[Security Solution][Detection] Not all Alert components refresh upon change alert status action

[spong]

When alerts change status (either via the Alerts Table take action menu, Alerts Table row overflow menu, or Alert Details take action menu), not all of the components on the page are refreshed to reflect the change. Upon alert status change the following components should refresh:

• Last alert component
• Histogram
• Count
• Alerts Table

Should be able to trigger a global page refresh via redux within the status change actions that way all current and future occurrences are covered.

Related: #107249

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[MadameSheema]

As part of this ticket, we need to remember to unskip the following Cypress test: Creates an exception and deletes it in x-pack/plugins/security_solution/cypress/integration/exceptions/from_alert.spec.ts as soon as the issue is fixed.

[MadameSheema]

@deepikakeshav-qasource can you please validate the fix of this issue in 7.15BC6? Thanks :)

[ghost]

Hi @MadameSheema,

We have validated this ticket on 7.15.0 BC6 build and We found that we are unable to update the alert status from Timeline. Please find the below observations for more details:

Build Details:

Version:7.15.0 BC6
Commit:ab43f574e8ea01f5093fe92b2f51c4b686eb6e63
Build:44026

• Refresh the all components when change alert status from take action under alert table 🟢

take.action.mp4

• Refresh the all components when change alert status from more action under alert table 🟢

more_action.mp4

• Refresh the all components when change alert status from rule details page. 🟢

rule_details.mp4

• Refresh the all components when change alert status from view details icon. 🟢

refresh.2.mp4

• Refresh the all components when change alert status from exception under alerts table. 🟢

external_alerts.mp4

• Refresh the all components when change alert status from exception under rule details. 🟢

• Unable to update the alert status from Timeline. 🔴

timeline.mp4

Thanks!!

[MadameSheema]

Hi @deepikakeshav-qasource can you please close this ticket and open a different one for the Unable to update the alert status from Timeline? We saw also that on the timeline, when you open the alerts details flyout the take action button it is not displayed at the bottom. Can you please open a ticket for that issue as well? If the issue is already reported, please,share the link of the ticket here. Lots of thanks :)

[rylnd]

Hi @deepikakeshav-qasource can you please close this ticket and open a different one for the Unable to update the alert status from Timeline?

@deepikakeshav-qasource @MadameSheema @peluja1012 FYI @dplumlee plans to address this issue as part of #112169.

[dplumlee]

I opened another ticket a couple days ago tracking this as well #112011

[ghost]

Hi Team,

Thank you for the update!!

I opened another ticket a couple days ago tracking this as well #112011

• For Unable to update the alert status from Timeline issue is already reported: [Security Solution][Detection Alerts] Refresh isn't synced with workflow status updates in Timeline  #112011

• For Take action button is not displayed in alert details flyout under the Timeline Reported issue separately. [Security Solution] Take action button is not displayed in alert details flyout under the Timeline #112378

Hence, We are closing this ticket.

Thanks!!