[Security Solution][Detections] Handle conflicts on alert status update #75492
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
madirey
added
release_note:enhancement
v8.0.0
Team:Endpoint Response
|
Pinging @elastic/endpoint-response (Team:Endpoint Response) |
dhurley14
reviewed
Sep 2, 2020
...ins/security_solution/server/lib/detection_engine/routes/signals/open_close_signals_route.ts
Outdated
Show resolved
Hide resolved
yctercero
reviewed
Sep 3, 2020
| @@ -117,7 +118,7 @@ export const AddExceptionModal = memo(function AddExceptionModal({ | |||
| Array<ExceptionListItemSchema | CreateExceptionListItemSchema> | |||
| >([]); | |||
| const [fetchOrCreateListError, setFetchOrCreateListError] = useState<ErrorInfo | null>(null); | |||
| const { addError, addSuccess } = useAppToasts(); | |||
| const { addError, addSuccess, addWarning } = useAppToasts(); | |||
There was a problem hiding this comment.
Not in any way blocking this PR, but just thinking, I think this component would benefit from using useReducer. The number of useStates are growing and (just personally) working on adding error states in here recently, felt like it was getting crowded.
There was a problem hiding this comment.
Makes sense to me! I don't think I will address it here, but if I get time, will take a stab at that soon.
.../plugins/security_solution/public/common/components/exceptions/add_exception_modal/index.tsx
Outdated
Show resolved
Hide resolved
| } | ||
|
|
||
| await addOrUpdateItems(exceptionItemsToAddOrUpdate); | ||
|
|
||
| if (isSubscribed) { | ||
| setIsLoading(false); | ||
| onSuccess(); | ||
| onSuccess(updated, conflicts); |
There was a problem hiding this comment.
Super nit: could this also be shortened a bit to just be:
Suggested change
| onSuccess(updated, conflicts); | |
| onSuccess(response.updated ?? 0, response.version_conflicts ?? 0); |
There was a problem hiding this comment.
I tried this, but response was out of scope at this point. I did just uncover a related bug here (actually, the unit tests uncovered it)... let me know what you think about the updates. :)
peluja1012
reviewed
Sep 3, 2020
peluja1012
reviewed
Sep 3, 2020
peluja1012
approved these changes
Sep 3, 2020
|
@elasticmachine merge upstream |
💚 Build SucceededBuild metricsasync chunks size
page load bundle size
History
To update your PR or re-run it, just comment with: |
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Sep 4, 2020
* master: (47 commits) Do not require id & description when creating a logstash pipeline (elastic#76616) Remove commented src/core/tsconfig file (elastic#76792) Replaced whitelistedHosts with allowedHosts in actions ascii docs (elastic#76731) [Dashboard First] Genericize Attribute Service (elastic#76057) [ci-metrics] unify distributable file count metrics (elastic#76448) [Security Solution][Detections] Handle conflicts on alert status update (elastic#75492) [eslint] convert to @typescript-eslint/no-unused-expressions (elastic#76471) [DOCS] Add default time range filter to advanced settings (elastic#76414) [Security Solution] Refactor NetworkTopNFlow to use Search Strategy (elastic#76249) [Dashboard] Update Index Patterns when Child Index Patterns Change (elastic#76356) [ML] Add option to Advanced Settings to set default time range filter for AD jobs (elastic#76347) Add CSM app to CODEOWNERS (elastic#76793) [Security Solution][Exceptions] - Updates exception item find sort field (elastic#76685) [Security Solution][Detections][Tech Debt] - Move to using common io-ts types (elastic#75009) [Lens] Drag dimension to replace (elastic#75895) URI encode the index names we fetch in the fetchIndices lib function. (elastic#76584) [Security Solution] Resolver retrieve entity id of documents without field mapped (elastic#76562) [Ingest Manager] validate agent route using AJV instead kbn-config-schema (elastic#76546) Updated non-dev usages of node-forge (elastic#76699) [Ingest Pipelines] Processor forms for processors K-S (elastic#75638) ...
madirey
added a commit
that referenced
this pull request
Sep 8, 2020
…te (#75492) (#76804) * Proceed on conflict when updating alert status * Handle conflicts * Don't let the user retry * Tweak error messages * Fix route * Update add exception modal * Reapply changes after fixing conflicts * Type errors * types * Fix remaining conflicts * Fix tests * More test fixes * Simplify onConflict evaluation * Add callback return types * Update translation paths * Add missing import Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Currently if a conflict is encountered (when 2 or more users are trying to update the same alert concurrently), the entire operation will fail and the user is left wondering what happened. This PR attempts to close as many alerts as possible, while also reporting conflicts. It also improves on error messaging.
Bulk Close from Alerts Table
Bulk Close on Exception Creation
Checklist
Delete any items that are not applicable to this PR.
For maintainers