PR comments

PhilippeOberti · PhilippeOberti · commit c4cb1b7e72de · 2025-04-09T15:57:28.000-05:00
diff --git a/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/group_stats_aggregations.ts b/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/group_stats_aggregations.ts
@@ -35,17 +35,19 @@ export const groupStatsAggregations = (field: string): NamedAggregation[] => {
 
   switch (field) {
     case 'signal.rule.id':
-      aggMetrics.push(...[SEVERITY_SUB_AGGREGATION, RULE_COUNT_AGGREGATION]);
+      aggMetrics.push(SEVERITY_SUB_AGGREGATION, RULE_COUNT_AGGREGATION);
       break;
     case 'kibana.alert.severity':
-      aggMetrics.push(...[RULE_SIGNAL_ID_SUB_AGGREGATION, RULE_COUNT_AGGREGATION]);
+      aggMetrics.push(RULE_SIGNAL_ID_SUB_AGGREGATION, RULE_COUNT_AGGREGATION);
       break;
     case 'kibana.alert.rule.name':
-      aggMetrics.push(...[RULE_SIGNAL_ID_SUB_AGGREGATION, SEVERITY_SUB_AGGREGATION]);
+      aggMetrics.push(RULE_SIGNAL_ID_SUB_AGGREGATION, SEVERITY_SUB_AGGREGATION);
       break;
     default:
       aggMetrics.push(
-        ...[RULE_SIGNAL_ID_SUB_AGGREGATION, SEVERITY_SUB_AGGREGATION, RULE_COUNT_AGGREGATION]
+        RULE_SIGNAL_ID_SUB_AGGREGATION,
+        SEVERITY_SUB_AGGREGATION,
+        RULE_COUNT_AGGREGATION
       );
   }
   return aggMetrics;
diff --git a/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/group_stats_renderers.test.tsx b/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/group_stats_renderers.test.tsx
@@ -109,7 +109,7 @@ describe('getIntegrationComponent', () => {
     expect(groupStatsItems.length).toBe(1);
     expect(groupStatsItems[0].component).toMatchInlineSnapshot(`
       <React.Fragment>
-        Multi
+         Multi
       </React.Fragment>
 `);
   });
diff --git a/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/group_stats_renderers.tsx b/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/group_stats_renderers.tsx
@@ -25,7 +25,7 @@ const STATS_GROUP_SIGNAL_RULE_ID = i18n.translate(
 const STATS_GROUP_SIGNAL_RULE_ID_MULTI = i18n.translate(
   'xpack.securitySolution.alertSummary.groups.integrations.multi',
   {
-    defaultMessage: 'Multi',
+    defaultMessage: ' Multi',
   }
 );
 
@@ -110,20 +110,16 @@ export const groupStatsRenderer = (
   const defaultBadges: GroupStatsItem[] = DEFAULT_GROUP_STATS_RENDERER(selectedGroup, bucket);
   const severityComponent: GroupStatsItem[] = getSeverityComponent(bucket);
   const integrationComponent: GroupStatsItem[] = getIntegrationComponent(bucket);
+  const rulesBadge: GroupStatsItem = getRulesBadge(bucket);
 
   switch (selectedGroup) {
     case 'signal.rule.id':
-      return [...severityComponent, getRulesBadge(bucket), ...defaultBadges];
+      return [...severityComponent, rulesBadge, ...defaultBadges];
     case 'kibana.alert.severity':
-      return [...integrationComponent, getRulesBadge(bucket), ...defaultBadges];
+      return [...integrationComponent, rulesBadge, ...defaultBadges];
     case 'kibana.alert.rule.name':
       return [...integrationComponent, ...severityComponent, ...defaultBadges];
     default:
-      return [
-        ...integrationComponent,
-        ...severityComponent,
-        getRulesBadge(bucket),
-        ...defaultBadges,
-      ];
+      return [...integrationComponent, ...severityComponent, rulesBadge, ...defaultBadges];
   }
 };
diff --git a/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/render_cell.tsx b/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/render_cell.tsx
@@ -10,6 +10,8 @@ import type { Alert } from '@kbn/alerting-types';
 import type { JsonValue } from '@kbn/utility-types';
 import { getOrEmptyTagFromValue } from '../../../../common/components/empty_value';
 
