/common/search_strategy/security_solution/index.ts

@@ -20,6 +20,13 @@ import {
   HostsStrategyResponse,
   HostUncommonProcessesStrategyResponse,
   HostUncommonProcessesRequestOptions,
+  HostsKpiQueries,
+  HostsKpiAuthenticationsStrategyResponse,
+  HostsKpiAuthenticationsRequestOptions,
+  HostsKpiHostsStrategyResponse,
+  HostsKpiHostsRequestOptions,
+  HostsKpiUniqueIpsStrategyResponse,
+  HostsKpiUniqueIpsRequestOptions,
 } from './hosts';
 import {
   NetworkQueries,
@@ -70,6 +77,7 @@ export * from './network';
 
 export type FactoryQueryTypes =
   | HostsQueries
+  | HostsKpiQueries
   | NetworkQueries
   | NetworkKpiQueries
   | typeof MatrixHistogramQuery;
@@ -106,6 +114,12 @@ export type StrategyResponseType<T extends FactoryQueryTypes> = T extends HostsQ
   ? HostFirstLastSeenStrategyResponse
   : T extends HostsQueries.uncommonProcesses
   ? HostUncommonProcessesStrategyResponse
+  : T extends HostsKpiQueries.kpiAuthentications
+  ? HostsKpiAuthenticationsStrategyResponse
+  : T extends HostsKpiQueries.kpiHosts
+  ? HostsKpiHostsStrategyResponse
+  : T extends HostsKpiQueries.kpiUniqueIps
+  ? HostsKpiUniqueIpsStrategyResponse
   : T extends NetworkQueries.details
   ? NetworkDetailsStrategyResponse
   : T extends NetworkQueries.dns
@@ -148,6 +162,12 @@ export type StrategyRequestType<T extends FactoryQueryTypes> = T extends HostsQu
   ? HostFirstLastSeenRequestOptions
   : T extends HostsQueries.uncommonProcesses
   ? HostUncommonProcessesRequestOptions
+  : T extends HostsKpiQueries.kpiAuthentications
+  ? HostsKpiAuthenticationsRequestOptions
+  : T extends HostsKpiQueries.kpiHosts
+  ? HostsKpiHostsRequestOptions
+  : T extends HostsKpiQueries.kpiUniqueIps
+  ? HostsKpiUniqueIpsRequestOptions
   : T extends NetworkQueries.details
   ? NetworkDetailsRequestOptions
   : T extends NetworkQueries.dns

x-pack/plugins/security_solution/public/common/components/stat_items/index.test.tsx

@@ -39,8 +39,10 @@ import {
 } from '../../mock';
 import { State, createStore } from '../../store';
 import { Provider as ReduxStoreProvider } from 'react-redux';
-import { KpiHostsData } from '../../../graphql/types';
-import { NetworkKpiStrategyResponse } from '../../../../common/search_strategy';
+import {
+  HostsKpiStrategyResponse,
+  NetworkKpiStrategyResponse,
+} from '../../../../common/search_strategy';
 
 const from = '2019-06-15T06:00:00.000Z';
 const to = '2019-06-18T06:00:00.000Z';
@@ -242,7 +244,7 @@ describe('useKpiMatrixStatus', () => {
     data,
   }: {
     fieldsMapping: Readonly<StatItems[]>;
-    data: NetworkKpiStrategyResponse | KpiHostsData;
+    data: NetworkKpiStrategyResponse | HostsKpiStrategyResponse;
   }) => {
     const statItemsProps: StatItemsProps[] = useKpiMatrixStatus(
       fieldsMapping,

x-pack/plugins/security_solution/public/common/components/stat_items/index.tsx

@@ -18,8 +18,10 @@ import { get, getOr } from 'lodash/fp';
 import React, { useState, useEffect } from 'react';
 import styled from 'styled-components';
 
-import { NetworkKpiStrategyResponse } from '../../../../common/search_strategy';
-import { KpiHostsData } from '../../../graphql/types';
+import {
+  HostsKpiStrategyResponse,
+  NetworkKpiStrategyResponse,
+} from '../../../../common/search_strategy';
 import { AreaChart } from '../charts/areachart';
 import { BarChart } from '../charts/barchart';
 import { ChartSeriesData, ChartData, ChartSeriesConfigs, UpdateDateRange } from '../charts/common';
@@ -113,12 +115,12 @@ export const barchartConfigs = (config?: { onElementClick?: ElementClickListener
 
 export const addValueToFields = (
   fields: StatItem[],
-  data: KpiHostsData | NetworkKpiStrategyResponse
+  data: HostsKpiStrategyResponse | NetworkKpiStrategyResponse
 ): StatItem[] => fields.map((field) => ({ ...field, value: get(field.key, data) }));
 
 export const addValueToAreaChart = (
   fields: StatItem[],
-  data: KpiHostsData | NetworkKpiStrategyResponse
+  data: HostsKpiStrategyResponse | NetworkKpiStrategyResponse
 ): ChartSeriesData[] =>
   fields
     .filter((field) => get(`${field.key}Histogram`, data) != null)
@@ -130,7 +132,7 @@ export const addValueToAreaChart = (
 
 export const addValueToBarChart = (
   fields: StatItem[],
-  data: KpiHostsData | NetworkKpiStrategyResponse
+  data: HostsKpiStrategyResponse | NetworkKpiStrategyResponse
 ): ChartSeriesData[] => {
   if (fields.length === 0) return [];
   return fields.reduce((acc: ChartSeriesData[], field: StatItem, idx: number) => {
@@ -159,7 +161,7 @@ export const addValueToBarChart = (
 
 export const useKpiMatrixStatus = (
   mappings: Readonly<StatItems[]>,
-  data: KpiHostsData | NetworkKpiStrategyResponse,
+  data: HostsKpiStrategyResponse | NetworkKpiStrategyResponse,
   id: string,
   from: string,
   to: string,

x-pack/plugins/security_solution/public/hosts/components/authentications_table/translations.ts

@@ -7,7 +7,7 @@
 import { i18n } from '@kbn/i18n';
 
 export const AUTHENTICATIONS = i18n.translate(
-  'xpack.securitySolution.authenticationsTable.authenticationFailures',
+  'xpack.securitySolution.authenticationsTable.authentications',
   {
     defaultMessage: 'Authentications',
   }