diff --git a/.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml b/.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml index 8d1b778b67983..dbb9cb235c17e 100644 --- a/.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml +++ b/.buildkite/pipelines/es_serverless/verify_es_serverless_image.yml @@ -63,7 +63,7 @@ steps: queue: n2-4-spot depends_on: build timeout_in_minutes: 60 - parallelism: 6 + parallelism: 2 retry: automatic: - exit_status: '*' @@ -115,6 +115,32 @@ steps: queue: n2-4-spot depends_on: build timeout_in_minutes: 60 + parallelism: 4 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine.sh + label: 'Serverless Detection Engine - Security Solution Cypress Tests' + if: "build.env('SKIP_CYPRESS') != '1' && build.env('SKIP_CYPRESS') != 'true'" + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine_exceptions.sh + label: 'Serverless Detection Engine - Exceptions - Security Solution Cypress Tests' + if: "build.env('SKIP_CYPRESS') != '1' && build.env('SKIP_CYPRESS') != 'true'" + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 parallelism: 6 retry: automatic: diff --git a/.buildkite/pipelines/flaky_tests/groups.json b/.buildkite/pipelines/flaky_tests/groups.json index 99f88fe590a1d..46915d4a650b0 100644 --- a/.buildkite/pipelines/flaky_tests/groups.json +++ b/.buildkite/pipelines/flaky_tests/groups.json @@ -41,6 +41,23 @@ "key": "cypress/security_serverless_rule_management_prebuilt_rules", "name": "[Serverless] Security Solution Rule Management - Prebuilt Rules - Cypress" }, + { + "key": "cypress/security_solution_detection_engine", + "name": "Security Solution Detection Engine - Cypress" + }, + { + "key": "cypress/security_serverless_detection_engine", + "name": "[Serverless] Security Solution Detection Engine - Cypress" + }, + + { + "key": "cypress/security_solution_detection_engine_exceptions", + "name": "Security Solution Detection Engine - Exceptions - Cypress" + }, + { + "key": "cypress/security_serverless_detection_engine_exceptions", + "name": "[Serverless] Security Solution Detection Engine - Exceptions - Cypress" + }, { "key": "cypress/defend_workflows", "name": "Security Solution Defend Workflows - Cypress" diff --git a/.buildkite/pipelines/on_merge.yml b/.buildkite/pipelines/on_merge.yml index f92089099cbc5..814af53c5faa8 100644 --- a/.buildkite/pipelines/on_merge.yml +++ b/.buildkite/pipelines/on_merge.yml @@ -85,7 +85,7 @@ steps: queue: n2-4-spot depends_on: build timeout_in_minutes: 60 - parallelism: 6 + parallelism: 2 retry: automatic: - exit_status: '*' @@ -133,7 +133,7 @@ steps: queue: n2-4-spot depends_on: build timeout_in_minutes: 60 - parallelism: 6 + parallelism: 4 retry: automatic: - exit_status: '*' @@ -163,13 +163,61 @@ steps: - exit_status: '*' limit: 1 + - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine.sh + label: 'Serverless Detection Engine - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine_exceptions.sh + label: 'Serverless Detection Engine - Exceptions - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_detection_engine.sh + label: 'Detection Engine - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 8 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_detection_engine_exceptions.sh + label: 'Detection Engine - Exceptions - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + - command: .buildkite/scripts/steps/functional/security_solution.sh label: 'Security Solution Cypress Tests' agents: queue: n2-4-spot depends_on: build timeout_in_minutes: 60 - parallelism: 16 + parallelism: 8 retry: automatic: - exit_status: '*' diff --git a/.buildkite/pipelines/pull_request/base.yml b/.buildkite/pipelines/pull_request/base.yml index 8238afbee4fd2..33bcf5074dce9 100644 --- a/.buildkite/pipelines/pull_request/base.yml +++ b/.buildkite/pipelines/pull_request/base.yml @@ -63,7 +63,7 @@ steps: queue: n2-4-spot depends_on: build timeout_in_minutes: 60 - parallelism: 6 + parallelism: 2 retry: automatic: - exit_status: '*' @@ -111,6 +111,30 @@ steps: queue: n2-4-spot depends_on: build timeout_in_minutes: 60 + parallelism: 4 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine.sh + label: 'Serverless Detection Engine - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_serverless_detection_engine_exceptions.sh + label: 'Serverless Detection Engine - Exceptions - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 parallelism: 6 retry: automatic: @@ -123,7 +147,7 @@ steps: queue: n2-4-spot depends_on: build timeout_in_minutes: 60 - parallelism: 16 + parallelism: 8 retry: automatic: - exit_status: '*' @@ -164,6 +188,30 @@ steps: automatic: - exit_status: '*' limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_detection_engine.sh + label: 'Detection Engine - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 8 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/steps/functional/security_solution_detection_engine_exceptions.sh + label: 'Detection Engine - Exceptions - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + depends_on: build + timeout_in_minutes: 60 + parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 - command: .buildkite/scripts/steps/functional/security_solution_investigations.sh label: 'Investigations - Security Solution Cypress Tests' diff --git a/.buildkite/pipelines/security_solution/security_solution_cypress.yml b/.buildkite/pipelines/security_solution/security_solution_cypress.yml index 77e7fea574352..279d4d52d13ad 100644 --- a/.buildkite/pipelines/security_solution/security_solution_cypress.yml +++ b/.buildkite/pipelines/security_solution/security_solution_cypress.yml @@ -54,6 +54,30 @@ steps: # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. timeout_in_minutes: 300 parallelism: 6 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine + label: 'Serverless MKI QA Detection Engine - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. + timeout_in_minutes: 300 + parallelism: 8 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - command: .buildkite/scripts/pipelines/security_solution_quality_gate/security_solution_cypress/mki_security_solution_cypress.sh cypress:run:qa:serverless:detection_engine:exceptions + label: 'Serverless MKI QA Detection Engine - Exceptions - Security Solution Cypress Tests' + agents: + queue: n2-4-spot + # TODO : Revise the timeout when the pipeline will be officially integrated with the quality gate. + timeout_in_minutes: 300 + parallelism: 6 retry: automatic: - exit_status: '*' diff --git a/.buildkite/scripts/steps/functional/security_serverless_detection_engine.sh b/.buildkite/scripts/steps/functional/security_serverless_detection_engine.sh new file mode 100644 index 0000000000000..9920571af58d3 --- /dev/null +++ b/.buildkite/scripts/steps/functional/security_serverless_detection_engine.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/steps/functional/common.sh +source .buildkite/scripts/steps/functional/common_cypress.sh + +export JOB=kibana-security-solution-chrome +export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} + +echo "--- Detection Engine Cypress Tests on Serverless" + +cd x-pack/test/security_solution_cypress + +set +e +yarn cypress:detection_engine:run:serverless; status=$?; yarn junit:merge || :; exit $status diff --git a/.buildkite/scripts/steps/functional/security_serverless_detection_engine_exceptions.sh b/.buildkite/scripts/steps/functional/security_serverless_detection_engine_exceptions.sh new file mode 100644 index 0000000000000..f22937592168f --- /dev/null +++ b/.buildkite/scripts/steps/functional/security_serverless_detection_engine_exceptions.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/steps/functional/common.sh +source .buildkite/scripts/steps/functional/common_cypress.sh + +export JOB=kibana-security-solution-chrome +export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} + +echo "--- Detection Engine - Exceptions - Cypress Tests on Serverless" + +cd x-pack/test/security_solution_cypress + +set +e +yarn cypress:detection_engine:exceptions:run:serverless; status=$?; yarn junit:merge || :; exit $status diff --git a/.buildkite/scripts/steps/functional/security_solution_detection_engine.sh b/.buildkite/scripts/steps/functional/security_solution_detection_engine.sh new file mode 100644 index 0000000000000..30d0e73afcb70 --- /dev/null +++ b/.buildkite/scripts/steps/functional/security_solution_detection_engine.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/steps/functional/common.sh +source .buildkite/scripts/steps/functional/common_cypress.sh + +export JOB=kibana-security-solution-chrome +export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} + +echo "--- Detection Engine - Security Solution Cypress Tests" + +cd x-pack/test/security_solution_cypress + +set +e +yarn cypress:detection_engine:run:ess; status=$?; yarn junit:merge || :; exit $status diff --git a/.buildkite/scripts/steps/functional/security_solution_detection_engine_exceptions.sh b/.buildkite/scripts/steps/functional/security_solution_detection_engine_exceptions.sh new file mode 100644 index 0000000000000..09a18ff3956ed --- /dev/null +++ b/.buildkite/scripts/steps/functional/security_solution_detection_engine_exceptions.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/steps/functional/common.sh +source .buildkite/scripts/steps/functional/common_cypress.sh + +export JOB=kibana-security-solution-chrome +export KIBANA_INSTALL_DIR=${KIBANA_BUILD_LOCATION} + +echo "--- Detection Engine - Exceptions - Security Solution Cypress Tests" + +cd x-pack/test/security_solution_cypress + +set +e +yarn cypress:detection_engine:exceptions:run:ess; status=$?; yarn junit:merge || :; exit $status diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e5e5c6ecf858e..9212ffcb83fa0 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1386,14 +1386,7 @@ x-pack/test/security_solution_cypress/cypress/tasks/expandable_flyout @elastic/ /x-pack/plugins/security_solution/server/lib/detection_engine/routes/signals @elastic/security-detection-engine /x-pack/plugins/security_solution/server/lib/sourcerer @elastic/security-detection-engine -/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer @elastic/security-detection-engine -/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts @elastic/security-detection-engine -/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions @elastic/security-detection-engine -/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation @elastic/security-detection-engine -/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit @elastic/security-detection-engine -/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists @elastic/security-detection-engine -/x-pack/test/security_solution_cypress/cypress/e2e/exceptions @elastic/security-detection-engine -/x-pack/test/security_solution_cypress/cypress/e2e/overview @elastic/security-detection-engine +/x-pack/test/security_solution_cypress/cypress/e2e/detection_engine @elastic/security-detection-engine /x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/exceptions @elastic/security-detection-engine /x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/rule_creation @elastic/security-detection-engine /x-pack/test/security_solution_api_integration/test_suites/detections_response/default_license/actions @elastic/security-detection-engine diff --git a/x-pack/test/security_solution_cypress/cypress/README.md b/x-pack/test/security_solution_cypress/cypress/README.md index 88786aed7ff56..2a56955906315 100644 --- a/x-pack/test/security_solution_cypress/cypress/README.md +++ b/x-pack/test/security_solution_cypress/cypress/README.md @@ -62,15 +62,20 @@ Run the tests with the following yarn scripts from `x-pack/test/security_solutio | cypress | Runs the default Cypress command | | cypress:open:ess | Opens the Cypress UI with all tests in the `e2e` directory. This also runs a local kibana and ES instance. The kibana instance will reload when you make code changes. This is the recommended way to debug and develop tests. | | cypress:open:serverless | Opens the Cypress UI with all tests in the `e2e` directory. This also runs a mocked serverless environment. The kibana instance will reload when you make code changes. This is the recommended way to debug and develop tests. | -| cypress:run:ess | Runs all tests tagged as ESS placed in the `e2e` directory excluding `investigations`,`explore` and `detection_response/rule_management` directories in headless mode | +| cypress:run:ess | Runs all tests tagged as ESS placed in the `e2e` directory excluding `investigations`,`explore` and `detection_response` directories in headless mode | | cypress:run:cases:ess | Runs all tests under `explore/cases` in the `e2e` directory related to the Cases area team in headless mode | | cypress:ess | Runs all ESS tests with the specified configuration in headless mode and produces a report using `cypress-multi-reporters` | + | cypress:rule_management:run:ess | Runs all tests tagged as ESS in the `e2e/detection_response/rule_management` excluding `e2e/detection_response/rule_management/prebuilt_rules` directory in headless mode | | cypress:rule_management:prebuilt_rules:run:ess | Runs all tests tagged as ESS in the `e2e/detection_response/rule_management/prebuilt_rules` directory in headless mode | | cypress:run:respops:ess | Runs all tests related to the Response Ops area team, specifically tests in `detection_alerts`, `detection_rules`, and `exceptions` directories in headless mode | -| cypress:run:serverless | Runs all tests tagged as SERVERLESS in the `e2e` directory excluding `investigations`, `explore` and `rule_management` directories in headless mode | +| cypress:run:serverless | Runs all tests tagged as SERVERLESS in the `e2e` directory excluding `investigations`, `explore` and `detections_response` directories in headless mode | | cypress:rule_management:run:serverless | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/rule_management` excluding `e2e/detection_response/rule_management/prebuilt_rules` directory in headless mode | | cypress:rule_management:prebuilt_rules:run:serverless | Runs all tests tagged as ESS in the `e2e/detection_response/rule_management/prebuilt_rules` directory in headless mode | +| cypress:detection_engine:run:ess | Runs all tests tagged as ESS in the `e2e/detection_response/detection_engine` excluding `e2e/detection_response/detection_engine/exceptions` directory in headless mode | +| cypress:detection_engine:exceptions:run:ess | Runs all tests tagged as ESS in the `e2e/detection_response/detection_engine/exceptions` directory in headless mode | +| cypress:detection_engine:run:serverless | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/detection_engine` excluding `e2e/detection_response/detection_engine` directory in headless mode | +| cypress:detection_engine:exceptions:run:serverless | Runs all tests tagged as ESS in the `e2e/detection_response/detection_engine/exceptions` directory in headless mode | | cypress:investigations:run:ess | Runs all tests tagged as SERVERLESS in the `e2e/investigations` directory in headless mode | | cypress:explore:run:ess | Runs all tests tagged as ESS in the `e2e/explore` directory in headless mode | | cypress:investigations:run:serverless | Runs all tests tagged as SERVERLESS in the `e2e/investigations` directory in headless mode | @@ -81,6 +86,10 @@ Run the tests with the following yarn scripts from `x-pack/test/security_solutio | cypress:run:qa:serverless:investigations | Runs all tests tagged as SERVERLESS in the `e2e/investigations` directory in headless mode using the QA environment and reak MKI projects. | | cypress:run:qa:serverless:rule_management | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/rule_management` directory, excluding `e2e/detection_response/rule_management/prebuilt_rules` in headless mode using the QA environment and reak MKI projects. | | cypress:run:qa:serverless:rule_management:prebuilt_rules | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/rule_management/prebuilt_rules` directory in headless mode using the QA environment and reak MKI projects. | +| cypress:run:qa:serverless:detection_engine | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/detection_engine` directory, excluding `e2e/detection_response/detection_engine/exceptions` in headless mode using the QA environment and reak MKI projects. | +| cypress:run:qa:serverless:detection_engine:exceptions | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/detection_engine/exceptions` directory in headless mode using the QA environment and reak MKI projects. | + + | junit:merge | Merges individual test reports into a single report and moves the report to the `junit` directory | Please note that all the headless mode commands do not open the Cypress UI and are typically used in CI/CD environments. The scripts that open the Cypress UI are useful for development and debugging. @@ -111,6 +120,7 @@ If you belong to one of the teams listed in the table, please add new e2e specs | `e2e/explore` | Threat Hunting Explore | | `e2e/investigations` | Threat Hunting Investigations | | `e2e/detection_response/rule_management` | Detection Rule Management | +| `e2e/detection_response/detection_engine` | Detection Engine | ### fixtures/ @@ -259,6 +269,9 @@ Run the tests with the following yarn scripts from `x-pack/test/security_solutio | cypress:run:qa:serverless:investigations | Runs all tests tagged as SERVERLESS in the `e2e/investigations` directory in headless mode using the QA environment and reak MKI projects. | | cypress:run:qa:serverless:rule_management | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/rule_management` directory, excluding `e2e/detection_response/rule_management/prebuilt_rules` in headless mode using the QA environment and reak MKI projects. | | cypress:run:qa:serverless:rule_management:prebuilt_rules | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/rule_management/prebuilt_rules` directory in headless mode using the QA environment and reak MKI projects. | +| cypress:run:qa:serverless:detection_engine | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/detection_engine` directory, excluding `e2e/detection_response/detection_engine/exceptions` in headless mode using the QA environment and reak MKI projects. | +| cypress:run:qa:serverless:detection_engine:prebuilt_rules | Runs all tests tagged as SERVERLESS in the `e2e/detection_response/detection_engine/exceptions` directory in headless mode using the QA environment and reak MKI projects. | + Please note that all the headless mode commands do not open the Cypress UI and are typically used in CI/CD environments. The scripts that open the Cypress UI are useful for development and debugging. diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alert_status.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alert_status.cy.ts deleted file mode 100644 index 1b03577e778ba..0000000000000 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alert_status.cy.ts +++ /dev/null @@ -1,267 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { getNewRule } from '../../../objects/rule'; -import { - ALERTS_COUNT, - CLOSE_SELECTED_ALERTS_BTN, - MARK_ALERT_ACKNOWLEDGED_BTN, - SELECTED_ALERTS, - TAKE_ACTION_POPOVER_BTN, - TIMELINE_CONTEXT_MENU_BTN, -} from '../../../screens/alerts'; - -import { - selectNumberOfAlerts, - waitForAlerts, - markAcknowledgedFirstAlert, - markAlertsAcknowledged, - goToAcknowledgedAlerts, - closeFirstAlert, - closeAlerts, - goToClosedAlerts, - goToOpenedAlerts, - openAlerts, - openFirstAlert, -} from '../../../tasks/alerts'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; - -import { ALERTS_URL } from '../../../urls/navigation'; - -// FLAKY: https://github.com/elastic/kibana/issues/169091 -describe.skip('Changing alert status', { tags: ['@ess', '@serverless'] }, () => { - before(() => { - cy.task('esArchiverLoad', { archiveName: 'auditbeat_multiple' }); - }); - - after(() => { - cy.task('esArchiverUnload', 'auditbeat_multiple'); - }); - - context('Opening alerts', { tags: ['@ess', '@serverless'] }, () => { - beforeEach(() => { - login(); - deleteAlertsAndRules(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - selectNumberOfAlerts(3); - cy.get(SELECTED_ALERTS).should('have.text', `Selected 3 alerts`); - closeAlerts(); - waitForAlerts(); - }); - - it('can mark a closed alert as open', () => { - waitForAlertsToPopulate(); - cy.get(ALERTS_COUNT) - .invoke('text') - .then((numberOfOpenedAlertsText) => { - const numberOfOpenedAlerts = parseInt(numberOfOpenedAlertsText, 10); - goToClosedAlerts(); - waitForAlerts(); - cy.get(ALERTS_COUNT) - .invoke('text') - .then((alertNumberString) => { - const numberOfAlerts = alertNumberString.split(' ')[0]; - const numberOfAlertsToBeOpened = 1; - - openFirstAlert(); - waitForAlerts(); - - const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeOpened; - cy.get(ALERTS_COUNT).contains(expectedNumberOfAlerts); - - goToOpenedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).contains(`${numberOfOpenedAlerts + numberOfAlertsToBeOpened}`); - }); - }); - }); - - it('can bulk open alerts', () => { - waitForAlertsToPopulate(); - cy.get(ALERTS_COUNT) - .invoke('text') - .then((numberOfOpenedAlertsText) => { - const numberOfOpenedAlerts = parseInt(numberOfOpenedAlertsText, 10); - goToClosedAlerts(); - waitForAlerts(); - cy.get(ALERTS_COUNT) - .invoke('text') - .then((alertNumberString) => { - const numberOfAlerts = alertNumberString.split(' ')[0]; - const numberOfAlertsToBeOpened = 2; - const numberOfAlertsToBeSelected = 2; - - selectNumberOfAlerts(numberOfAlertsToBeSelected); - cy.get(SELECTED_ALERTS).should( - 'have.text', - `Selected ${numberOfAlertsToBeSelected} alerts` - ); - - openAlerts(); - waitForAlerts(); - - const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeOpened; - cy.get(ALERTS_COUNT).contains(expectedNumberOfAlerts); - - goToOpenedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).contains(`${numberOfOpenedAlerts + numberOfAlertsToBeOpened}`); - }); - }); - }); - }); - - context('Marking alerts as acknowledged', { tags: ['@ess', '@serverless'] }, () => { - beforeEach(() => { - login(); - deleteAlertsAndRules(); - createRule(getNewRule()); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - }); - - it('can mark alert as acknowledged', () => { - cy.get(ALERTS_COUNT) - .invoke('text') - .then((alertNumberString) => { - const numberOfAlerts = alertNumberString.split(' ')[0]; - const numberOfAlertsToBeMarkedAcknowledged = 1; - - markAcknowledgedFirstAlert(); - waitForAlerts(); - const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeMarkedAcknowledged; - cy.get(ALERTS_COUNT).contains(expectedNumberOfAlerts); - - goToAcknowledgedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).contains(`${numberOfAlertsToBeMarkedAcknowledged}`); - }); - }); - - it('can bulk mark alerts as acknowledged', () => { - cy.get(ALERTS_COUNT) - .invoke('text') - .then((alertNumberString) => { - const numberOfAlerts = alertNumberString.split(' ')[0]; - const numberOfAlertsToBeMarkedAcknowledged = 2; - const numberOfAlertsToBeSelected = 2; - - selectNumberOfAlerts(numberOfAlertsToBeSelected); - - markAlertsAcknowledged(); - waitForAlerts(); - const expectedNumberOfAlerts = +numberOfAlerts - numberOfAlertsToBeMarkedAcknowledged; - cy.get(ALERTS_COUNT).contains(expectedNumberOfAlerts); - - goToAcknowledgedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).contains(numberOfAlertsToBeMarkedAcknowledged); - }); - }); - }); - - context('Closing alerts', { tags: ['@ess', '@serverless'] }, () => { - beforeEach(() => { - login(); - deleteAlertsAndRules(); - createRule(getNewRule({ rule_id: '1', max_signals: 100 })); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - }); - it('can close an alert', () => { - const numberOfAlertsToBeClosed = 1; - cy.get(ALERTS_COUNT) - .invoke('text') - .then((alertNumberString) => { - const numberOfAlerts = alertNumberString.split(' ')[0]; - cy.get(ALERTS_COUNT).should('have.text', `${numberOfAlerts} alerts`); - - selectNumberOfAlerts(numberOfAlertsToBeClosed); - - cy.get(SELECTED_ALERTS).should('have.text', `Selected ${numberOfAlertsToBeClosed} alert`); - - closeFirstAlert(); - waitForAlerts(); - - const expectedNumberOfAlertsAfterClosing = +numberOfAlerts - numberOfAlertsToBeClosed; - cy.get(ALERTS_COUNT).contains(expectedNumberOfAlertsAfterClosing); - - goToClosedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).contains(numberOfAlertsToBeClosed); - }); - }); - - it('can bulk close alerts', () => { - const numberOfAlertsToBeClosed = 2; - cy.get(ALERTS_COUNT) - .invoke('text') - .then((alertNumberString) => { - const numberOfAlerts = alertNumberString.split(' ')[0]; - cy.get(ALERTS_COUNT).should('have.text', `${numberOfAlerts} alerts`); - - selectNumberOfAlerts(numberOfAlertsToBeClosed); - - cy.get(SELECTED_ALERTS).should( - 'have.text', - `Selected ${numberOfAlertsToBeClosed} alerts` - ); - - closeAlerts(); - waitForAlerts(); - - const expectedNumberOfAlertsAfterClosing = +numberOfAlerts - numberOfAlertsToBeClosed; - cy.get(ALERTS_COUNT).contains(expectedNumberOfAlertsAfterClosing); - - goToClosedAlerts(); - waitForAlerts(); - - cy.get(ALERTS_COUNT).contains(numberOfAlertsToBeClosed); - }); - }); - }); - - // This test is unable to be run in serverless as `reader` is not available and viewer is currently reserved - // https://github.com/elastic/kibana/pull/169723#issuecomment-1793191007 - // https://github.com/elastic/kibana/issues/170583 - context('User is readonly', { tags: ['@ess', '@brokenInServerless'] }, () => { - beforeEach(() => { - login(); - visit(ALERTS_URL); - deleteAlertsAndRules(); - createRule(getNewRule()); - login(ROLES.reader); - visit(ALERTS_URL); - waitForAlertsToPopulate(); - }); - it('should not allow users to change a single alert status', () => { - // This is due to the reader role which makes everything in security 'read only' - cy.get(TIMELINE_CONTEXT_MENU_BTN).should('not.exist'); - }); - - it('should not allow users to bulk change the alert status', () => { - selectNumberOfAlerts(2); - cy.get(TAKE_ACTION_POPOVER_BTN).first().click(); - cy.get(TAKE_ACTION_POPOVER_BTN).should('be.visible'); - - cy.get(CLOSE_SELECTED_ALERTS_BTN).should('not.exist'); - cy.get(MARK_ALERT_ACKNOWLEDGED_BTN).should('not.exist'); - }); - }); -}); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alert_tags.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alert_tags.cy.ts deleted file mode 100644 index 4fb4d50e7c6d9..0000000000000 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alert_tags.cy.ts +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { getNewRule } from '../../../objects/rule'; -import { - clickAlertTag, - openAlertTaggingBulkActionMenu, - selectNumberOfAlerts, - updateAlertTags, -} from '../../../tasks/alerts'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { login } from '../../../tasks/login'; -import { visitWithTimeRange } from '../../../tasks/navigation'; -import { ALERTS_URL } from '../../../urls/navigation'; -import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; -import { - ALERTS_TABLE_ROW_LOADER, - MIXED_ALERT_TAG, - SELECTED_ALERT_TAG, - UNSELECTED_ALERT_TAG, -} from '../../../screens/alerts'; - -describe('Alert tagging', { tags: ['@ess', '@serverless'] }, () => { - before(() => { - cy.task('esArchiverLoad', { archiveName: 'endpoint' }); - cy.task('esArchiverLoad', { archiveName: 'auditbeat_multiple' }); - }); - - after(() => { - cy.task('esArchiverUnload', 'endpoint'); - cy.task('esArchiverUnload', 'auditbeat_multiple'); - }); - - beforeEach(() => { - login(); - deleteAlertsAndRules(); - createRule(getNewRule({ rule_id: 'new custom rule' })); - visitWithTimeRange(ALERTS_URL); - waitForAlertsToPopulate(); - }); - - it('Add and remove a tag using the alert bulk action menu', () => { - // Add a tag to one alert - selectNumberOfAlerts(1); - openAlertTaggingBulkActionMenu(); - clickAlertTag('Duplicate'); - updateAlertTags(); - cy.get(ALERTS_TABLE_ROW_LOADER).should('not.exist'); - selectNumberOfAlerts(1); - openAlertTaggingBulkActionMenu(); - cy.get(SELECTED_ALERT_TAG).contains('Duplicate'); - // Remove tag from that alert - clickAlertTag('Duplicate'); - updateAlertTags(); - cy.get(ALERTS_TABLE_ROW_LOADER).should('not.exist'); - selectNumberOfAlerts(1); - openAlertTaggingBulkActionMenu(); - cy.get(UNSELECTED_ALERT_TAG).first().contains('Duplicate'); - }); - - it('Add a tag using the alert bulk action menu with mixed state', () => { - // Add tag to one alert first - selectNumberOfAlerts(1); - openAlertTaggingBulkActionMenu(); - clickAlertTag('Duplicate'); - updateAlertTags(); - cy.get(ALERTS_TABLE_ROW_LOADER).should('not.exist'); - // Then add tags to both alerts - selectNumberOfAlerts(5); - openAlertTaggingBulkActionMenu(); - cy.get(MIXED_ALERT_TAG).contains('Duplicate'); - clickAlertTag('Duplicate'); - updateAlertTags(); - cy.get(ALERTS_TABLE_ROW_LOADER).should('not.exist'); - selectNumberOfAlerts(5); - openAlertTaggingBulkActionMenu(); - cy.get(SELECTED_ALERT_TAG).contains('Duplicate'); - }); - - it('Remove a tag using the alert bulk action menu with mixed state', () => { - // Add tag to one alert first - selectNumberOfAlerts(1); - openAlertTaggingBulkActionMenu(); - clickAlertTag('Duplicate'); - updateAlertTags(); - cy.get(ALERTS_TABLE_ROW_LOADER).should('not.exist'); - waitForAlertsToPopulate(); - // Then remove tags from both alerts - selectNumberOfAlerts(2); - openAlertTaggingBulkActionMenu(); - cy.get(MIXED_ALERT_TAG).contains('Duplicate'); - clickAlertTag('Duplicate'); - clickAlertTag('Duplicate'); // Clicking twice will return to unselected state - updateAlertTags(); - cy.get(ALERTS_TABLE_ROW_LOADER).should('not.exist'); - selectNumberOfAlerts(2); - openAlertTaggingBulkActionMenu(); - cy.get(UNSELECTED_ALERT_TAG).first().contains('Duplicate'); - }); -}); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts deleted file mode 100644 index 8ffb094f94e5a..0000000000000 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/alerts_detection_callouts_index_outdated.cy.ts +++ /dev/null @@ -1,200 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ROLES } from '@kbn/security-solution-plugin/common/test'; - -import { ALERTS_URL } from '../../../urls/navigation'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { ruleDetailsUrl } from '../../../urls/rule_details'; -import { getNewRule } from '../../../objects/rule'; -import { PAGE_TITLE } from '../../../screens/common/page'; - -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; - -import { createRule, deleteCustomRule } from '../../../tasks/api_calls/rules'; -import { - getCallOut, - NEED_ADMIN_FOR_UPDATE_CALLOUT, - waitForCallOutToBeShown, -} from '../../../tasks/common/callouts'; - -const loadPageAsPlatformEngineerUser = (url: string) => { - login(ROLES.soc_manager); - visit(url); - waitForPageTitleToBeShown(); -}; - -const waitForPageTitleToBeShown = () => { - cy.get(PAGE_TITLE).should('be.visible'); -}; - -describe( - 'Detections > Need Admin Callouts indicating an admin is needed to migrate the alert data set', - { tags: ['@ess', '@skipInServerless'] }, - () => { - before(() => { - // First, we have to open the app on behalf of a privileged user in order to initialize it. - // Otherwise the app will be disabled and show a "welcome"-like page. - login(); - visit(ALERTS_URL); - waitForPageTitleToBeShown(); - }); - - context( - 'The users index_mapping_outdated is "true" and their admin callouts should show up', - () => { - beforeEach(() => { - // Index mapping outdated is forced to return true as being outdated so that we get the - // need admin callouts being shown. - cy.intercept('GET', '/api/detection_engine/index', (req) => { - req.reply((res) => { - res.send(200, { - index_mapping_outdated: true, - name: '.alerts-security.alerts-default', - }); - }); - }); - }); - - context('On Detections home page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(ALERTS_URL); - }); - - it('We show the need admin primary callout', () => { - waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); - }); - }); - - context('On Rules Management page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(RULES_MANAGEMENT_URL); - }); - - it('We show 1 primary callout of need admin', () => { - waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); - }); - }); - - context('On Rule Details page', () => { - beforeEach(() => { - createRule(getNewRule({ rule_id: 'rule_testing' })).then((rule) => - loadPageAsPlatformEngineerUser(ruleDetailsUrl(rule.body.id)) - ); - }); - - afterEach(() => { - deleteCustomRule(); - }); - - it('We show 1 primary callout', () => { - waitForCallOutToBeShown(NEED_ADMIN_FOR_UPDATE_CALLOUT, 'primary'); - }); - }); - } - ); - - context( - 'The users index_mapping_outdated is "false" and their admin callouts should not show up ', - () => { - beforeEach(() => { - // Index mapping outdated is forced to return true as being outdated so that we get the - // need admin callouts being shown. - cy.intercept('GET', '/api/detection_engine/index', { - index_mapping_outdated: false, - name: '.alerts-security.alerts-default', - }); - }); - context('On Detections home page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(ALERTS_URL); - }); - - it('We show the need admin primary callout', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - - context('On Rules Management page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(RULES_MANAGEMENT_URL); - }); - - it('We show 1 primary callout of need admin', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - - context('On Rule Details page', () => { - beforeEach(() => { - createRule(getNewRule({ rule_id: 'rule_testing' })).then((rule) => - loadPageAsPlatformEngineerUser(ruleDetailsUrl(rule.body.id)) - ); - }); - - afterEach(() => { - deleteCustomRule(); - }); - - it('We show 1 primary callout', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - } - ); - - context( - 'The users index_mapping_outdated is "null" and their admin callouts should not show up ', - () => { - beforeEach(() => { - // Index mapping outdated is forced to return true as being outdated so that we get the - // need admin callouts being shown. - cy.intercept('GET', '/api/detection_engine/index', { - index_mapping_outdated: null, - name: '.alerts-security.alerts-default', - }); - }); - context('On Detections home page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(ALERTS_URL); - }); - - it('We show the need admin primary callout', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - - context('On Rules Management page', () => { - beforeEach(() => { - loadPageAsPlatformEngineerUser(RULES_MANAGEMENT_URL); - }); - - it('We show 1 primary callout of need admin', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - - context('On Rule Details page', () => { - beforeEach(() => { - createRule(getNewRule({ rule_id: 'rule_testing' })).then((rule) => - loadPageAsPlatformEngineerUser(ruleDetailsUrl(rule.body.id)) - ); - }); - - afterEach(() => { - deleteCustomRule(); - }); - - it('We show 1 primary callout', () => { - getCallOut(NEED_ADMIN_FOR_UPDATE_CALLOUT).should('not.exist'); - }); - }); - } - ); - } -); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/missing_privileges_callout.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/missing_privileges_callout.cy.ts deleted file mode 100644 index 4dffc5f322ad8..0000000000000 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/missing_privileges_callout.cy.ts +++ /dev/null @@ -1,148 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { ROLES } from '@kbn/security-solution-plugin/common/test'; - -import { ALERTS_URL } from '../../../urls/navigation'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { getNewRule } from '../../../objects/rule'; -import { PAGE_TITLE } from '../../../screens/common/page'; - -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { createRule, deleteCustomRule } from '../../../tasks/api_calls/rules'; -import { - getCallOut, - waitForCallOutToBeShown, - dismissCallOut, - MISSING_PRIVILEGES_CALLOUT, -} from '../../../tasks/common/callouts'; -import { ruleDetailsUrl } from '../../../urls/rule_details'; - -const loadPageAsReadOnlyUser = (url: string) => { - login(ROLES.t1_analyst); - visit(url); - waitForPageTitleToBeShown(); -}; - -const loadPageAsPlatformEngineer = (url: string) => { - login(ROLES.platform_engineer); - visit(url); - waitForPageTitleToBeShown(); -}; - -const reloadPage = () => { - cy.reload(); - waitForPageTitleToBeShown(); -}; - -const waitForPageTitleToBeShown = () => { - cy.get(PAGE_TITLE).should('be.visible'); -}; - -describe( - 'Detections > Callouts', - { tags: ['@ess', '@serverless', '@brokenInServerlessQA'] }, - () => { - before(() => { - // First, we have to open the app on behalf of a privileged user in order to initialize it. - // Otherwise the app will be disabled and show a "welcome"-like