+const styles = { display: 'flex', alignItems: 'center', height: '100%' };
+
 export interface CellValueProps {
   /**
    * Alert data passed from the renderCellValue callback via the AlertWithLegacyFormats interface
@@ -54,11 +56,7 @@ export const CellValue = memo(({ alert, columnId }: CellValueProps) => {
     }
   }, [alert, columnId]);
 
-  return (
-    <div style={{ display: 'flex', alignItems: 'center', height: '100%' }}>
-      {getOrEmptyTagFromValue(displayValue)}
-    </div>
-  );
+  return <div style={styles}>{getOrEmptyTagFromValue(displayValue)}</div>;
 });
 
 CellValue.displayName = 'CellValue';
diff --git a/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/table.tsx b/x-pack/solutions/security/plugins/security_solution/public/detections/components/alert_summary/table/table.tsx
@@ -161,7 +161,13 @@ export const Table = memo(({ dataView, groupingFilters }: TableProps) => {
     if (combinedQuery?.kqlError || !combinedQuery?.filterQuery) {
       return { bool: {} };
     }
-    return { bool: { filter: JSON.parse(combinedQuery?.filterQuery) } };
+
+    try {
+      const filter = JSON.parse(combinedQuery?.filterQuery);
+      return { bool: { filter } };
+    } catch {
+      return { bool: {} };
+    }
   }, [browserFields, dataViewSpec, filters, globalQuery, uiSettings]);
 
   const renderAdditionalToolbarControls = useCallback(
diff --git a/x-pack/solutions/security/plugins/security_solution/public/detections/components/alerts_table/grouping_settings/default_group_stats_aggregations.ts b/x-pack/solutions/security/plugins/security_solution/public/detections/components/alerts_table/grouping_settings/default_group_stats_aggregations.ts
@@ -54,42 +54,34 @@ export const defaultGroupStatsAggregations = (field: string): NamedAggregation[]
   switch (field) {
     case 'kibana.alert.rule.name':
       aggMetrics.push(
-        ...[
-          {
-            description: {
-              terms: {
-                field: 'kibana.alert.rule.description',
-                size: 1,
-              },
+        {
+          description: {
+            terms: {
+              field: 'kibana.alert.rule.description',
+              size: 1,
             },
           },
-          SEVERITY_SUB_AGGREGATION,
-          USER_COUNT_AGGREGATION,
-          HOST_COUNT_AGGREGATION,
-          {
-            ruleTags: {
-              terms: {
-                field: 'kibana.alert.rule.tags',
-              },
+        },
+        SEVERITY_SUB_AGGREGATION,
+        USER_COUNT_AGGREGATION,
+        HOST_COUNT_AGGREGATION,
+        {
+          ruleTags: {
+            terms: {
+              field: 'kibana.alert.rule.tags',
             },
           },
-        ]
+        }
       );
       break;
     case 'host.name':
-      aggMetrics.push(
-        ...[RULE_COUNT_AGGREGATION, SEVERITY_SUB_AGGREGATION, USER_COUNT_AGGREGATION]
-      );
+      aggMetrics.push(RULE_COUNT_AGGREGATION, SEVERITY_SUB_AGGREGATION, USER_COUNT_AGGREGATION);
       break;
     case 'user.name':
-      aggMetrics.push(
-        ...[RULE_COUNT_AGGREGATION, SEVERITY_SUB_AGGREGATION, HOST_COUNT_AGGREGATION]
-      );
+      aggMetrics.push(RULE_COUNT_AGGREGATION, SEVERITY_SUB_AGGREGATION, HOST_COUNT_AGGREGATION);
       break;
     case 'source.ip':
-      aggMetrics.push(
-        ...[RULE_COUNT_AGGREGATION, SEVERITY_SUB_AGGREGATION, HOST_COUNT_AGGREGATION]
-      );
+      aggMetrics.push(RULE_COUNT_AGGREGATION, SEVERITY_SUB_AGGREGATION, HOST_COUNT_AGGREGATION);
       break;
     default:
       aggMetrics.push(RULE_COUNT_AGGREGATION);
diff --git a/x-pack/solutions/security/plugins/security_solution/public/detections/components/alerts_table/grouping_settings/default_group_stats_renderers.tsx b/x-pack/solutions/security/plugins/security_solution/public/detections/components/alerts_table/grouping_settings/default_group_stats_renderers.tsx
@@ -13,19 +13,19 @@ import { DEFAULT_GROUP_STATS_RENDERER } from '../alerts_grouping';
 import type { AlertsGroupingAggregation } from './types';
 import * as i18n from '../translations';
 
