Skip to content

[Cases] Route: Get all alerts attach to a case#101878

Merged
cnasikas merged 12 commits intoelastic:masterfrom
cnasikas:alerts_by_case_api
Jun 18, 2021
Merged

[Cases] Route: Get all alerts attach to a case#101878
cnasikas merged 12 commits intoelastic:masterfrom
cnasikas:alerts_by_case_api

Conversation

@cnasikas
Copy link
Copy Markdown
Member

@cnasikas cnasikas commented Jun 10, 2021
edited
Loading

Summary

Resolves: #101816

Release Notes

A new route has been added with which you can get all alerts attached to a case.

Example:

Request:
GET <kibana_url>/api/cases/<case_id>/alerts

Response:

[
    {
        "id": "f93f3463d840d9bccc3ab890a92bc637dda6e176240cc4b29b860f6a9933c0c8",
        "index": ".siem-signals-nasikas-default-000001",
        "attached_at": "2021-06-10T11:51:47.491Z"
    },
    {
        "id": "24d0f7342ed21646b8d202aaadb7829fd3e1a08c242e9fb383bae6e7f05d4eed",
        "index": ".siem-signals-nasikas-default-000001",
        "attached_at": "2021-06-10T11:51:53.177Z"
    }
]

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@cnasikas cnasikas self-assigned this Jun 10, 2021
@cnasikas cnasikas added Feature:Cases Cases feature Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.14.0 v8.0.0 release_note:skip Skip the PR/issue when compiling release notes release_note:plugin_api_changes Contains a Plugin API changes section for the breaking plugin API changes section. labels Jun 10, 2021
@cnasikas cnasikas force-pushed the alerts_by_case_api branch from 9f90dfb to 8ce2fc4 Compare June 10, 2021 12:06
@cnasikas cnasikas removed the release_note:skip Skip the PR/issue when compiling release notes label Jun 16, 2021
@cnasikas cnasikas marked this pull request as ready for review June 16, 2021 16:05
@cnasikas cnasikas requested a review from a team as a code owner June 16, 2021 16:05
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Jun 16, 2021

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Jun 16, 2021

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@cnasikas cnasikas force-pushed the alerts_by_case_api branch from 17c04df to 28af215 Compare June 16, 2021 17:42
jonathan-buttner
jonathan-buttner reviewed Jun 16, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@jonathan-buttner jonathan-buttner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Requested a few changes. We'll want to regenerate the typedocs too. I can show you how to do that or just push up the changes once everything else is ready.

@spalger
Copy link
Copy Markdown
Contributor

spalger commented Jun 16, 2021

jenkins, test this

(restarting due to jenkins upgrade)

@cnasikas cnasikas requested a review from a team as a code owner June 17, 2021 11:06
@cnasikas cnasikas requested a review from legrego June 17, 2021 11:06
jonathan-buttner
jonathan-buttner reviewed Jun 17, 2021
View reviewed changes
legrego
legrego reviewed Jun 17, 2021
View reviewed changes
@kibanamachine
Copy link
Copy Markdown
Contributor

kibanamachine commented Jun 17, 2021

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
cases 254 255 +1

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
cases 398 401 +3

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
cases 126.3KB 126.6KB +372.0B
Unknown metric groups

API count

id before after diff
cases 434 437 +3

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @cnasikas

@cnasikas cnasikas merged commit 7267f50 into elastic:master Jun 18, 2021
@cnasikas cnasikas deleted the alerts_by_case_api branch June 18, 2021 07:57
@cnasikas cnasikas mentioned this pull request Jun 18, 2021
Merged
jloleysens added a commit to jloleysens/kibana that referenced this pull request Jun 18, 2021
@jloleysens
Merge branch 'master' of github.com:elastic/kibana into fleet/add-ass…
5800c2a 
…ets-tab

