Open spong opened 3 years ago
Pinging @elastic/kibana-alerting-services (Team:Alerting Services)
Pinging @elastic/security-detections-response (Team:Detections and Resp)
Pinging @elastic/security-solution (Team: SecuritySolution)
There are a couple of things that I hope we can improve on the histogram as we build this component.
Responsive behavior In my opinion, responsive behavior is part of a high-quality UI. I also think it is especially important for these views as they are used for troubleshooting. This can happen anywhere, anytime, and on any device.
Date/Time in the tooltip is unclear To me, the date/time in the tooltip is not clear. I suggest using the standard Kibana date/time format.
User-friendly labels The field names can be hard to read. Therefore, I suggest defining labels (at least for the most important ones).
I'm not sure what this icon button is for and if we are going to need it for our use case in Observability. cc @cyrille-leclerc
cc @lindseypoli
Pinging @elastic/security-threat-hunting (Team:Threat Hunting)
Description
This issue is for the generification of the
Alerts Histogram
component used within the Alert Triage workflow on the main Security Detections page and Rule Details page. This component isn't currently planned to be used within the Observability workflow, and so its generification can be prioritized as necessary.Interface
Inputs
.alerts
index to query againstOutputs
API Requirements
.alerts
index.Destination Plugin/Package 🏠
alerting plugin
,rac
plugin, or generic shared component package, but TBD.Existing Source
AlertsHistogramPanel
(source wrappingAlertsHistogram
based on EUIChartsHistogramBarSeries
.Data is fetched using following hooks:
useQueryAlerts
(source) - Hook for fetching Alerts from the Detection Engine API. Takesquery
andindex
, returning query results to be processed. Histogram aggregation query generated here.