-export const getUsersBadge = (bucket: RawBucket<AlertsGroupingAggregation>) => ({
+export const getUsersBadge = (bucket: RawBucket<AlertsGroupingAggregation>): GroupStatsItem => ({
   title: i18n.STATS_GROUP_USERS,
   badge: {
     value: bucket.usersCountAggregation?.value ?? 0,
   },
 });
-export const getHostsBadge = (bucket: RawBucket<AlertsGroupingAggregation>) => ({
+export const getHostsBadge = (bucket: RawBucket<AlertsGroupingAggregation>): GroupStatsItem => ({
   title: i18n.STATS_GROUP_HOSTS,
   badge: {
     value: bucket.hostsCountAggregation?.value ?? 0,
   },
 });
-export const getRulesBadge = (bucket: RawBucket<AlertsGroupingAggregation>) => ({
+export const getRulesBadge = (bucket: RawBucket<AlertsGroupingAggregation>): GroupStatsItem => ({
   title: i18n.STATS_GROUP_RULES,
   badge: {
     value: bucket.rulesCountAggregation?.value ?? 0,
@@ -57,7 +57,6 @@ export const Severity = memo(({ severities }: SingleSeverityProps) => {
         <span className="smallDot">
           <EuiIcon type="dot" color="#da8b45" />
         </span>
-
         <span>
           <EuiIcon type="dot" color="#e7664c" />
         </span>
@@ -137,17 +136,20 @@ export const defaultGroupStatsRenderer = (
   selectedGroup: string,
   bucket: RawBucket<AlertsGroupingAggregation>
 ): GroupStatsItem[] => {
-  const severityStat: GroupStatsItem[] = getSeverityComponent(bucket);
+  const severityComponent: GroupStatsItem[] = getSeverityComponent(bucket);
   const defaultBadges: GroupStatsItem[] = DEFAULT_GROUP_STATS_RENDERER(selectedGroup, bucket);
+  const usersBadge: GroupStatsItem = getUsersBadge(bucket);
+  const hostsBadge: GroupStatsItem = getHostsBadge(bucket);
+  const rulesBadge: GroupStatsItem = getRulesBadge(bucket);
 
   switch (selectedGroup) {
     case 'kibana.alert.rule.name':
-      return [...severityStat, getUsersBadge(bucket), getHostsBadge(bucket), ...defaultBadges];
+      return [...severityComponent, usersBadge, hostsBadge, ...defaultBadges];
     case 'host.name':
-      return [...severityStat, getUsersBadge(bucket), getRulesBadge(bucket), ...defaultBadges];
+      return [...severityComponent, usersBadge, rulesBadge, ...defaultBadges];
     case 'user.name':
     case 'source.ip':
-      return [...severityStat, getHostsBadge(bucket), getRulesBadge(bucket), ...defaultBadges];
+      return [...severityComponent, hostsBadge, rulesBadge, ...defaultBadges];
   }
-  return [...severityStat, getRulesBadge(bucket), ...defaultBadges];
+  return [...severityComponent, rulesBadge, ...defaultBadges];
 };
