Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Fix signals index initialization bug #123087

Merged
merged 4 commits into from
Jan 17, 2022
Merged

[Security Solution] Fix signals index initialization bug #123087

merged 4 commits into from
Jan 17, 2022

Conversation

stephmilovic
Copy link
Contributor

Summary

See here: #122958

We need to poll for the signals index between when it a rule is created and the first alert is written. Before we were doing this by polling when the user hits search as we were counting on the user hitting refresh to see their very first alerts on the Rule Details page after it was created. However, if you navigate away from the Rule Details page and back to the alerts page, the Alerts query will rerun but the poll for the signals index will not. I fixed this by polling on the Sourcerer component itself when this condition is true.

Checklist

@stephmilovic stephmilovic added v8.0.0 release_note:skip Skip the PR/issue when compiling release notes Team:Threat Hunting Security Solution Threat Hunting Team auto-backport Deprecated - use backport:version if exact versions are needed v8.1.0 Team:Threat Hunting:Explore labels Jan 14, 2022
@stephmilovic stephmilovic requested a review from a team as a code owner January 14, 2022 21:16
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@stephmilovic stephmilovic changed the title [Security Solution] bugfix 122958 [Security Solution] Fix signals index initialization bug Jan 14, 2022
@stephmilovic stephmilovic requested a review from a team January 14, 2022 21:19
madirey
madirey approved these changes Jan 15, 2022
View reviewed changes
Copy link
Contributor

@madirey madirey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No longer able to reproduce the bug... looks good!

@MadameSheema
Copy link
Member

@elasticmachine merge upstream

@kibana-ci
Copy link
Collaborator

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 4.6MB 4.6MB +281.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@MadameSheema
Copy link
Member

I have tested this as well on my local and looks fine.

@stephmilovic there is just a little detail I would like to double-check with you when you have time (it is not something that should block the merge)

semd
semd approved these changes Jan 17, 2022
View reviewed changes
Copy link
Contributor

@semd semd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code LGTM. Tested locally ✅

@stephmilovic stephmilovic merged commit fef96e9 into elastic:main Jan 17, 2022
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Jan 17, 2022
@stephmilovic @kibanamachine
[Security Solution] Fix signals index initialization bug (elastic#123087
5372316 
)

(cherry picked from commit fef96e9)
@kibanamachine kibanamachine mentioned this pull request Jan 17, 2022
Merged
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.0

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

kibanamachine added a commit that referenced this pull request Jan 17, 2022
@kibanamachine @stephmilovic
[Security Solution] Fix signals index initialization bug (#123087) (#…
daf372a 
…123175)

(cherry picked from commit fef96e9)

Co-authored-by: Steph Milovic <stephanie.milovic@elastic.co>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@semd semd semd approved these changes

@madirey madirey madirey approved these changes

Assignees
No one assigned
Labels
auto-backport Deprecated - use backport:version if exact versions are needed release_note:skip Skip the PR/issue when compiling release notes Team:Threat Hunting:Explore Team:Threat Hunting Security Solution Threat Hunting Team v8.0.0 v8.1.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@stephmilovic @elasticmachine @MadameSheema @kibana-ci @kibanamachine @madirey @semd