[Security Solution] Timeline is always empty when adding a value from dashboard

[MadameSheema]

Describe the bug:

• Timeline is always empty when adding a value from dashboard

Kibana/Elasticsearch Stack version:

• 8.10.0 - BC1

Initial Status:

• To have a Security Solution dashboard with a table
• Not sure if this is relevant for the issue of not, but I first created the dashboards on 8.9.0 and then upgraded to 8.10.0-BC1
• We are using as a reference the [Elastic Security] Detection rule monitoring dashboard

Steps to reproduce:

1. Navigate to dashboards
2. Open the one that has a table
3. Add a field to the timeline by hovering and clicking on the timeline icon

Current behavior:

• Below you can see the table I have on my dashboard

• When I add Id

• When I add Name

• When I add Type
• 

Expected behavior:

• Data should be populated in the timeline

[elasticmachine]

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[angorayc]

Hello @MadameSheema , could you please provide the query the table is using and the query the timeline is using when there's no data? I am wondering if it's caused by different date range in the query. Thank you.

[MadameSheema]

@angorayc and I synced over zoom. These are our observations:

• The [Elastic Security] Detection rule monitoring dashboard queries data from the .kibana-event-log-*.
• .kibana-event-log-* is not part of the default Security Solution data view.
• Timeline uses by default the Security Solution data view, that is the reason why we don't see anything, we are not querying the same index as the dashboard.
• Even though from behaviour perspective, it behaves as expected since we are querying from different sources, the user experience is not good, since from the user perspective there is a misalignment in the data.

@paulewing may you please help us to prioritise this? Thanks! :)