search

wazuh / wazuh-dashboard-plugins

Plugins for Wazuh Dashboard
https://wazuh.com/
GNU General Public License v2.0
426 stars 176 forks source link

User interface toggle for vulnerability evaluation status #6957

Open Dwordcito opened 2 weeks ago

Dwordcito commented 2 weeks ago

Description

There are some vulnerabilities that have not been evaluated yet, therefore some fields are missing. This issue aims to implement a toggle in the user interface to display the dispute/evaluation status using the wazuh.vulnerability.under_evaluation filter.

Vulnerabilities still under evaluation: image

Tasks

Vulnerabilities dashboard

image

Vulnerabilities inventory

image

Desvelao commented 2 weeks ago

Proposition 1

This defines a form control in the same row of the search bar filters at the end with the ability to select an option to filter:

Clicking on the yes or no option adds a user filter to the search bar too. This causes the data related to the filter is displayed in two places. This approach is similar to the GitHub/Office 365 > Panel views when using the simple search bar.

image image image

Desvelao commented 2 weeks ago

Proposition 2

Add an editable filter near to the fixed filters. This approach reduces the occupped space from the propostion#1.

This needs changes in the data source to support this type of editable filters. Depending on the case, this filter could not be shared because this could not be present in the URL.

image image image

This is a POC, and the badge should have similar height of other filters. The selector is causing the badge height grows. The edition of filter could be done through a popover as the user filters.

Desvelao commented 2 weeks ago

Proposition 3

Usage of simple and advanced search bar. Similar to GitHub/Office 365 > Panel view.

image

GitHub > Panel simple alternative search bar

The simple alternative has filters for the most important fields.

The advanced alternative is the search bar as Discover application.

Desvelao commented 2 weeks ago

Proposition 4

Add a form control near to the fixed filters. This form control adds user filter with a controlledBy property to identify. The user filters should not include the filter. This allows the controlled filter is synced with the URL too.

The render could be similar to Proposition 2.

Image

This is a POC, the UI could need some enhancements.

If the controlled filter is rendered by the user search bar filters, when using the Disable all option the filter is kept on the URL meanwhile, if the controlled filter is not passed to the user search bar filter, using the Disable all option, the filter dissappear from the URL. The result is the same, the filter should be used, but it could have other unknown consequences.

Desvelao commented 1 week ago

In a recent meeting, we decided to avoid the addition of a UI control to set the filter related to wazuh.vulnerability.under_evaluation because this would create a different view of the search bar for this specific case breaking the consistency with other views and this is not desired at this moment.

To meet this need, we will add a new visualization that display data related to the evaluated and non-evaluated vulnerabilities. The user could click in these indicators, and the related filter should be added to the list of filters and the data is filtered taking into account the new filters.

The visualization should be something similar to: Image

Desvelao commented 1 week ago

I created the visualization using the Visualize application

and I add it into the dashboard porting the visualization definition to the definition on the plugin.

Result: Image

Notes: