Skip to content

Commit

Permalink
[SecuritySolution] Fix entities list initial sorting (elastic#197465)
Browse files Browse the repository at this point in the history 
## Summary

The entity list initial sorting wasn't working because it referenced an
old field.
  • Loading branch information
@machadoum
machadoum authored Oct 24, 2024
1 parent 909879b commit 7a8d813
Show file tree
Hide file tree
Showing 4 changed files with 121 additions and 102 deletions.
2 changes: 1 addition & 1 deletion ...ugins/security_solution/public/entity_analytics/components/entity_store/entities_list.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ export const EntitiesList: React.FC = () => {
const [limit, setLimit] = useState(10);
const { toggleStatus } = useQueryToggle(ENTITIES_LIST_TABLE_ID);
const [sorting, setSorting] = useState({
field: 'entity.last_seen_timestamp',
field: '@timestamp',
direction: Direction.desc,
});

Expand Down
2 changes: 1 addition & 1 deletion ...lugins/security_solution/server/lib/entity_analytics/entity_store/routes/entities/list.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ export const listEntitiesRoute = (router: EntityAnalyticsRoutesDeps['router'], l
const {
page = 1,
per_page: perPage = 10,
sort_field: sortField = 'entity.last_seen_timestamp',
sort_field: sortField = '@timestamp',
sort_order: sortOrder = 'desc',
entities_types: entityTypes,
filterQuery,
Expand Down
32 changes: 11 additions & 21 deletions x-pack/test/functional/es_archives/security_solution/entity_store/data.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
"id": "a4cf452c1e0375c3d4412cb550ad1783358468a3b3b777da4829d72c7d6fb74f",
"index": ".entities.v1.latest.security_user_default",
"source": {
"@timestamp": "2024-09-11T11:24:15.588Z",
"event": {
"ingested": "2024-09-11T11:26:49.706875Z"
},
Expand All @@ -17,16 +18,10 @@
"hash": []
},
"entity": {
"last_seen_timestamp": "2024-09-11T11:24:15.588Z",
"schema_version": "v1",
"definition_version": "1.0.0",
"display_name": "hinamatsumoto",
"identity_fields": [
"user.name"
],
"id": "LBQAgKHGmpup0Kg9nlKmeQ==",
"type": "node",
"definition_id": "security_user_default"
"name": "hinamatsumoto",
"id": "hinamatsumoto",
"type": "user",
"source": ".ds-logs-endpoint.alerts-default-2024.10.23-000001"
}
}
}
Expand All @@ -38,6 +33,7 @@
"id": "a2cf452c1e0375c3d4412cb550bd1783358468a3b3b777da4829d72c7d6fb71f",
"index": ".entities.v1.latest.security_host_default",
"source": {
"@timestamp": "2024-09-11T11:24:15.591Z",
"event": {
"ingested": "2024-09-11T11:26:49.641707Z"
},
Expand Down Expand Up @@ -67,17 +63,11 @@
]
},
"entity": {
"last_seen_timestamp": "2024-09-11T11:24:15.591Z",
"schema_version": "v1",
"definition_version": "1.0.0",
"display_name": "ali-ubuntu-server",
"identity_fields": [
"host.name"
],
"id": "ZXKm6GEcUJY6NHkMgPPmGQ==",
"type": "node",
"definition_id": "security_host_default"
"name": "ali-ubuntu-server",
"id": "ali-ubuntu-server",
"type": "host",
"source": ".ds-logs-endpoint.events.process-default-2024.10.23-000001"
}
}
}
}
}
187 changes: 108 additions & 79 deletions x-pack/test/functional/es_archives/security_solution/entity_store/mappings.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,17 +33,27 @@
}
],
"properties": {
"@timestamp": {
"type": "date"
},
"asset": {
"properties": {
"criticality": {
"type": "keyword"
}
}
},
"entity": {
"properties": {
"definition_id": {
"definitionId": {
"type": "keyword",
"ignore_above": 1024
},
"definition_version": {
"definitionVersion": {
"type": "keyword",
"ignore_above": 1024
},
"display_name": {
"displayName": {
"type": "text",
"fields": {
"keyword": {
Expand All @@ -52,20 +62,34 @@
}
}
},
"firstSeenTimestamp": {
"type": "date"
},
"id": {
"type": "keyword",
"ignore_above": 1024
},
"identity_fields": {
"identityFields": {
"type": "keyword"
},
"last_seen_timestamp": {
"lastSeenTimestamp": {
"type": "date"
},
"schema_version": {
"name": {
"type": "text",
"fields": {
"text": {
"type": "keyword"
}
}
},
"schemaVersion": {
"type": "keyword",
"ignore_above": 1024
},
"source": {
"type": "keyword"
},
"type": {
"type": "keyword",
"ignore_above": 1024
Expand All @@ -82,58 +106,41 @@
"host": {
"properties": {
"architecture": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"domain": {
"type": "keyword"
},
"hostname": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"id": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"ip": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "ip"
},
"mac": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"name": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
"type": "keyword"
},
"risk": {
"properties": {
"calculated_level": {
"type": "keyword"
},
"calculated_score": {
"type": "float"
},
"calculated_score_norm": {
"type": "float"
}
}
},
"type": {
"type": "keyword"
}
}
},
Expand Down Expand Up @@ -191,17 +198,27 @@
}
],
"properties": {
"@timestamp": {
"type": "date"
},
"asset": {
"properties": {
"criticality": {
"type": "keyword"
}
}
},
"entity": {
"properties": {
"definition_id": {
"definitionId": {
"type": "keyword",
"ignore_above": 1024
},
"definition_version": {
"definitionVersion": {
"type": "keyword",
"ignore_above": 1024
},
"display_name": {
"displayName": {
"type": "text",
"fields": {
"keyword": {
Expand All @@ -210,20 +227,34 @@
}
}
},
"firstSeenTimestamp": {
"type": "date"
},
"id": {
"type": "keyword",
"ignore_above": 1024
},
"identity_fields": {
"identityFields": {
"type": "keyword"
},
"last_seen_timestamp": {
"lastSeenTimestamp": {
"type": "date"
},
"schema_version": {
"name": {
"type": "text",
"fields": {
"text": {
"type": "keyword"
}
}
},
"schemaVersion": {
"type": "keyword",
"ignore_above": 1024
},
"source": {
"type": "keyword"
},
"type": {
"type": "keyword",
"ignore_above": 1024
Expand All @@ -247,40 +278,38 @@
"user": {
"properties": {
"domain": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"email": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"full_name": {
"type": "keyword"
},
"hash": {
"type": "keyword"
},
"id": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
}
}
"type": "keyword"
},
"name": {
"type": "keyword",
"ignore_above": 1024,
"fields": {
"text": {
"type": "text"
"type": "keyword"
},
"risk": {
"properties": {
"calculated_level": {
"type": "keyword"
},
"calculated_score": {
"type": "float"
},
"calculated_score_norm": {
"type": "float"
}
}
},
"roles": {
"type": "keyword"
}
}
}
Expand All @@ -294,4 +323,4 @@
}
}
}
}
}

0 comments on commit 7a8d813

Please sign in to comment.