Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Cases] Route: Get all alerts attach to a case #101878

Merged
merged 12 commits into from
Jun 18, 2021
Merged

[Cases] Route: Get all alerts attach to a case #101878

merged 12 commits into from
Jun 18, 2021

Conversation

cnasikas
Copy link
Member

@cnasikas cnasikas commented Jun 10, 2021
edited
Loading

Summary

Resolves: #101816

Release Notes

A new route has been added with which you can get all alerts attached to a case.

Example:

Request:
GET <kibana_url>/api/cases/<case_id>/alerts

Response:

[
    {
        "id": "f93f3463d840d9bccc3ab890a92bc637dda6e176240cc4b29b860f6a9933c0c8",
        "index": ".siem-signals-nasikas-default-000001",
        "attached_at": "2021-06-10T11:51:47.491Z"
    },
    {
        "id": "24d0f7342ed21646b8d202aaadb7829fd3e1a08c242e9fb383bae6e7f05d4eed",
        "index": ".siem-signals-nasikas-default-000001",
        "attached_at": "2021-06-10T11:51:53.177Z"
    }
]

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@cnasikas cnasikas self-assigned this Jun 10, 2021
@cnasikas cnasikas added Feature:Cases Cases feature Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.14.0 v8.0.0 release_note:skip Skip the PR/issue when compiling release notes release_note:plugin_api_changes Contains a Plugin API changes section for the breaking plugin API changes section. labels Jun 10, 2021
@cnasikas cnasikas removed the release_note:skip Skip the PR/issue when compiling release notes label Jun 16, 2021
@cnasikas cnasikas marked this pull request as ready for review June 16, 2021 16:05
@cnasikas cnasikas requested a review from a team as a code owner June 16, 2021 16:05
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

jonathan-buttner
jonathan-buttner reviewed Jun 16, 2021
View reviewed changes
Copy link
Contributor

@jonathan-buttner jonathan-buttner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Requested a few changes. We'll want to regenerate the typedocs too. I can show you how to do that or just push up the changes once everything else is ready.

x-pack/plugins/cases/server/authorization/index.ts Show resolved Hide resolved
x-pack/plugins/cases/server/services/cases/index.ts Outdated Show resolved Hide resolved
x-pack/plugins/cases/server/routes/api/cases/alerts/get_alerts.ts Outdated Show resolved Hide resolved
x-pack/plugins/cases/server/routes/api/cases/alerts/get_alerts.ts Outdated Show resolved Hide resolved
x-pack/plugins/cases/server/common/utils.ts Show resolved Hide resolved
x-pack/plugins/cases/server/client/typedoc_interfaces.ts Outdated Show resolved Hide resolved
x-pack/plugins/cases/server/client/cases/get.ts Outdated Show resolved Hide resolved
x-pack/plugins/cases/server/client/cases/get.ts Outdated Show resolved Hide resolved
x-pack/plugins/cases/server/client/alerts/client.ts Show resolved Hide resolved
@spalger
Copy link
Contributor

spalger commented Jun 16, 2021

jenkins, test this

(restarting due to jenkins upgrade)

@cnasikas cnasikas requested a review from a team as a code owner June 17, 2021 11:06
@cnasikas cnasikas requested a review from legrego June 17, 2021 11:06
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
cases 254 255 +1

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
cases 398 401 +3

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
cases 126.3KB 126.6KB +372.0B
Unknown metric groups

API count

id before after diff
cases 434 437 +3

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @cnasikas

@cnasikas cnasikas merged commit 7267f50 into elastic:master Jun 18, 2021
@cnasikas cnasikas deleted the alerts_by_case_api branch June 18, 2021 07:57
@cnasikas cnasikas mentioned this pull request Jun 18, 2021
Merged
jloleysens added a commit to jloleysens/kibana that referenced this pull request Jun 18, 2021
@jloleysens
Merge branch 'master' of github.com:elastic/kibana into fleet/add-ass…
5800c2a 
…ets-tab

