Skip to content

Commit

Permalink
Threat map optimization (#12132)
Browse files Browse the repository at this point in the history 
Fixes for the Threat Map:

- Fix invalid SVG path: Filtered out records with same location values for source
and destination in advance.
- Dashboard fix: Fix search query to include CCS (Cross Cluster Search) indices by default.
- Optimize Vega resource usage: Vega now avoids pulling the entire _source, reducing request size and resource consumption (CPU/Memory).
- Resolve animation field issue: Paths are now animated by default, even if the animate field is not present. The path remains idle only when the animate key explicitly has a false value.
  • Loading branch information
@navnit-crest
navnit-crest authored Dec 24, 2024
1 parent 8e9b909 commit 1aec29d
Show file tree
Hide file tree
Showing 5 changed files with 46 additions and 39 deletions.
4 changes: 2 additions & 2 deletions packages/threat_map/_dev/build/docs/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ To use the Threat Map dashboard, ensure the following:
## Data Format
Data is retrieved from Elasticsearch using the `_all` index search endpoint. Ensure the following fields exist in each document:
Data is retrieved from Elasticsearch using the `_all,*:_all` index search endpoint. Ensure the following fields exist in each document:
| Field | Description | Required/Optional | Default Value |
|-------------------------------|--------------------------------------------------------------------|-------------------|---------------|
Expand All @@ -53,7 +53,7 @@ Data is retrieved from Elasticsearch using the `_all` index search endpoint. Ens
| `destination.geo.country_name`| Country name of the destination | Required | |
| `destination.ip` | IP address of the destination | Required | |
| `color` | Arc color | Optional | `"#54B399"` |
| `animate` | Determines if the arc is animated | Optional | `false` |
| `animate` | Determines if the arc is animated | Optional | `true` |
| `weight` | Arc line thickness | Optional | `1` |
| `source_label` | Label at the source location | Optional | |
| `destination_label` | Label at the destination location | Optional | |
Expand Down
5 changes: 5 additions & 0 deletions packages/threat_map/changelog.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "0.1.1"
changes:
- description: Fix the DSL query to fetch only the fields used in the threat map visualization.
type: bugfix
link: https://github.com/elastic/integrations/pull/12132
- version: "0.1.0"
changes:
- description: Initial draft of the package
Expand Down
4 changes: 2 additions & 2 deletions packages/threat_map/docs/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ To use the Threat Map dashboard, ensure the following:
## Data Format
Data is retrieved from Elasticsearch using the `_all` index search endpoint. Ensure the following fields exist in each document:
Data is retrieved from Elasticsearch using the `_all,*:_all` index search endpoint. Ensure the following fields exist in each document:
| Field | Description | Required/Optional | Default Value |
|-------------------------------|--------------------------------------------------------------------|-------------------|---------------|
Expand All @@ -53,7 +53,7 @@ Data is retrieved from Elasticsearch using the `_all` index search endpoint. Ens
| `destination.geo.country_name`| Country name of the destination | Required | |
| `destination.ip` | IP address of the destination | Required | |
| `color` | Arc color | Optional | `"#54B399"` |
| `animate` | Determines if the arc is animated | Optional | `false` |
| `animate` | Determines if the arc is animated | Optional | `true` |
| `weight` | Arc line thickness | Optional | `1` |
| `source_label` | Label at the source location | Optional | |
| `destination_label` | Label at the destination location | Optional | |
Expand Down
Loading

0 comments on commit 1aec29d

Please sign in to comment.