* 'master' of github.com:elastic/kibana: (93 commits)
  [ML] Remove blank job definition as it is unused and out-of-sync with Elasticsearch (elastic#102506)
  [Lens] Fix wrong error detection on transition to Top values operation (elastic#102384)
  [ML] Anomaly detection job custom_settings improvements (elastic#102099)
  [Cases] Route: Get all alerts attach to a case (elastic#101878)
  Fixes wrong list exception type when creating endpoint event filters list (elastic#102522)
  remove search bar that's not working yet (elastic#102550)
  Migrated Ingest Node Pipeline Functional Tests to use test_user (elastic#102409)
  [Maps] clean up feature editing name space to avoid conflicts with layer settings editing (elastic#102516)
  [canvas] Refactor Storybook from bespoke to standard configuration (elastic#101962)
  [Security Solution] adds wrapSequences method (RAC) (elastic#102106)
  [FTR] Stabilize SSLP functional tests (elastic#102553)
  [K8] Added `Inter` font files for new theme (elastic#102359)
  [Workplace Search] Convert Groups pages to new page template (elastic#102449)
  [DOC] Add experimental disclaimer to rollup jobs (elastic#95624)
  [Security Solution][Endpoint] Suppress some of the jest console.error noise created by endpoint list middelware (elastic#102535)
  [Fleet] Improve performance of Fleet setup (elastic#102219)
  [Alerting] Add event log entry when a rule starts executing (elastic#102001)
  [Fleet] Update docker image of registry used in integration tests (elastic#101911)
  [Asset Management] Osquery telemetry updates (elastic#100754)
  Converts saved object tagging to new management layout (elastic#102284)
  ...

# Conflicts:
#	x-pack/plugins/fleet/kibana.json
cnasikas added a commit that referenced this pull request Jun 18, 2021
@cnasikas @jonathan-buttner
[Cases] Route: Get all alerts attach to a case (#101878) (#102604)
d9f209c 
Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>

Co-authored-by: Jonathan Buttner <jonathan.buttner@elastic.co>
jloleysens added a commit to jloleysens/kibana that referenced this pull request Jun 21, 2021
@jloleysens
Merge branch 'master' of github.com:elastic/kibana into reporting/new…
72e3121 
…-png-pdf-report-type

* 'master' of github.com:elastic/kibana: (447 commits)
  skip flaky suite (elastic#102366)
  [Security Solution][Endpoint][Host Isolation] Isolation status badge from alert details (elastic#102274)
  Add email connector info for Elastic Cloud (elastic#91363)
  [Workplace Search] remove or replace xs props for text on source connect view (elastic#102663)
  Do not double register dashboard url generator (elastic#102599)
  [TSVB] Replaces EuiCodeEditor 👉 Monaco editor  (elastic#100684)
  [Discover] Update kibana.json adding owner and description (elastic#102292)
  [Exploratory View] Mobile experience (elastic#99565)
  chore(NA): moving @kbn/ui-shared-deps into bazel (elastic#101669)
  [TSVB] Index pattern select field disappear in Annotation tab (elastic#102314)
  [Security Solution][Endpoint][Host Isolation] Fixes bug where host isolation/unisolation works from alert details (elastic#102581)
  TSVB visualizations with no timefield do not render after upgrading from 7.12.1 to 7.13.0 (elastic#102494)
  [Logs UI] Add `event.original` fallback to message reconstruction rules (elastic#102236)
  [ML] Remove blank job definition as it is unused and out-of-sync with Elasticsearch (elastic#102506)
  [Lens] Fix wrong error detection on transition to Top values operation (elastic#102384)
  [ML] Anomaly detection job custom_settings improvements (elastic#102099)
  [Cases] Route: Get all alerts attach to a case (elastic#101878)
  Fixes wrong list exception type when creating endpoint event filters list (elastic#102522)
  remove search bar that's not working yet (elastic#102550)
  Migrated Ingest Node Pipeline Functional Tests to use test_user (elastic#102409)
  ...

# Conflicts:
#	x-pack/plugins/reporting/public/share_context_menu/register_pdf_png_reporting.tsx
@jonathan-buttner jonathan-buttner mentioned this pull request Jul 14, 2021
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@legrego legrego legrego left review comments

@jonathan-buttner jonathan-buttner jonathan-buttner approved these changes

Assignees

@cnasikas cnasikas

Labels

Feature:Cases Cases feature release_note:plugin_api_changes Contains a Plugin API changes section for the breaking plugin API changes section. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.14.0 v8.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Cases] Create API for retrieving all alerts for a case ID

6 participants

@cnasikas @elasticmachine @spalger @kibanamachine @legrego @jonathan-buttner