Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solutions] Sets our default date time to be "today" instead of "Last 24 hours" to enable cachability and fixes one date math bug in the URL #93548

Merged
merged 2 commits into from
Mar 4, 2021
Merged

[Security Solutions] Sets our default date time to be "today" instead of "Last 24 hours" to enable cachability and fixes one date math bug in the URL #93548

merged 2 commits into from
Mar 4, 2021

Conversation

FrankHassanabad
Copy link
Contributor

@FrankHassanabad FrankHassanabad commented Mar 4, 2021
edited
Loading

Summary

Enables caching in our application by setting the default date time of our application to be from: now/d and to: now/d. When users go to the advanced settings they will see this now:
Screen Shot 2021-03-04 at 11 53 08 AM

In their date time bars on page loads they will see today instead of 24 hours:
Screen Shot 2021-03-04 at 11 50 18 AM

When before they used to have from: now-24 and to: now. This new date time frame plays well with Elastic caches and no longer "busts" them for users on each page request. Now users will send the same date time frame on each query which will cache the views as the default.

This also fixes a small bug with the URL's where the "to" was not being rounded up when it was a dynamic date time on first load. For example if you went to the URL, /app/security/hosts/allHosts with no additional state information but have a default of from: now/d and to: now/d it would not round up the date time. Now it rounds it up through the date math utilities which only rounds when it sees that it is a dynamic date math.

When requests are being sent, expect to see this where you have from rounded down and `to rounded up. This should be a consistent non-sliding date time math for caching to operate:
Screen Shot 2021-03-04 at 11 33 11 AM

If you change the to to be another date math such as now+1d/d expect to see it also rounded up. This behavior mirrors that of discover:
Screen Shot 2021-03-04 at 11 33 11 AM

You can manually verify this behavior by setting the same now dates in discover as well as security solutions and both should work as is even when you remove the URL state from the right side of a ?

Checklist

@FrankHassanabad FrankHassanabad self-assigned this Mar 4, 2021
@FrankHassanabad FrankHassanabad changed the title Fixes small bug with date times in url and changes default of date ti… [Security Solutions] Sets our default date time to be "today" instead of "now-24" to enable caching and fixes one date math bug in the URL Mar 4, 2021
@FrankHassanabad FrankHassanabad added v8.0.0 v7.13.0 release_note:fix Team:Detections and Resp Security Detection Response Team bug Fixes for quality problems that affect the customer experience auto-backport Deprecated - use backport:version if exact versions are needed labels Mar 4, 2021
@FrankHassanabad FrankHassanabad marked this pull request as ready for review March 4, 2021 19:03
@FrankHassanabad FrankHassanabad requested a review from a team as a code owner March 4, 2021 19:03
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@FrankHassanabad FrankHassanabad requested a review from rylnd March 4, 2021 19:04
@FrankHassanabad FrankHassanabad changed the title [Security Solutions] Sets our default date time to be "today" instead of "now-24" to enable caching and fixes one date math bug in the URL [Security Solutions] Sets our default date time to be "today" instead of "Last 24 hours" to enable cachability and fixes one date math bug in the URL Mar 4, 2021
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 7.8MB 7.8MB +37.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @FrankHassanabad

rylnd
rylnd approved these changes Mar 4, 2021
View reviewed changes
Copy link
Contributor

@rylnd rylnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the documentation and the added unit tests; I had no idea that's how those filters were supposed to work 🤦

@FrankHassanabad FrankHassanabad merged commit 47bb977 into elastic:master Mar 4, 2021
@FrankHassanabad FrankHassanabad deleted the fix-date-bug-change-default branch March 4, 2021 21:23
@kibanamachine kibanamachine mentioned this pull request Mar 4, 2021
Merged
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Mar 4, 2021
@FrankHassanabad @kibanamachine
[Security Solutions] Sets our default date time to be "today" instead…
31320e7 
… of "Last 24 hours" to enable cachability and fixes one date math bug in the URL (elastic#93548)

## Summary

Enables caching in our application by setting the default date time of our application to be `from: now/d` and `to: now/d`. When users go to the advanced settings they will see this now:
<img width="1243" alt="Screen Shot 2021-03-04 at 11 53 08 AM" src="https://user-images.githubusercontent.com/1151048/110014626-43fb6700-7ce0-11eb-94ee-0c4cc7a8a10f.png">

In their date time bars on page loads they will see today instead of 24 hours:
<img width="556" alt="Screen Shot 2021-03-04 at 11 50 18 AM" src="https://user-images.githubusercontent.com/1151048/110015216-dac82380-7ce0-11eb-935d-2d71078c1170.png">

When before they used to have `from: now-24` and `to: now`. This new date time frame plays well with Elastic caches and no longer "busts" them for users on each page request. Now users will send the same date time frame on each query which will cache the views as the default.

This also fixes a small bug with the URL's where the "to" was not being rounded up when it was a dynamic date time on first load. For example if you went to the URL, `/app/security/hosts/allHosts` with no additional state information but have a default of `from: now/d` and `to: now/d` it would not round up the date time. Now it rounds it up through the date math utilities which only rounds when it sees that it is a dynamic date math.

When requests are being sent, expect to see this where you have `from` rounded down and `to rounded up. This should be a consistent non-sliding date time math for caching to operate:
<img width="608" alt="Screen Shot 2021-03-04 at 11 33 11 AM" src="https://user-images.githubusercontent.com/1151048/110015357-01865a00-7ce1-11eb-8580-efacf791b573.png">

If you change the `to` to be another date math such as `now+1d/d` expect to see it also rounded up. This behavior mirrors that of discover:
<img width="608" alt="Screen Shot 2021-03-04 at 11 33 11 AM" src="https://user-images.githubusercontent.com/1151048/110015440-17941a80-7ce1-11eb-832d-e826962829ed.png">

You can manually verify this behavior by setting the same now dates in discover as well as security solutions and both should work as is even when you remove the URL state from the right side of a `?`


### Checklist

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
@kibanamachine
Copy link
Contributor

💚 Backport successful

7.x / #93692

Successful backport PRs will be merged automatically after passing CI.

gmmorris added a commit to gmmorris/kibana that referenced this pull request Mar 4, 2021
@gmmorris
Merge branch 'actions/terminology-api' of github.com:gmmorris/kibana …
c9d7e0e 
…into actions/terminology-api

* 'actions/terminology-api' of github.com:gmmorris/kibana:
  Make Dashboard Unsaved Changes Space Specific (elastic#92680)
  Hide Value and Funtional boost for geolocation (elastic#93683)
  [Fleet] Set all keyword and text fields for `index.query.default_field` index template setting (elastic#91791)
  can not query the world (elastic#93556)
  [Security Solutions] Sets our default date time to be "today" instead of "Last 24 hours" to enable cachability and fixes one date math bug in the URL  (elastic#93548)
  [Security Solution][Endpoint][Admin][Policy] Register as AV os restrictions tooltip note  (elastic#93306)
  fix agg config sub agg dsl generation (elastic#93276)
kibanamachine added a commit that referenced this pull request Mar 4, 2021
@kibanamachine @FrankHassanabad
[Security Solutions] Sets our default date time to be "today" instead…
34afd4d 
… of "Last 24 hours" to enable cachability and fixes one date math bug in the URL (#93548) (#93692)

## Summary

Enables caching in our application by setting the default date time of our application to be `from: now/d` and `to: now/d`. When users go to the advanced settings they will see this now:
<img width="1243" alt="Screen Shot 2021-03-04 at 11 53 08 AM" src="https://user-images.githubusercontent.com/1151048/110014626-43fb6700-7ce0-11eb-94ee-0c4cc7a8a10f.png">

In their date time bars on page loads they will see today instead of 24 hours:
<img width="556" alt="Screen Shot 2021-03-04 at 11 50 18 AM" src="https://user-images.githubusercontent.com/1151048/110015216-dac82380-7ce0-11eb-935d-2d71078c1170.png">

When before they used to have `from: now-24` and `to: now`. This new date time frame plays well with Elastic caches and no longer "busts" them for users on each page request. Now users will send the same date time frame on each query which will cache the views as the default.