* 'master' of github.com:elastic/kibana: (93 commits)
  [ML] Remove blank job definition as it is unused and out-of-sync with Elasticsearch (elastic#102506)
  [Lens] Fix wrong error detection on transition to Top values operation (elastic#102384)
  [ML] Anomaly detection job custom_settings improvements (elastic#102099)
  [Cases] Route: Get all alerts attach to a case (elastic#101878)
  Fixes wrong list exception type when creating endpoint event filters list (elastic#102522)
  remove search bar that's not working yet (elastic#102550)
  Migrated Ingest Node Pipeline Functional Tests to use test_user (elastic#102409)
  [Maps] clean up feature editing name space to avoid conflicts with layer settings editing (elastic#102516)
  [canvas] Refactor Storybook from bespoke to standard configuration (elastic#101962)
  [Security Solution] adds wrapSequences method (RAC) (elastic#102106)
  [FTR] Stabilize SSLP functional tests (elastic#102553)
  [K8] Added `Inter` font files for new theme (elastic#102359)
  [Workplace Search] Convert Groups pages to new page template (elastic#102449)
  [DOC] Add experimental disclaimer to rollup jobs (elastic#95624)
  [Security Solution][Endpoint] Suppress some of the jest console.error noise created by endpoint list middelware (elastic#102535)
  [Fleet] Improve performance of Fleet setup (elastic#102219)
  [Alerting] Add event log entry when a rule starts executing (elastic#102001)
  [Fleet] Update docker image of registry used in integration tests (elastic#101911)
  [Asset Management] Osquery telemetry updates (elastic#100754)
  Converts saved object tagging to new management layout (elastic#102284)
  ...

# Conflicts:
#	x-pack/plugins/fleet/kibana.json
cnasikas added a commit that referenced this pull request Jun 18, 2021
@cnasikas @jonathan-buttner
[Cases] Route: Get all alerts attach to a case (#101878) (#102604)
d9f209c 
Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>

Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>
jloleysens added a commit to jloleysens/kibana that referenced this pull request Jun 21, 2021
@jloleysens
Merge branch 'master' of github.com:elastic/kibana into reporting/new…
72e3121 
…-png-pdf-report-type

* 'master' of github.com:elastic/kibana: (447 commits)
  skip flaky suite (elastic#102366)
  [Security Solution][Endpoint][Host Isolation] Isolation status badge from alert details (elastic#102274)
  Add email connector info for Elastic Cloud (elastic#91363)
  [Workplace Search] remove or replace xs props for text on source connect view (elastic#102663)
  Do not double register dashboard url generator (elastic#102599)
  [TSVB] Replaces EuiCodeEditor 👉 Monaco editor  (elastic#100684)
  [Discover] Update kibana.json adding owner and description (elastic#102292)
  [Exploratory View] Mobile experience (elastic#99565)
  chore(NA): moving @kbn/ui-shared-deps into bazel (elastic#101669)
  [TSVB] Index pattern select field disappear in Annotation tab (elastic#102314)
  [Security Solution][Endpoint][Host Isolation] Fixes bug where host isolation/unisolation works from alert details (elastic#102581)
  TSVB visualizations with no timefield do not render after upgrading from 7.12.1 to 7.13.0 (elastic#102494)
  [Logs UI] Add `event.original` fallback to message reconstruction rules (elastic#102236)
  [ML] Remove blank job definition as it is unused and out-of-sync with Elasticsearch (elastic#102506)
  [Lens] Fix wrong error detection on transition to Top values operation (elastic#102384)
  [ML] Anomaly detection job custom_settings improvements (elastic#102099)
  [Cases] Route: Get all alerts attach to a case (elastic#101878)
  Fixes wrong list exception type when creating endpoint event filters list (elastic#102522)
  remove search bar that's not working yet (elastic#102550)
  Migrated Ingest Node Pipeline Functional Tests to use test_user (elastic#102409)
  ...

# Conflicts:
#	x-pack/plugins/reporting/public/share_context_menu/register_pdf_png_reporting.tsx
@jonathan-buttner jonathan-buttner mentioned this pull request Jul 14, 2021
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@legrego legrego legrego left review comments

@jonathan-buttner jonathan-buttner jonathan-buttner approved these changes

Assignees

@cnasikas cnasikas

Labels
Feature:Cases Cases feature release_note:plugin_api_changes Contains a Plugin API changes section for the breaking plugin API changes section. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.14.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Cases] Create API for retrieving all alerts for a case ID
6 participants
@cnasikas @elasticmachine @spalger @kibanamachine @legrego @jonathan-buttner