page. - login(); - visit(ALERTS_URL); - waitForPageTitleToBeShown(); - }); - - context('indicating read-only access to resources', () => { - context('On Detections home page', () => { - beforeEach(() => { - loadPageAsReadOnlyUser(ALERTS_URL); - }); - - it('We show one primary callout', () => { - waitForCallOutToBeShown(MISSING_PRIVILEGES_CALLOUT, 'primary'); - }); - - context('When a user clicks Dismiss on the callout', () => { - it('We hide it and persist the dismissal', () => { - waitForCallOutToBeShown(MISSING_PRIVILEGES_CALLOUT, 'primary'); - dismissCallOut(MISSING_PRIVILEGES_CALLOUT); - reloadPage(); - getCallOut(MISSING_PRIVILEGES_CALLOUT).should('not.exist'); - }); - }); - }); - - // FYI: Rules Management check moved to ../detection_rules/all_rules_read_only.spec.ts - - context('On Rule Details page', () => { - beforeEach(() => { - createRule(getNewRule()).then((rule) => - loadPageAsReadOnlyUser(ruleDetailsUrl(rule.body.id)) - ); - }); - - afterEach(() => { - deleteCustomRule(); - }); - - it('We show one primary callout', () => { - waitForCallOutToBeShown(MISSING_PRIVILEGES_CALLOUT, 'primary'); - }); - - context('When a user clicks Dismiss on the callouts', () => { - it('We hide them and persist the dismissal', () => { - waitForCallOutToBeShown(MISSING_PRIVILEGES_CALLOUT, 'primary'); - - dismissCallOut(MISSING_PRIVILEGES_CALLOUT); - reloadPage(); - - getCallOut(MISSING_PRIVILEGES_CALLOUT).should('not.exist'); - }); - }); - }); - }); - - context('indicating read-write access to resources', () => { - context('On Detections home page', () => { - beforeEach(() => { - loadPageAsPlatformEngineer(ALERTS_URL); - }); - - it('We show no callout', () => { - getCallOut(MISSING_PRIVILEGES_CALLOUT).should('not.exist'); - }); - }); - - context('On Rules Management page', () => { - beforeEach(() => { - login(ROLES.platform_engineer); - loadPageAsPlatformEngineer(RULES_MANAGEMENT_URL); - }); - - it('We show no callout', () => { - getCallOut(MISSING_PRIVILEGES_CALLOUT).should('not.exist'); - }); - }); - - context('On Rule Details page', () => { - beforeEach(() => { - createRule(getNewRule()).then((rule) => - loadPageAsPlatformEngineer(ruleDetailsUrl(rule.body.id)) - ); - }); - - afterEach(() => { - deleteCustomRule(); - }); - - it('We show no callouts', () => { - getCallOut(MISSING_PRIVILEGES_CALLOUT).should('not.exist'); - }); - }); - }); - } -); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/threat_match_enrichments.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/threat_match_enrichments.cy.ts deleted file mode 100644 index 7ef766d14bfc4..0000000000000 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/threat_match_enrichments.cy.ts +++ /dev/null @@ -1,199 +0,0 @@ -/* - * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one - * or more contributor license agreements. Licensed under the Elastic License - * 2.0; you may not use this file except in compliance with the Elastic License - * 2.0. - */ - -import { disableExpandableFlyout } from '../../../tasks/api_calls/kibana_advanced_settings'; -import { getNewThreatIndicatorRule, indicatorRuleMatchingDoc } from '../../../objects/rule'; -import { login } from '../../../tasks/login'; -import { - JSON_TEXT, - TABLE_CELL, - TABLE_ROWS, - THREAT_DETAILS_VIEW, - ENRICHMENT_COUNT_NOTIFICATION, - INDICATOR_MATCH_ENRICHMENT_SECTION, - INVESTIGATION_TIME_ENRICHMENT_SECTION, - THREAT_DETAILS_ACCORDION, -} from '../../../screens/alerts_details'; -import { TIMELINE_FIELD } from '../../../screens/rule_details'; -import { expandFirstAlert, setEnrichmentDates, viewThreatIntelTab } from '../../../tasks/alerts'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { openJsonView, openThreatIndicatorDetails } from '../../../tasks/alerts_details'; -import { addsFieldsToTimeline, visitRuleDetailsPage } from '../../../tasks/rule_details'; - -// TODO: https://github.com/elastic/kibana/issues/161539 -describe( - 'Threat Match Enrichment', - { tags: ['@ess', '@serverless', '@brokenInServerless'] }, - () => { - before(() => { - // illegal_argument_exception: unknown setting [index.lifecycle.rollover_alias] - cy.task('esArchiverLoad', { archiveName: 'threat_indicator' }); - cy.task('esArchiverLoad', { archiveName: 'suspicious_source_event' }); - login(); - - disableExpandableFlyout(); - }); - - after(() => { - cy.task('esArchiverUnload', 'threat_indicator'); - cy.task('esArchiverUnload', 'suspicious_source_event'); - }); - - beforeEach(() => { - login(); - createRule({ ...getNewThreatIndicatorRule(), rule_id: 'rule_testing', enabled: true }).then( - (rule) => visitRuleDetailsPage(rule.body.id) - ); - }); - - // TODO: https://github.com/elastic/kibana/issues/161539 - // Skipped: https://github.com/elastic/kibana/issues/162818 - it.skip('Displays enrichment matched.* fields on the timeline', () => { - const expectedFields = { - 'threat.enrichments.matched.atomic': indicatorRuleMatchingDoc.atomic, - 'threat.enrichments.matched.type': indicatorRuleMatchingDoc.matchedType, - 'threat.enrichments.matched.field': - getNewThreatIndicatorRule().threat_mapping[0].entries[0].field, - 'threat.enrichments.matched.id': indicatorRuleMatchingDoc.matchedId, - 'threat.enrichments.matched.index': indicatorRuleMatchingDoc.matchedIndex, - }; - const fields = Object.keys(expectedFields) as Array; - - addsFieldsToTimeline('threat.enrichments.matched', fields); - - fields.forEach((field) => { - cy.get(TIMELINE_FIELD(field)).should('have.text', expectedFields[field]); - }); - }); - - it('Displays persisted enrichments on the JSON view', () => { - const expectedEnrichment = [ - { - 'indicator.file.hash.md5': ['9b6c3518a91d23ed77504b5416bfb5b3'], - 'matched.index': ['logs-ti_abusech.malware'], - 'indicator.file.type': ['elf'], - 'indicator.file.hash.tlsh': [ - '6D7312E017B517CC1371A8353BED205E9128223972AE35302E97528DF957703BAB2DBE', - ], - 'feed.name': ['AbuseCH malware'], - 'indicator.file.hash.ssdeep': [ - '1536:87vbq1lGAXSEYQjbChaAU2yU23M51DjZgSQAvcYkFtZTjzBht5:8D+CAXFYQChaAUk5ljnQssL', - ], - 'indicator.file.hash.sha256': [ - 'a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3', - ], - 'indicator.first_seen': ['2021-03-10T08:02:14.000Z'], - 'matched.field': ['myhash.mysha256'], - 'indicator.type': ['file'], - 'matched.type': ['indicator_match_rule'], - 'matched.id': ['84cf452c1e0375c3d4412cb550bd1783358468a3b3b777da4829d72c7d6fb74f'], - 'matched.atomic': ['a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3'], - 'indicator.file.size': [80280], - }, - ]; - - expandFirstAlert(); - openJsonView(); - - cy.get(JSON_TEXT).then((x) => { - const parsed = JSON.parse(x.text()); - expect(parsed.fields['threat.enrichments']).to.deep.equal(expectedEnrichment); - }); - }); - - it('Displays threat indicator details on the threat intel tab', () => { - const expectedThreatIndicatorData = [ - { field: 'feed.name', value: 'AbuseCH malware' }, - { field: 'indicator.file.hash.md5', value: '9b6c3518a91d23ed77504b5416bfb5b3' }, - { - field: 'indicator.file.hash.sha256', - value: 'a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3', - }, - { - field: 'indicator.file.hash.ssdeep', - value: '1536:87vbq1lGAXSEYQjbChaAU2yU23M51DjZgSQAvcYkFtZTjzBht5:8D+CAXFYQChaAUk5ljnQssL', - }, - { - field: 'indicator.file.hash.tlsh', - value: '6D7312E017B517CC1371A8353BED205E9128223972AE35302E97528DF957703BAB2DBE', - }, - { field: 'indicator.file.size', value: '80280' }, - { field: 'indicator.file.type', value: 'elf' }, - { field: 'indicator.first_seen', value: '2021-03-10T08:02:14.000Z' }, - { field: 'indicator.type', value: 'file' }, - { - field: 'matched.atomic', - value: 'a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3', - }, - { field: 'matched.field', value: 'myhash.mysha256' }, - { - field: 'matched.id', - value: '84cf452c1e0375c3d4412cb550bd1783358468a3b3b777da4829d72c7d6fb74f', - }, - { field: 'matched.index', value: 'logs-ti_abusech.malware' }, - { field: 'matched.type', value: 'indicator_match_rule' }, - ]; - - expandFirstAlert(); - openThreatIndicatorDetails(); - - cy.get(ENRICHMENT_COUNT_NOTIFICATION).should('have.text', '1'); - cy.get(THREAT_DETAILS_VIEW).within(() => { - cy.get(TABLE_ROWS).should('have.length', expectedThreatIndicatorData.length); - expectedThreatIndicatorData.forEach((row, index) => { - cy.get(TABLE_ROWS) - .eq(index) - .within(() => { - cy.get(TABLE_CELL).eq(0).should('have.text', row.field); - cy.get(TABLE_CELL).eq(1).should('have.text', row.value); - }); - }); - }); - }); - - describe('with additional indicators', () => { - before(() => { - cy.task('esArchiverLoad', { archiveName: 'threat_indicator2' }); - }); - - after(() => { - cy.task('esArchiverUnload', 'threat_indicator2'); - }); - - it('Displays matched fields from both indicator match rules and investigation time enrichments on Threat Intel tab', () => { - const indicatorMatchRuleEnrichment = { - field: 'myhash.mysha256', - value: 'a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3', - feedName: 'AbuseCH malware', - }; - const investigationTimeEnrichment = { - field: 'source.ip', - value: '192.168.1.1', - feedName: 'feed_name', - }; - - expandFirstAlert(); - viewThreatIntelTab(); - setEnrichmentDates('08/05/2018 10:00 AM'); - - cy.get(`${INDICATOR_MATCH_ENRICHMENT_SECTION} ${THREAT_DETAILS_ACCORDION}`) - .should('exist') - .should( - 'have.text', - `${indicatorMatchRuleEnrichment.field} ${indicatorMatchRuleEnrichment.value} from ${indicatorMatchRuleEnrichment.feedName}` - ); - - cy.get(`${INVESTIGATION_TIME_ENRICHMENT_SECTION} ${THREAT_DETAILS_ACCORDION}`) - .should('exist') - .should( - 'have.text', - `${investigationTimeEnrichment.field} ${investigationTimeEnrichment.value} from ${investigationTimeEnrichment.feedName}` - ); - }); - }); - } -); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments.cy.ts similarity index 95% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments.cy.ts index 83595c1f81e90..42ca93f26587b 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments.cy.ts @@ -6,7 +6,7 @@ */ import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { getNewRule } from '../../../../objects/rule'; +import { getNewRule } from '../../../../../objects/rule'; import { closeAlertFlyout, closeAlerts, @@ -14,12 +14,12 @@ import { selectFirstPageAlerts, selectNumberOfAlerts, selectPageFilterValue, -} from '../../../../tasks/alerts'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -import { login } from '../../../../tasks/login'; -import { ALERTS_URL } from '../../../../urls/navigation'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +} from '../../../../../tasks/alerts'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; +import { login } from '../../../../../tasks/login'; +import { ALERTS_URL } from '../../../../../urls/navigation'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; import { alertDetailsFlyoutShowsAssignees, alertDetailsFlyoutShowsAssigneesBadge, @@ -39,8 +39,8 @@ import { updateAssigneesViaTakeActionButtonInFlyout, removeAllAssigneesViaTakeActionButtonInFlyout, loadPageAs, -} from '../../../../tasks/alert_assignments'; -import { ALERTS_COUNT } from '../../../../screens/alerts'; +} from '../../../../../tasks/alert_assignments'; +import { ALERTS_COUNT } from '../../../../../screens/alerts'; describe('Alert user assignment - ESS & Serverless', { tags: ['@ess', '@serverless'] }, () => { before(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_ess.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_ess.cy.ts similarity index 72% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_ess.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_ess.cy.ts index bdaaedab7f0bf..169a2824167db 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_ess.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_ess.cy.ts @@ -6,17 +6,17 @@ */ import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { getNewRule } from '../../../../objects/rule'; -import { expandFirstAlert } from '../../../../tasks/alerts'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -import { ALERTS_URL } from '../../../../urls/navigation'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { getNewRule } from '../../../../../objects/rule'; +import { expandFirstAlert } from '../../../../../tasks/alerts'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; +import { ALERTS_URL } from '../../../../../urls/navigation'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; import { alertsTableMoreActionsAreNotAvailable, cannotAddAssigneesViaDetailsFlyout, loadPageAs, -} from '../../../../tasks/alert_assignments'; +} from '../../../../../tasks/alert_assignments'; describe('Alert user assignment - ESS', { tags: ['@ess'] }, () => { before(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_ess_basic.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_ess_basic.cy.ts similarity index 73% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_ess_basic.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_ess_basic.cy.ts index 34bab70e43b0f..c4ed1aa385eb7 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_ess_basic.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_ess_basic.cy.ts @@ -5,18 +5,18 @@ * 2.0. */ -import { login } from '../../../../tasks/login'; -import { getNewRule } from '../../../../objects/rule'; -import { expandFirstAlert } from '../../../../tasks/alerts'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -import { ALERTS_URL } from '../../../../urls/navigation'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { login } from '../../../../../tasks/login'; +import { getNewRule } from '../../../../../objects/rule'; +import { expandFirstAlert } from '../../../../../tasks/alerts'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; +import { ALERTS_URL } from '../../../../../urls/navigation'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; import { asigneesMenuItemsAreNotAvailable, cannotAddAssigneesViaDetailsFlyout, loadPageAs, -} from '../../../../tasks/alert_assignments'; +} from '../../../../../tasks/alert_assignments'; describe('Alert user assignment - Basic License', { tags: ['@ess'] }, () => { before(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_serverless_complete.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_serverless_complete.cy.ts similarity index 82% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_serverless_complete.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_serverless_complete.cy.ts index ff9f3801644a2..00fb6f5d08875 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_serverless_complete.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_serverless_complete.cy.ts @@ -6,19 +6,19 @@ */ import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { getNewRule } from '../../../../objects/rule'; -import { refreshAlertPageFilter, selectFirstPageAlerts } from '../../../../tasks/alerts'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -import { login } from '../../../../tasks/login'; -import { ALERTS_URL } from '../../../../urls/navigation'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { getNewRule } from '../../../../../objects/rule'; +import { refreshAlertPageFilter, selectFirstPageAlerts } from '../../../../../tasks/alerts'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; +import { login } from '../../../../../tasks/login'; +import { ALERTS_URL } from '../../../../../urls/navigation'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; import { alertsTableShowsAssigneesForAlert, updateAssigneesForAlert, bulkRemoveAllAssignees, loadPageAs, -} from '../../../../tasks/alert_assignments'; +} from '../../../../../tasks/alert_assignments'; describe( 'Alert user assignment - Serverless Complete', diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_serverless_essentials.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_serverless_essentials.cy.ts similarity index 82% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_serverless_essentials.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_serverless_essentials.cy.ts index 53436e0102f0a..dd4d91744268c 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_alerts/assignments/assignments_serverless_essentials.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/detection_alerts/assignments/assignments_serverless_essentials.cy.ts @@ -6,19 +6,19 @@ */ import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { getNewRule } from '../../../../objects/rule'; -import { refreshAlertPageFilter, selectFirstPageAlerts } from '../../../../tasks/alerts'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -import { login } from '../../../../tasks/login'; -import { ALERTS_URL } from '../../../../urls/navigation'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { getNewRule } from '../../../../../objects/rule'; +import { refreshAlertPageFilter, selectFirstPageAlerts } from '../../../../../tasks/alerts'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; +import { login } from '../../../../../tasks/login'; +import { ALERTS_URL } from '../../../../../urls/navigation'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; import { alertsTableShowsAssigneesForAlert, updateAssigneesForAlert, bulkRemoveAllAssignees, loadPageAs, -} from '../../../../tasks/alert_assignments'; +} from '../../../../../tasks/alert_assignments'; describe( 'Alert user assignment - Serverless Essentials', diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts similarity index 87% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts index c4b605b85dcb6..ceea266456acb 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/endpoint_exceptions.cy.ts @@ -5,18 +5,18 @@ * 2.0. */ -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; import { expandFirstAlert, goToClosedAlertsOnRuleDetailsPage, openAddEndpointExceptionFromAlertActionButton, openAddEndpointExceptionFromFirstAlert, waitForAlerts, -} from '../../../tasks/alerts'; -import { login } from '../../../tasks/login'; -import { getEndpointRule } from '../../../objects/rule'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; +} from '../../../../../tasks/alerts'; +import { login } from '../../../../../tasks/login'; +import { getEndpointRule } from '../../../../../objects/rule'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; import { addExceptionEntryFieldValueAndSelectSuggestion, addExceptionEntryFieldValueValue, @@ -25,19 +25,19 @@ import { selectCloseSingleAlerts, submitNewExceptionItem, validateExceptionConditionField, -} from '../../../tasks/exceptions'; -import { ALERTS_COUNT } from '../../../screens/alerts'; +} from '../../../../../tasks/exceptions'; +import { ALERTS_COUNT } from '../../../../../screens/alerts'; import { ADD_AND_BTN, EXCEPTION_CARD_ITEM_CONDITIONS, EXCEPTION_CARD_ITEM_NAME, EXCEPTION_ITEM_VIEWER_CONTAINER, -} from '../../../screens/exceptions'; +} from '../../../../../screens/exceptions'; import { goToEndpointExceptionsTab, visitRuleDetailsPage, waitForTheRuleToBeExecuted, -} from '../../../tasks/rule_details'; +} from '../../../../../tasks/rule_details'; // TODO: https://github.com/elastic/kibana/issues/161539 // See https://github.com/elastic/kibana/issues/163967 diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts similarity index 91% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts index 8dccaa04bdc87..520ab19e9e5e8 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/rule_exceptions/auto_populate_with_alert_data.cy.ts @@ -4,14 +4,14 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { LOADING_INDICATOR } from '../../../../screens/security_header'; -import { getEndpointRule } from '../../../../objects/rule'; -import { createRule } from '../../../../tasks/api_calls/rules'; +import { LOADING_INDICATOR } from '../../../../../../screens/security_header'; +import { getEndpointRule } from '../../../../../../objects/rule'; +import { createRule } from '../../../../../../tasks/api_calls/rules'; import { addExceptionFromFirstAlert, expandFirstAlert, openAddRuleExceptionFromAlertActionButton, -} from '../../../../tasks/alerts'; +} from '../../../../../../tasks/alerts'; import { addExceptionEntryFieldValue, addExceptionEntryFieldValueValue, @@ -22,19 +22,19 @@ import { editExceptionFlyoutItemName, validateHighlightedFieldsPopulatedAsExceptionConditions, validateEmptyExceptionConditionField, -} from '../../../../tasks/exceptions'; -import { login } from '../../../../tasks/login'; -import { goToExceptionsTab, visitRuleDetailsPage } from '../../../../tasks/rule_details'; +} from '../../../../../../tasks/exceptions'; +import { login } from '../../../../../../tasks/login'; +import { goToExceptionsTab, visitRuleDetailsPage } from '../../../../../../tasks/rule_details'; -import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; +import { deleteAlertsAndRules } from '../../../../../../tasks/api_calls/common'; import { ADD_AND_BTN, ENTRY_DELETE_BTN, EXCEPTION_CARD_ITEM_CONDITIONS, EXCEPTION_CARD_ITEM_NAME, EXCEPTION_ITEM_VIEWER_CONTAINER, -} from '../../../../screens/exceptions'; -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +} from '../../../../../../screens/exceptions'; +import { waitForAlertsToPopulate } from '../../../../../../tasks/create_new_rule'; // TODO: https://github.com/elastic/kibana/issues/161539 // See https://github.com/elastic/kibana/issues/163967 diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts similarity index 80% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts index 93e79ba9fa53e..ffba394c407d4 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/alerts_table_flow/rule_exceptions/closing_all_matching_alerts.cy.ts @@ -4,19 +4,19 @@ * 2.0; you may not use this file except in compliance with the Elastic License * 2.0. */ -import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { waitForAlertsToPopulate } from '../../../../../../tasks/create_new_rule'; import { addExceptionFromFirstAlert, goToClosedAlertsOnRuleDetailsPage, waitForAlerts, -} from '../../../../tasks/alerts'; -import { deleteAlertsAndRules, postDataView } from '../../../../tasks/api_calls/common'; -import { login } from '../../../../tasks/login'; -import { visitRuleDetailsPage } from '../../../../tasks/rule_details'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { getNewRule } from '../../../../objects/rule'; -import { LOADING_INDICATOR } from '../../../../screens/security_header'; -import { ALERTS_COUNT } from '../../../../screens/alerts'; +} from '../../../../../../tasks/alerts'; +import { deleteAlertsAndRules, postDataView } from '../../../../../../tasks/api_calls/common'; +import { login } from '../../../../../../tasks/login'; +import { visitRuleDetailsPage } from '../../../../../../tasks/rule_details'; +import { createRule } from '../../../../../../tasks/api_calls/rules'; +import { getNewRule } from '../../../../../../objects/rule'; +import { LOADING_INDICATOR } from '../../../../../../screens/security_header'; +import { ALERTS_COUNT } from '../../../../../../screens/alerts'; import { addExceptionEntryFieldValue, addExceptionEntryOperatorValue, @@ -24,7 +24,7 @@ import { addExceptionFlyoutItemName, selectBulkCloseAlerts, submitNewExceptionItem, -} from '../../../../tasks/exceptions'; +} from '../../../../../../tasks/exceptions'; // TODO: https://github.com/elastic/kibana/issues/161539 // See https://github.com/elastic/kibana/issues/163967 diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/flyout_validation.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/flyout_validation.cy.ts similarity index 95% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/flyout_validation.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/flyout_validation.cy.ts index 72c18b27a9b2a..b7bb1317ef2b7 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/flyout_validation.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/flyout_validation.cy.ts @@ -5,18 +5,18 @@ * 2.0. */ -import { getNewRule } from '../../../objects/rule'; +import { getNewRule } from '../../../../../objects/rule'; -import { RULE_STATUS } from '../../../screens/create_new_rule'; +import { RULE_STATUS } from '../../../../../screens/create_new_rule'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { login } from '../../../tasks/login'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { login } from '../../../../../tasks/login'; import { openExceptionFlyoutFromEmptyViewerPrompt, goToExceptionsTab, openEditException, visitRuleDetailsPage, -} from '../../../tasks/rule_details'; +} from '../../../../../tasks/rule_details'; import { addExceptionEntryFieldMatchAnyValue, addExceptionEntryFieldValue, @@ -29,7 +29,7 @@ import { selectCurrentEntryField, showFieldConflictsWarningTooltipWithMessage, showMappingConflictsWarningMessage, -} from '../../../tasks/exceptions'; +} from '../../../../../tasks/exceptions'; import { ADD_AND_BTN, ADD_OR_BTN, @@ -45,17 +45,17 @@ import { VALUES_INPUT, EXCEPTION_FLYOUT_TITLE, FIELD_INPUT_PARENT, -} from '../../../screens/exceptions'; +} from '../../../../../screens/exceptions'; -import { reload } from '../../../tasks/common'; +import { reload } from '../../../../../tasks/common'; import { createExceptionList, createExceptionListItem, updateExceptionListItem, deleteExceptionList, -} from '../../../tasks/api_calls/exceptions'; -import { getExceptionList } from '../../../objects/exception'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +} from '../../../../../tasks/api_calls/exceptions'; +import { getExceptionList } from '../../../../../objects/exception'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; // TODO: https://github.com/elastic/kibana/issues/161539 // Test Skipped until we fix the Flyout rerendering issue diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/match_any.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/match_any.cy.ts similarity index 79% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/match_any.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/match_any.cy.ts index c35afcc65e4cd..3a5b5c6cd98c9 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/match_any.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/match_any.cy.ts @@ -5,30 +5,30 @@ * 2.0. */ -import { getNewRule } from '../../../objects/rule'; +import { getNewRule } from '../../../../../objects/rule'; -import { RULE_STATUS } from '../../../screens/create_new_rule'; +import { RULE_STATUS } from '../../../../../screens/create_new_rule'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { login } from '../../../tasks/login'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { login } from '../../../../../tasks/login'; import { openExceptionFlyoutFromEmptyViewerPrompt, visitRuleDetailsPage, clickEnableRuleSwitch, waitForTheRuleToBeExecuted, goToAlertsTab, -} from '../../../tasks/rule_details'; +} from '../../../../../tasks/rule_details'; import { addExceptionEntryFieldMatchAnyValue, addExceptionEntryFieldValue, addExceptionEntryOperatorValue, addExceptionFlyoutItemName, submitNewExceptionItem, -} from '../../../tasks/exceptions'; -import { CONFIRM_BTN } from '../../../screens/exceptions'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { ALERTS_COUNT } from '../../../screens/alerts'; -import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; +} from '../../../../../tasks/exceptions'; +import { CONFIRM_BTN } from '../../../../../screens/exceptions'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; +import { ALERTS_COUNT } from '../../../../../screens/alerts'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; describe('Exceptions match_any', { tags: ['@ess', '@serverless'] }, () => { before(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/multiple_conditions.cy.ts similarity index 87% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/multiple_conditions.cy.ts index 511343abc8a76..f8fb728dbf79a 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/multiple_conditions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/multiple_conditions.cy.ts @@ -5,27 +5,27 @@ * 2.0. */ -import { getNewRule } from '../../../objects/rule'; +import { getNewRule } from '../../../../../objects/rule'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { login } from '../../../tasks/login'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { login } from '../../../../../tasks/login'; import { openExceptionFlyoutFromEmptyViewerPrompt, visitRuleDetailsPage, -} from '../../../tasks/rule_details'; +} from '../../../../../tasks/rule_details'; import { addExceptionFlyoutItemName, addTwoAndedConditions, addTwoORedConditions, submitNewExceptionItem, -} from '../../../tasks/exceptions'; +} from '../../../../../tasks/exceptions'; import { EXCEPTION_CARD_ITEM_NAME, EXCEPTION_CARD_ITEM_CONDITIONS, EXCEPTION_ITEM_VIEWER_CONTAINER, -} from '../../../screens/exceptions'; +} from '../../../../../screens/exceptions'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; describe( 'Add multiple conditions and validate the generated exceptions', diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/use_value_list.