Support input validators in dashboard native filter #13551
Comments
junlincc
added
the
enhancement:request
|
@cccs-jc sorry, I need more context to understand the use case. could you share video or gif to demonstrate your work flow? |
Use CaseWe use Superset as a Security information and event management (SIEM). Network security logs are frequently used in our analysis. Users search for an IP on a particular column. search-ipsrc.mp4Users search for a range of IPs on a particular column. search-cidr.mp4Users search for IP or range of IPs on either the source or destination columns. search-ip.mp4For performance reasons our IP values are physically stored as INTEGER in RDBMS. This is what a typical network IP flow table might look like
However, users think of IPs in terms dot notation or CIDR notation, not in terms of numbers. We thus provide a conversion mechanism to hide this implementation detail from our users. Results are thus presented to the user in tables like this one.
How we achieve this with SupersetRenderingIn superset we’ve modelled the flow table by typing the IP_SRC and IP_DST columns as IPV4. We use this typing information when rendering the values on the client side (in our custom visualization). Our rendering also generates a hyperlink to a page giving further information about the given IP. Query MutatorWe leverage superset's SQL_QUERY_MUTATOR to convert the IP strings provided by the user into the corresponding number value for the RDBMS. Superset ModelWe use the column data type to render IPV4 columns in dot notation.
We mark the IP (filter column) as not a dimension. Because the IP column is not a dimension it is not available option in the “COLUMNS” box of the Chart explorer. This is good because it’s not actually a column it’s just a filter. However, the IP filter column is available in the ad-hoc filter. Which is great.
The SQL_QUERY_MUTATOR not only converts IP strings to numbers but can also handle more complex scenarios like querying on either the SRC_IP or DST_IP columns. On the client side we have a custom visualization which renders columns of type IPV4 in dot notation and generates hyperlinks.
IP Filter integration in a DashboardThe IP filter column works the same inside Dashboards. Since IP is a column it can be used in a filter box or in the new native filter support. The IP filter column can also handle CIDR notation (IP range query).
FROM FLOW Gaps and improvementsOur current implementation is working well but the user experience needs some improvement. Inconsistent SQL operatorsThe IP filter column is really a filtering function. It accepts one or more IPs and generates a query which applies a filter on either SRC_IP or DST_IP columns. Only the “IN” and “=” operator really make sense for the IP filter column. However, there is no means to control which operators to show the user.
The same argument can be made for port number. String operators “LIKE”, “IS NOT NULL”, “IS NULL” are not applicable for the port number column.
It would be desirable for the ad-hoc filter UI and for the dashboard filters to only present to the user the applicable operators. The dataset model could be extended to support a list of applicable operators per column. No input validationWe would like to be able to validate the values entered for the IP filter. It should be of the form 0.0.0.0 or 0.0.0.0/32.
There are validators in superset to validate numerical and empty values. It would be great if we could create new ones for IPv4, IPv6 etc. Examples in other business lines might be credit card number, social insurance number, validating wildcard search expressions etc. The ad-hoc filter UI and the dashboard filters could use this information and apply the appropriate validation based on the chosen column. |
|
@junlincc as you see above being able to validate inputs and configure available operators on a column/filter basis would be greatly beneficial. Any recommendations, are there any efforts towards these features. Do you have any questions? |
|
Hi @cccs-jc thank you for providing such detailed description of your cases. I agree this is currently a limitation, but more as an edge case. We probably can include the enhancement in 2022 roadmap when we refractor and redesign the ad hoc filter component. I will revisit this issue next month and let you know. If you already have a solution, feel free to open a PR. we will make sure it gets reviewed. 🙏 |
junlincc
added
need:followup
|
I would like to make progress on this earlier than 2022. My team and I are willing to contribute to Superset however we need guidance on how best to provide hooks into Superset for customization. We don't want to hack support for our features directly into the code. But given proper hooks we can implement our features ourselves. @villebro has offered to help us create a custom filter for the dashboard. Hopefully we could apply some of that knowledge to the adhoc filter. In fact since this post we were able to modify the adhoc filter to validate inputs but only for our own visualization. Ideally we would like to be able to override the validation of the adhoc filter globally. |
junlincc
added
enhancement:committed
|
Any news on this? |
|
There's some work going on. We've tied this in with a notion of custom business types (SIP to come). We're working in a fork to prototype some stuff right now. But we're eager to get at least a first iteration of this into superset behind a feature flag. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. For admin, please label this issue |
|
@cccs-rc, any news on this? |
The SIP for Advanced Types has passed. The PR is here but not yet approved/merged. This won't add validation specifically to dashboard native filters, but it will allow you to add some validation for advanced types in the Explore view. If/how to extend this to dashboard native filters is on our list of things for future work. |
|
This one sounds safe to close, and is more feature request than bug report anyway, so I'll close it. Please re-open or start a fresh Issue/PR if needed. |
We use Superset in the context of Security information and event management (SIEM). Our data often include IP values which users want to filter by adhoc IP ranges (using CIDR notation).
For example when the user inputs a filter value of
192.168.0.0/24this filter is converted into a range query on the server side. We leverage superset's SQL_QUERY_MUTATOR to convert the IP range filter from an SQL statement likeWHERE IP IN '192.168.0.0/24'to
((IP >= 3232235520) AND (IP<= 3232235775))
The IP column is number for performance reasons.
This works quite well however there is no validation of the text provided by the user. Ideally we would like to validate the input in the client a bit like is done in the explorer UI.
It's possible to validate inputs in the chart explore UI since the viz populates the control panel and is free to customize the input control. However there is no way to specify a validator in the dashboard native filter.
There could be a registry of validator functions that the dashboard native filter would allow you to choose from when creating native filters.
Is this a feature being developed? Are there alternatives?
The text was updated successfully, but these errors were encountered: