Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[8.16] [Security Solution] [Timeline] Consolidate reduces, remove unneeded async/awaits, other small fixes (#197168) #201456

Merged
merged 1 commit into from
Nov 22, 2024
Merged

[8.16] [Security Solution] [Timeline] Consolidate reduces, remove unneeded async/awaits, other small fixes (#197168) #201456

merged 1 commit into from
Nov 22, 2024

Conversation

kibanamachine
Copy link
Contributor

Backport

This will backport the following commits from main to 8.16:

Questions ?

Please refer to the Backport tool documentation

@kqualters-elastic
[Security Solution] [Timeline] Consolidate reduces, remove unneeded a…
f323a3d 
…sync/awaits, other small fixes (elastic#197168)

## Summary

For most of 8.x, both anecdotally from users and in development,
timeline search strategy based apis would often seem slower than the
equivalent search in discover or elsewhere in kibana, and I have long
suspected that this came from how the timeline sever code formatted the
elasticsearch responses for use in the UI, and while working on
something else, noticed even higher than normal occurrences in logs of
"][http.server.Kibana] Event loop utilization for
/internal/search/timelineSearchStrategy exceeded threshold of..." and so
I tried to refactor all of the functions in place as much as possible,
keeping the apis similar, most of the unit tests, etc, but removing as
many as possible of the Promise.alls, reduce within reduce, etc. This
has lead to a substantial improvement in performance, as you can see
below, and with larger result sets, I think the difference would only be
more noticeable.

After fix:
~40 ms for formatTimelineData with ~1000 docs
<img width="1470" alt="image"
src="https://github.com/user-attachments/assets/c664f940-aa37-4335-9204-2a9300fbafa0">
Before fix:
~18000 ms for formatTimelineData with ~1000 docs
<img width="1464" alt="image"
src="https://github.com/user-attachments/assets/124fa327-13b9-41ef-9489-8d27f853590c">

[chrome_profile_timeline_slow.cpuprofile](https://github.com/user-attachments/files/17825602/chrome_profile_timeline_slow.cpuprofile)

[chrome_profile_timeline_fast.cpuprofile](https://github.com/user-attachments/files/17825606/chrome_profile_timeline_fast.cpuprofile)
I've attached the chrome devtools profiles for each, the time was
measured with the function:

```
async function measureAwait<T>(promise: Promise<T>, label: string): Promise<T> {
  const start = performance.now();
  try {
    const result = await promise;
    const duration = performance.now() - start;
    console.log(`${label} took ${duration}ms`);
    return result;
  } catch (error) {
    const duration = performance.now() - start;
    console.log(`${label} failed after ${duration}ms`);
    throw error;
  }
}
```

Wrapped around the call to formatTimelineData in
x-pack/plugins/timelines/server/search_strategy/timeline/factory/events/all/index.ts

### Checklist

- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

(cherry picked from commit 30fb8dd)
@kibanamachine kibanamachine requested review from a team as code owners November 22, 2024 18:30
@kibanamachine kibanamachine requested a review from a team as a code owner November 22, 2024 18:30
@kibanamachine kibanamachine requested a review from rylnd November 22, 2024 18:30
@kibanamachine kibanamachine enabled auto-merge (squash) November 22, 2024 18:30
@kibanamachine kibanamachine mentioned this pull request Nov 22, 2024
Merged
1 task
@kibanamachine kibanamachine merged commit 263d9b0 into elastic:8.16 Nov 22, 2024
37 checks passed
@elasticmachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 6150 6145 -5
timelines 140 175 +35
total +30

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id before after diff
timelines 182 192 +10

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 20.6MB 20.2MB -437.0KB

Public APIs missing exports

Total count of every type that is part of your API that should be exported but is not. This will cause broken links in the API documentation system. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats exports for more detailed information.

id before after diff
timelines 17 18 +1

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
timelines 113.5KB 201.9KB +88.4KB
Unknown metric groups

API count

id before after diff
timelines 226 236 +10

ESLint disabled line counts

id before after diff
timelines 24 26 +2

Total ESLint disabled count

id before after diff
timelines 24 26 +2

cc @kqualters-elastic

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@rylnd rylnd Awaiting requested review from rylnd rylnd was automatically assigned from elastic/security-detection-engine

Assignees

@kqualters-elastic kqualters-elastic

Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kibanamachine @elasticmachine @kqualters-elastic