search

elastic / kibana

Your window into the Elastic Stack
https://www.elastic.co/products/kibana
Other
19.71k stars 8.13k forks source link

[Security Solution] Bulk Editing UX Improvements #151924

Open banderror opened 1 year ago

banderror commented 1 year ago

Related to: https://github.com/elastic/security-team/issues/1973 (internal)

Summary

This is a follow-up epic to the original one. As opposed to implementing various bulk editing actions, this epic focuses on bug fixes, performance improvements, and UX in general.

Sub-tasks

### Bugs and edge cases
- [ ] https://github.com/elastic/kibana/issues/141050
- [ ] https://github.com/elastic/kibana/issues/142959
- [ ] https://github.com/elastic/kibana/issues/138383
### UX improvements
- [ ] https://github.com/elastic/kibana/issues/126046
- [ ] https://github.com/elastic/kibana/issues/146283
- [ ] https://github.com/elastic/kibana/issues/80342
### Performance improvements
- [ ] Write a dev doc about the methodology of testing the performance of API endpoints. Describe things like test cases (data and permutations), statistical significance (how many "runs"/"measurements" to do per test case), load and parallelism (for example,  100 sequential requests + 100 requests in 20 chunks where 5 requests are parallel in each chunk), etc. Use this methodology consistently for future perf measurements.
- [ ] Optimize the performance of API keys regeneration. Figure out how API keys work and what's encoded inside (username, privileges?) -- this would give us an understanding of the limitations and available options. Regenerate API keys in bulk. Use the same API key for all the rules that are being updated -- instead of generating N keys for N enabled rules. Reuse the existing API key if the same user updates a rule.
- [ ] Remove the legacy actions migration logic from the `_bulk_action` endpoint
- [ ] https://github.com/elastic/kibana/issues/139084
- [ ] Implement a bulk get method in the `RulesClient` and use it from the `_bulk_action` endpoint
- [ ] Implement a bulk create method in the `RulesClient` and use it from the `_bulk_action` endpoint
- [ ] Implement a bulk delete method in the `RulesClient` and use it from the `_bulk_action` endpoint
- [ ] Implement a bulk enable/disable method in the `RulesClient` and use it from the `_bulk_action` endpoint
- [ ] Implement a bulk duplicate method in the `RulesClient` and use it from the `_bulk_action` endpoint (alternatively, could be solved with 2 methods: bulk get + bulk create)
### Refactoring
- [ ] Find a proper place for the validation logic that ensures that prebuilt rules can't be created/updated/edited except from the `addPrepackedRulesRoute`. ([comment](https://github.com/elastic/kibana/pull/130924#discussion_r879929440))
- [ ] Clean up the bulk actions route handler. Extract code into files, consolidate the implementation in a single place
elasticmachine commented 1 year ago

Pinging @elastic/security-detections-response (Team:Detections and Resp)