Closed asteriscos closed 5 months ago
Progress was made by migrating the Threat Hunting overview definitions. The visualizations are already made with embeddables. Likewise, the visualizations are integrated with the searchbar bidirectionally. To continue:
Added the withPinnedAgent
HOC to add the pinnedAgent
prop that allows DashboardThreatHunting
to know which panels to render based on whether or not an agent is pinned.
This pinnedAgent
prop is then used as a parameter of the getDashboardPanels
method which will return the corresponding panels depending on whether or not there is a pinned agent.
It is important to note that changing the structure of normal panels to the panels of a pinned agent should not share the ids
of their panels. Below is an example of each one:
[!NOTE]
The examples below only have the definitions changed from the first two visualizations. So does the screenshot shown below.
const panels = {
'1': {
gridData: {
w: 28,
h: 13,
x: 0,
y: 0,
i: '1',
},
type: 'visualization',
explicitInput: {
id: '1',
savedVis: getVisStateTop10AlertLevelEvolution(indexPatternId),
},
},
'2': {
gridData: {
w: 20,
h: 13,
x: 28,
y: 0,
i: '2',
},
type: 'visualization',
explicitInput: {
id: '2',
savedVis: getVisStateTop10MITREATTACKS(indexPatternId),
},
},
'3': {
gridData: {
w: 15,
h: 12,
x: 0,
y: 13,
i: '3',
},
type: 'visualization',
explicitInput: {
id: '3',
savedVis: getVisStateTop5Agents(indexPatternId),
},
},
'4': {
gridData: {
w: 33,
h: 12,
x: 15,
y: 13,
i: '4',
},
type: 'visualization',
explicitInput: {
id: '4',
savedVis: getVisStateAlertEvolutionTop5Agents(indexPatternId),
},
},
};
const pinnedAgentPanels = {
'5': {
gridData: {
w: 24,
h: 13,
x: 0,
y: 0,
i: '5',
},
type: 'visualization',
explicitInput: {
id: '5',
savedVis:
getVisStatePinnedAgentTop10AlertGroupsEvolution(indexPatternId),
},
},
'6': {
gridData: {
w: 24,
h: 13,
x: 24,
y: 0,
i: '6',
},
type: 'visualization',
explicitInput: {
id: '6',
savedVis: getVisStateTop5Alerts(indexPatternId),
},
},
'3': {
gridData: {
w: 15,
h: 12,
x: 0,
y: 13,
i: '3',
},
type: 'visualization',
explicitInput: {
id: '3',
savedVis: getVisStateTop5Agents(indexPatternId),
},
},
'4': {
gridData: {
w: 33,
h: 12,
x: 15,
y: 13,
i: '4',
},
type: 'visualization',
explicitInput: {
id: '4',
savedVis: getVisStateAlertEvolutionTop5Agents(indexPatternId),
},
},
};
The aesthetics of the KPIs were adjusted using embeddable visualizations. It was decided to use embeddable visualizations for the KPIs to unlink them from the previous version and maintain a standard version to display the KPIs. Finished migrating visualization definitions when an agent is pinned Visualizations are changed from pie to donut Interaction with KPIs is analyzed so that it is filtered
To continue:
hide alerts
and allow agents.DiscoverNoResults
and LoadingSpinner
components are replaced with common components
Description
We have to implement the embeddable dashboard on Threat hunting -> dashboard tab and deprecate any use of kibana-integrations components.
Current Threat Hunting screens
![TH_A](https://github.com/wazuh/wazuh-dashboard-plugins/assets/43619595/23f8b9f2-5bfe-4b91-8c00-15e481999088) ![TH_B](https://github.com/wazuh/wazuh-dashboard-plugins/assets/43619595/854c0521-712d-4cb4-ba8e-9dd9225d3d70) ![TH_C](https://github.com/wazuh/wazuh-dashboard-plugins/assets/43619595/9a5ceb88-5187-4262-8d25-be39e161c5da) ![TH_A_Agent](https://github.com/wazuh/wazuh-dashboard-plugins/assets/43619595/3ef8798e-2d81-46f6-99eb-4388779410fb) ![TH_B_Agent](https://github.com/wazuh/wazuh-dashboard-plugins/assets/43619595/ac86334d-e6df-455a-b945-8f98148e137d)Tasks
hide alerts
,allow agents
and filter order.hide alerts
,allow agents
and filter order.Source task
6477