This also fixes a small bug with the URL's where the "to" was not being rounded up when it was a dynamic date time on first load. For example if you went to the URL, `/app/security/hosts/allHosts` with no additional state information but have a default of `from: now/d` and `to: now/d` it would not round up the date time. Now it rounds it up through the date math utilities which only rounds when it sees that it is a dynamic date math.

When requests are being sent, expect to see this where you have `from` rounded down and `to rounded up. This should be a consistent non-sliding date time math for caching to operate:
<img width="608" alt="Screen Shot 2021-03-04 at 11 33 11 AM" src="https://user-images.githubusercontent.com/1151048/110015357-01865a00-7ce1-11eb-8580-efacf791b573.png">

If you change the `to` to be another date math such as `now+1d/d` expect to see it also rounded up. This behavior mirrors that of discover:
<img width="608" alt="Screen Shot 2021-03-04 at 11 33 11 AM" src="https://user-images.githubusercontent.com/1151048/110015440-17941a80-7ce1-11eb-832d-e826962829ed.png">

You can manually verify this behavior by setting the same now dates in discover as well as security solutions and both should work as is even when you remove the URL state from the right side of a `?`


### Checklist

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios

Co-authored-by: Frank Hassanabad <[email protected]>
tylersmalley pushed a commit that referenced this pull request Mar 5, 2021
Revert "[Security Solutions] Sets our default date time to be "today"…
1f936a1 
… instead of "Last 24 hours" to enable cachability and fixes one date math bug in the URL (#93548)"

This reverts commit 47bb977.
tylersmalley pushed a commit that referenced this pull request Mar 5, 2021
Revert "[Security Solutions] Sets our default date time to be "today"…
a2a8b9a 
… instead of "Last 24 hours" to enable cachability and fixes one date math bug in the URL (#93548) (#93692)"

This reverts commit 34afd4d.
@tylersmalley
Copy link
Contributor

I ended up needing to revert this change as it began failing in both branches: https://kibana-ci.elastic.co/job/elastic+kibana+master/12351/execution/node/179/log/

master: 1f936a1
7.x: a2a8b9a

@FrankHassanabad FrankHassanabad mentioned this pull request Mar 5, 2021
Merged
1 task
FrankHassanabad added a commit that referenced this pull request Mar 5, 2021
@FrankHassanabad
[Security Solutions] Unrevert and fix tests (#93834)
972bf0a 
## Summary

Unreverts:
#93548

By fixing tests that are relying on date times to be less strict.

### Checklist

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Mar 5, 2021
@FrankHassanabad @kibanamachine
[Security Solutions] Unrevert and fix tests (elastic#93834)
9c62a06 
## Summary

Unreverts:
elastic#93548

By fixing tests that are relying on date times to be less strict.

### Checklist

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
kibanamachine added a commit that referenced this pull request Mar 6, 2021
@kibanamachine @FrankHassanabad
[Security Solutions] Unrevert and fix tests (#93834) (#93864)
67058f2 
## Summary

Unreverts:
#93548

By fixing tests that are relying on date times to be less strict.

### Checklist

- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios

Co-authored-by: Frank Hassanabad <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rylnd rylnd rylnd approved these changes

Assignees

@FrankHassanabad FrankHassanabad

Labels
auto-backport Deprecated - use backport:version if exact versions are needed bug Fixes for quality problems that affect the customer experience release_note:fix reverted Team:Detections and Resp Security Detection Response Team v7.13.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@FrankHassanabad @elasticmachine @kibanamachine @tylersmalley @rylnd