[Security Solution]Refresh every parameter causing page unresponsive under security pages

[ghost]

Describe the bug
Refresh every parameter causing page unresponsive under security pages

Build Details

Version:8.2.0-BC2
Commit:3535a206838845689639344afaf64a58c663b3c1
Build:51772

Preconditions

• Any Rule with generated alert should exist on the build

Steps

• Login to Kibana
  • Navigate to Overview page
  • Navigate to Host page
  • Navigate to Endpoint page
• Set refresh every time to negative
• Observed that page got unresponsive for different page under security

Screen-Cast

Hosts.-.Kibana.Mozilla.Firefox.2022-04-07.11-23-48.mp4

Alerts.-.Kibana.Mozilla.Firefox.2022-04-07.11-22-48.mp4

Administration.-.Kibana.Mozilla.Firefox.2022-04-07.12-03-49.mp4

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[banderror]

Hey @karanbirsingh-qasource @MadameSheema

So the description says Navigate to Rule Execution Tab of the Precondition rule but all the 3 screen recordings show other pages: Hosts, Alerts, and Endpoints. Are you saying the bug is still reproducible in the Rule execution logs tab on the Rule Details page? (#129332 has been fixed)

As for other pages:

• global search bar used on Hosts and Alerts is owned by the Security Solution Platform
• my guess is that the Endpoints page uses its own implementation of refresh logic - if yes, it would make sense to file a separate bug for the corresponding team

[ghost]

Hi @banderror screen-cast area missed to written in steps of bugs.

I have removed the Rule execution tab issue as it got fixed.

[banderror]

Thanks, I will unassign the rules area then.

[elasticmachine]

Pinging @elastic/kibana-app-services (Team:AppServicesSv)

[ppisljar]

is there something in our services causing this ?

[banderror]

@ppisljar I don't know why exactly @MadameSheema assigned it to your team, sorry about that. My guess is that the global search bar uses some components that the AppServices team provides, like the date picker -- maybe that was the reason?

@MadameSheema the global search bar in Security Solution is currently owned by @elastic/security-threat-hunting-explore folks. I think they should take a look first because the problem could be on the Security Solution side.

@stephmilovic could you please triage this one?

[jamster10]

Seems like negative times should simply not be allowed, even 0 or 1 seem like a bad a idea, 5 seconds seems reasonable but some queries don't even finish in 5 seconds 🤣 if theres a lot of data.

[jamster10]

I think this has been resolved but I can't find the supporting ticket. The current behaviour is to autopause when the value is negative.

I also came across this ticket: elastic/eui#6153 which requests the EUI team to update the component with a minimum attribute to prevent negative values.

Finally I think this component may belong to elastic/kibana-visualizations as testing it's behaviour required playing around in src/plugins/unified_search/public/search_bar/create_search_bar.tsx. (codeowner file has visualizations team listed for this part of our code unless I'm missing something)

line 59: function defaultOnRefreshChange) controls behaviour of messing with the refresh settings

@MadameSheema could you confirm what I'm seeing and lmk if this is good to be closed?

[elasticmachine]

Pinging @elastic/kibana-data-discovery (Team:DataDiscovery)

[ghost]

Hi @jamster10 thanks for the update.

we have validated this issue on latest BC of 8.6 BC5 and found the issue as fixed ✔️ . Refresh Every Parameter got paused just after adding negative index and app data is shown correctly.

Build Details:

Version: 8.6 BC5
Commit:ed40c16ce9999cc47ad55c11bb097d2e443b31a6
Build:58693

Screen-Cast

Alerts.-.Kibana.Mozilla.Firefox.2022-12-07.13-10-58.mp4

overview.mp4

Hosts.-.Kibana.Mozilla.Firefox.2022-12-07.13-11-30.mp4

Hence we are closing this issue and adding "QA:Validated" tag to it.

thanks

c.c @MadameSheema