I need to give some history here to understand what's going on and why this work is important for the platform and our solutions.
First of all, when RAC started, we wanted to extract timeline to its own plugin because we believed that it will be the flow to investigate alerts and also we were using the table of timeline to render alerts in security solution. We realized really fast that this task won't be feasible without a lot of refactoring of the timeline and the security solution plugin. We decided to just move the timeline table (call t-grid) and keep it identical to what we had (meaning we keep the same interface). Therefore, it will be easier to re-integrate this table inside of the security solution. Then, we got a new directive that the alert table should be integrated with EuiDatagrid. At this point we decided to just delete our table and keep our interface the way it is and integrated with EuiDatagrid. We did it like that to get the job done but it is not clean and complicated to read because we have mix functionalities between security solution and o11y inside of the alert table.
We all think to make the alert table re-usable, we need to simplify and clean up our alerts table. The alert table should do one thing and just rendering alerts. To achieve that, we think we need to do these different steps.

1. First of all, we are going to decouple our search strategy between timeline and alert
   a. Create an alert search strategy with a global filter param (we will adopt the KueryNode interface for this param) and will apply the right consumer so user only see the alerts that they can see. We did agree that this search strategy will return the fields like elasticsearch. assigned to @XavierM
   b. We also create an index fields search strategy to get all the fields associated to an alert index, so user can pick their columns assigned to @XavierM
   c. We will delete/clean up code in timeline plugin assigned to @kqualters-elastic
2. We will simplify the interface of the alerts table by analyzing the old interface and proposed a new interface where solutions and platform agree on. @YulNaumenko already started on this endeavor ❤️
3. Security solution will create a new facade around the new alerts table to keep the same functionality like additional filter, analyzer view etc assigned to @kqualters-elastic (he will need helps)
   a. Move back all the actions associated to security solution inside of security solution plugins
   b. Move back hooks
   c. Move back hover actions ​
4. Security solution will re-integrate the timeline table with the events and external alerts on the host and network page. assigned to @andrew-goldstein
   ​a. We will refactor and clean up some of the code of timeline in security solution plugin to make the integration easier
5. We will move all the actions associated to Cases from timeline plugin to cases plugin assigned to @cnasikas 's team
6. Move back all the actions associated to security solution from timelines to security solution plugins > assigned to @kqualters-elastic
7. Move alerts table + field browser component in alerting plugins (needs help here, let's discuss)