[Security Solution] Siem migrations UI telemetry #209633
Merged
+520
−165
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
semd
changed the title
…emetry_onboarding_page
…emetry_onboarding_page
semd
added
v9.0.0
Team:Threat Hunting
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
michaelolo24
reviewed
Feb 7, 2025
...curity/plugins/security_solution/public/common/lib/telemetry/events/siem_migrations/types.ts
Outdated
Show resolved
Hide resolved
michaelolo24
reviewed
Feb 7, 2025
| @@ -15,6 +15,7 @@ import { manualRuleRunTelemetryEvents } from './manual_rule_run'; | |||
| import { notesTelemetryEvents } from './notes'; | |||
| import { onboardingHubTelemetryEvents } from './onboarding'; | |||
| import { previewRuleTelemetryEvents } from './preview_rule'; | |||
| import { siemMigrationsTelemetryEvents } from './siem_migrations'; | |||
|
|
|||
| export const telemetryEvents = [ | |||
There was a problem hiding this comment.
As an aside, just realized we have no way of identifying if we have naming collisions in the telemetry event types. It shouldn't really ever happen since the naming is pretty well isolated, but in the future may be worth adding some check for that
There was a problem hiding this comment.
I added the test here 671771f
michaelolo24
reviewed
Feb 7, 2025
| } | ||
| this.telemetry.reportSetupMigrationCreated({ migrationId, rulesCount }); | ||
| return migrationId as string; | ||
| } catch (error) { |
There was a problem hiding this comment.
Just confirming you want the batch processing to stop in the event of an error, rather than just moving on to the next batch?
There was a problem hiding this comment.
Yes, I think that's fine for now. Since the migrationId is passed back to the API once the first batch is created, I decided it's better to stop if there's an error, to avoid creating multiple migrations if something goes wrong.
We can improve this error handling later though.
michaelolo24
reviewed
Feb 7, 2025
| this.telemetryService.reportEvent(SiemMigrationsEventTypes.TranslatedRuleInstall, { | ||
| migrationId: ruleMigration.migration_id, | ||
| ruleMigrationId: ruleMigration.id, | ||
| author: elasticRule?.prebuilt_rule_id ? 'elastic' : 'custom', |
There was a problem hiding this comment.
nit, consider raising the logic here out of reportEvent
const prebuiltRuleConfig = { author: 'elastic' };
if (elasticRule?.prebuilt_rule_id) {
prebuiltRuleConfig.author = 'custom';
prebuiltRuleConfig.prebuiltRule = { id: elasticRule.prebuilt_rule_id, title: elasticRule.title };
}
...
{
...prebuiltRuleConfig
}
michaelolo24
approved these changes
Feb 7, 2025
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]Module Count
Async chunks
Page load bundle
History
cc @semd |
|
Starting backport for target branches: 8.18, 8.x, 9.0 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Feb 10, 2025
## Summary
Created a telemetry client with all SIEM migration telemetry events.
And added the calls to track them
### New events
```ts
SetupConnectorSelected {
connectorType: string;
connectorId: string;
}
SetupMigrationOpenNew {
isFirstMigration: boolean;
}
SetupMigrationOpenResources {
migrationId: string;
missingResourcesCount: number;
}
SetupRulesQueryCopied {
migrationId?: string;
}
SetupMigrationCreated {
migrationId?: string;
rulesCount: number;
result: 'success' | 'failed';
errorMessage?: string;
}
SetupMacrosQueryCopied {
migrationId: string;
}
SetupLookupNameCopied {
migrationId: string;
}
SetupResourcesUploaded {
migrationId: string;
type: 'macro' | 'lookup';
count: number;
result: 'success' | 'failed';
errorMessage?: string;
}
StartTranslation {
migrationId: string;
connectorId: string;
isRetry: boolean;
retryFilter?: 'failed' | 'not_fully_translated';
result: 'success' | 'failed';
errorMessage?: string;
}
```
### Existing events (Translated rules actions):
Also integrated into the telemetry client
```ts
TranslatedRuleUpdate {
migrationId: string;
ruleMigrationId: string;
}
TranslatedRuleInstall {
migrationId: string;
ruleMigrationId: string;
author: 'elastic' | 'custom';
enabled: boolean;
prebuiltRule?: {
id: string;
title: string;
};
}
TranslatedRuleBulkInstall {
migrationId: string;
enabled: boolean;
count: number;
}
```
(cherry picked from commit bcc5389)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Feb 10, 2025
## Summary
Created a telemetry client with all SIEM migration telemetry events.
