Links won't work until refresh if we add or remove a field - Githubissues

wazuh / wazuh-dashboard-plugins

Plugins for Wazuh Dashboard

https://wazuh.com/

GNU General Public License v2.0

426 stars 176 forks source link

Links won't work until refresh if we add or remove a field #3927

Open juliamagan opened 2 years ago

juliamagan commented 2 years ago

Wazuh	Opensearch	Rev	Security
4.3.0	1.2.0	4301-1	Wazuh Indexer

Browser
Firefox

Description

During Windows Event manual testing, using OVA installation, it has been detected the following behavior:

https://user-images.githubusercontent.com/80041853/160661646-dbd6bec4-ec9b-4089-ae1c-e4633b9d9f4e.mp4

When we select or remove a field, links won't work until we refresh the events.

Steps to reproduce

Go to Modules > Security Events > Events
Select a field, for example agent.id
Scroll down to see older events, links won't work
Refresh events
Scroll down to see older events, links will work

gdiazlo commented 2 years ago

This is a known issue. We need to redesign our discover plugging code to fix it. The divergences between ElasticSearch and OpenSearch will make this more difficult, as the runtime fields and scripted fields divergence might force us to either do our own implementation or to maintain to versions of the same code with modifications to each platform.

We will research which approach makes more sense to Wazuh.