And added the calls to track them
### New events
```ts
SetupConnectorSelected {
connectorType: string;
connectorId: string;
}
SetupMigrationOpenNew {
isFirstMigration: boolean;
}
SetupMigrationOpenResources {
migrationId: string;
missingResourcesCount: number;
}
SetupRulesQueryCopied {
migrationId?: string;
}
SetupMigrationCreated {
migrationId?: string;
rulesCount: number;
result: 'success' | 'failed';
errorMessage?: string;
}
SetupMacrosQueryCopied {
migrationId: string;
}
SetupLookupNameCopied {
migrationId: string;
}
SetupResourcesUploaded {
migrationId: string;
type: 'macro' | 'lookup';
count: number;
result: 'success' | 'failed';
errorMessage?: string;
}
StartTranslation {
migrationId: string;
connectorId: string;
isRetry: boolean;
retryFilter?: 'failed' | 'not_fully_translated';
result: 'success' | 'failed';
errorMessage?: string;
}
```
### Existing events (Translated rules actions):
Also integrated into the telemetry client
```ts
TranslatedRuleUpdate {
migrationId: string;
ruleMigrationId: string;
}
TranslatedRuleInstall {
migrationId: string;
ruleMigrationId: string;
author: 'elastic' | 'custom';
enabled: boolean;
prebuiltRule?: {
id: string;
title: string;
};
}
TranslatedRuleBulkInstall {
migrationId: string;
enabled: boolean;
count: number;
}
```
(cherry picked from commit bcc5389)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Feb 10, 2025
## Summary
Created a telemetry client with all SIEM migration telemetry events.
And added the calls to track them
### New events
```ts
SetupConnectorSelected {
connectorType: string;
connectorId: string;
}
SetupMigrationOpenNew {
isFirstMigration: boolean;
}
SetupMigrationOpenResources {
migrationId: string;
missingResourcesCount: number;
}
SetupRulesQueryCopied {
migrationId?: string;
}
SetupMigrationCreated {
migrationId?: string;
rulesCount: number;
result: 'success' | 'failed';
errorMessage?: string;
}
SetupMacrosQueryCopied {
migrationId: string;
}
SetupLookupNameCopied {
migrationId: string;
}
SetupResourcesUploaded {
migrationId: string;
type: 'macro' | 'lookup';
count: number;
result: 'success' | 'failed';
errorMessage?: string;
}
StartTranslation {
migrationId: string;
connectorId: string;
isRetry: boolean;
retryFilter?: 'failed' | 'not_fully_translated';
result: 'success' | 'failed';
errorMessage?: string;
}
```
### Existing events (Translated rules actions):
Also integrated into the telemetry client
```ts
TranslatedRuleUpdate {
migrationId: string;
ruleMigrationId: string;
}
TranslatedRuleInstall {
migrationId: string;
ruleMigrationId: string;
author: 'elastic' | 'custom';
enabled: boolean;
prebuiltRule?: {
id: string;
title: string;
};
}
TranslatedRuleBulkInstall {
migrationId: string;
enabled: boolean;
count: number;
}
```
(cherry picked from commit bcc5389)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Feb 10, 2025
…0403) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Siem migrations UI telemetry (#209633)](#209633) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sergi Massaneda","email":"sergi.massaneda@elastic.co"},"sourceCommit":{"committedDate":"2025-02-10T15:10:38Z","message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat Hunting","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Siem migrations UI telemetry","number":209633,"url":"https://github.com/elastic/kibana/pull/209633","mergeCommit":{"message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/209633","number":209633,"mergeCommit":{"message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Sergi Massaneda <sergi.massaneda@elastic.co>
kibanamachine
added a commit
that referenced
this pull request
Feb 10, 2025
…10402) # Backport This will backport the following commits from `main` to `8.18`: - [[Security Solution] Siem migrations UI telemetry (#209633)](#209633) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sergi Massaneda","email":"sergi.massaneda@elastic.co"},"sourceCommit":{"committedDate":"2025-02-10T15:10:38Z","message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat Hunting","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Siem migrations UI telemetry","number":209633,"url":"https://github.com/elastic/kibana/pull/209633","mergeCommit":{"message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/209633","number":209633,"mergeCommit":{"message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Sergi Massaneda <sergi.massaneda@elastic.co>
kibanamachine
added a commit
that referenced
this pull request
Feb 10, 2025
…0404) # Backport This will backport the following commits from `main` to `9.0`: - [[Security Solution] Siem migrations UI telemetry (#209633)](#209633) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Sergi Massaneda","email":"sergi.massaneda@elastic.co"},"sourceCommit":{"committedDate":"2025-02-10T15:10:38Z","message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat Hunting","backport:version","v8.18.0","v9.1.0","v8.19.0"],"title":"[Security Solution] Siem migrations UI telemetry","number":209633,"url":"https://github.com/elastic/kibana/pull/209633","mergeCommit":{"message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180"}},"sourceBranch":"main","suggestedTargetBranches":["9.0","8.18","8.x"],"targetPullRequestStates":[{"branch":"9.0","label":"v9.0.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/209633","number":209633,"mergeCommit":{"message":"[Security Solution] Siem migrations UI telemetry (#209633)\n\n## Summary\r\n\r\nCreated a telemetry client with all SIEM migration telemetry events. \r\nAnd added the calls to track them \r\n\r\n### New events\r\n\r\n```ts\r\nSetupConnectorSelected {\r\n connectorType: string;\r\n connectorId: string;\r\n}\r\n\r\nSetupMigrationOpenNew {\r\n isFirstMigration: boolean;\r\n}\r\n\r\nSetupMigrationOpenResources {\r\n migrationId: string;\r\n missingResourcesCount: number;\r\n}\r\n\r\nSetupRulesQueryCopied {\r\n migrationId?: string;\r\n}\r\n\r\nSetupMigrationCreated {\r\n migrationId?: string;\r\n rulesCount: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nSetupMacrosQueryCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupLookupNameCopied {\r\n migrationId: string;\r\n}\r\n\r\nSetupResourcesUploaded {\r\n migrationId: string;\r\n type: 'macro' | 'lookup';\r\n count: number;\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n\r\nStartTranslation {\r\n migrationId: string;\r\n connectorId: string;\r\n isRetry: boolean;\r\n retryFilter?: 'failed' | 'not_fully_translated';\r\n result: 'success' | 'failed';\r\n errorMessage?: string;\r\n}\r\n```\r\n\r\n### Existing events (Translated rules actions):\r\n\r\nAlso integrated into the telemetry client\r\n\r\n```ts\r\nTranslatedRuleUpdate {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n}\r\n\r\nTranslatedRuleInstall {\r\n migrationId: string;\r\n ruleMigrationId: string;\r\n author: 'elastic' | 'custom';\r\n enabled: boolean;\r\n prebuiltRule?: {\r\n id: string;\r\n title: string;\r\n };\r\n}\r\n\r\nTranslatedRuleBulkInstall {\r\n migrationId: string;\r\n enabled: boolean;\r\n count: number;\r\n}\r\n```","sha":"bcc5389598b9ef23b15465715a952e6b2aca3180"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Sergi Massaneda <sergi.massaneda@elastic.co>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Created a telemetry client with all SIEM migration telemetry events.
And added the calls to track them
New events
Existing events (Translated rules actions):
Also integrated into the telemetry client