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/use_value_list.cy.ts similarity index 87% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/use_value_list.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/use_value_list.cy.ts index 39c19bdf39f3e..34aee1bf8f0ea 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/entry/use_value_list.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/entry/use_value_list.cy.ts @@ -11,15 +11,15 @@ import { addExceptionEntryOperatorValue, addExceptionFlyoutItemName, submitNewExceptionItem, -} from '../../../tasks/exceptions'; +} from '../../../../../tasks/exceptions'; import { openExceptionFlyoutFromEmptyViewerPrompt, visitRuleDetailsPage, -} from '../../../tasks/rule_details'; -import { getNewRule } from '../../../objects/rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; +} from '../../../../../tasks/rule_details'; +import { getNewRule } from '../../../../../objects/rule'; +import { login } from '../../../../../tasks/login'; +import { visit } from '../../../../../tasks/navigation'; +import { RULES_MANAGEMENT_URL } from '../../../../../urls/rules_management'; import { createListsIndex, waitForListsIndex, @@ -29,8 +29,8 @@ import { importValueList, KNOWN_VALUE_LIST_FILES, deleteValueLists, -} from '../../../tasks/lists'; -import { createRule } from '../../../tasks/api_calls/rules'; +} from '../../../../../tasks/lists'; +import { createRule } from '../../../../../tasks/api_calls/rules'; import { CLOSE_ALERTS_CHECKBOX, EXCEPTIONS_TABLE_MODAL, @@ -38,7 +38,7 @@ import { EXCEPTION_CARD_ITEM_NAME, EXCEPTION_ITEM_VIEWER_CONTAINER, NO_EXCEPTIONS_EXIST_PROMPT, -} from '../../../screens/exceptions'; +} from '../../../../../screens/exceptions'; const goToRulesAndOpenValueListModal = () => { visit(RULES_MANAGEMENT_URL); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts similarity index 94% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts index e75c0eb8d81b0..8d5b537dd3bce 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_endpoint_exception.cy.ts @@ -5,17 +5,17 @@ * 2.0. */ -import { getNewRule } from '../../../objects/rule'; +import { getNewRule } from '../../../../../objects/rule'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { login } from '../../../tasks/login'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { login } from '../../../../../tasks/login'; import { openEditException, openExceptionFlyoutFromEmptyViewerPrompt, searchForExceptionItem, visitRuleDetailsPage, waitForPageToBeLoaded as waitForRuleDetailsPageToBeLoaded, -} from '../../../tasks/rule_details'; +} from '../../../../../tasks/rule_details'; import { addExceptionConditions, addExceptionFlyoutItemName, @@ -24,13 +24,13 @@ import { selectOs, submitEditedExceptionItem, submitNewExceptionItem, -} from '../../../tasks/exceptions'; +} from '../../../../../tasks/exceptions'; import { deleteAlertsAndRules, deleteEndpointExceptionList, deleteExceptionLists, -} from '../../../tasks/api_calls/common'; +} from '../../../../../tasks/api_calls/common'; import { NO_EXCEPTIONS_EXIST_PROMPT, EXCEPTION_ITEM_VIEWER_CONTAINER, @@ -44,11 +44,11 @@ import { EXCEPTION_CARD_ITEM_NAME, EXCEPTION_CARD_ITEM_CONDITIONS, FIELD_INPUT_PARENT, -} from '../../../screens/exceptions'; +} from '../../../../../screens/exceptions'; import { createEndpointExceptionList, createEndpointExceptionListItem, -} from '../../../tasks/api_calls/exceptions'; +} from '../../../../../tasks/api_calls/exceptions'; describe('Add endpoint exception from rule details', { tags: ['@ess', '@serverless'] }, () => { const ITEM_NAME = 'Sample Exception List Item'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_exception.cy.ts similarity index 94% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_exception.cy.ts index a06b76455dfbc..70c35610476b8 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_exception.cy.ts @@ -5,16 +5,16 @@ * 2.0. */ -import { getException, getExceptionList } from '../../../objects/exception'; -import { getNewRule } from '../../../objects/rule'; +import { getException, getExceptionList } from '../../../../../objects/exception'; +import { getNewRule } from '../../../../../objects/rule'; -import { ALERTS_COUNT, EMPTY_ALERT_TABLE } from '../../../screens/alerts'; -import { createRule } from '../../../tasks/api_calls/rules'; +import { ALERTS_COUNT, EMPTY_ALERT_TABLE } from '../../../../../screens/alerts'; +import { createRule } from '../../../../../tasks/api_calls/rules'; import { goToClosedAlertsOnRuleDetailsPage, goToOpenedAlertsOnRuleDetailsPage, -} from '../../../tasks/alerts'; -import { login } from '../../../tasks/login'; +} from '../../../../../tasks/alerts'; +import { login } from '../../../../../tasks/login'; import { addExceptionFlyoutFromViewerHeader, goToAlertsTab, @@ -25,7 +25,7 @@ import { searchForExceptionItem, visitRuleDetailsPage, waitForTheRuleToBeExecuted, -} from '../../../tasks/rule_details'; +} from '../../../../../tasks/rule_details'; import { addExceptionConditions, addExceptionFlyoutItemName, @@ -36,8 +36,8 @@ import { selectSharedListToAddExceptionTo, submitEditedExceptionItem, submitNewExceptionItem, -} from '../../../tasks/exceptions'; -import { deleteAlertsAndRules, deleteExceptionLists } from '../../../tasks/api_calls/common'; +} from '../../../../../tasks/exceptions'; +import { deleteAlertsAndRules, deleteExceptionLists } from '../../../../../tasks/api_calls/common'; import { NO_EXCEPTIONS_EXIST_PROMPT, EXCEPTION_ITEM_VIEWER_CONTAINER, @@ -50,13 +50,13 @@ import { EXCEPTION_CARD_ITEM_NAME, EXCEPTION_CARD_ITEM_CONDITIONS, FIELD_INPUT_PARENT, -} from '../../../screens/exceptions'; +} from '../../../../../screens/exceptions'; import { createExceptionList, createExceptionListItem, deleteExceptionList, -} from '../../../tasks/api_calls/exceptions'; -import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; +} from '../../../../../tasks/api_calls/exceptions'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; // TODO: https://github.com/elastic/kibana/issues/161539 describe( diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts similarity index 89% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts index c3f75431b614a..3f585dbad90cf 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/add_edit_exception_data_view.cy.ts @@ -5,19 +5,19 @@ * 2.0. */ -import { getNewRule } from '../../../objects/rule'; -import { ALERTS_COUNT, EMPTY_ALERT_TABLE } from '../../../screens/alerts'; -import { createRule } from '../../../tasks/api_calls/rules'; +import { getNewRule } from '../../../../../objects/rule'; +import { ALERTS_COUNT, EMPTY_ALERT_TABLE } from '../../../../../screens/alerts'; +import { createRule } from '../../../../../tasks/api_calls/rules'; import { goToClosedAlertsOnRuleDetailsPage, goToOpenedAlertsOnRuleDetailsPage, -} from '../../../tasks/alerts'; +} from '../../../../../tasks/alerts'; import { editException, editExceptionFlyoutItemName, submitEditedExceptionItem, -} from '../../../tasks/exceptions'; -import { login } from '../../../tasks/login'; +} from '../../../../../tasks/exceptions'; +import { login } from '../../../../../tasks/login'; import { addFirstExceptionFromRuleDetails, clickEnableRuleSwitch, @@ -28,9 +28,9 @@ import { removeException, visitRuleDetailsPage, waitForTheRuleToBeExecuted, -} from '../../../tasks/rule_details'; +} from '../../../../../tasks/rule_details'; -import { postDataView, deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { postDataView, deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; import { NO_EXCEPTIONS_EXIST_PROMPT, EXCEPTION_ITEM_VIEWER_CONTAINER, @@ -39,8 +39,8 @@ import { EXCEPTION_ITEM_CONTAINER, VALUES_INPUT, FIELD_INPUT_PARENT, -} from '../../../screens/exceptions'; -import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; +} from '../../../../../screens/exceptions'; +import { waitForAlertsToPopulate } from '../../../../../tasks/create_new_rule'; describe( 'Add exception using data views from rule details', diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/read_only_view.cy.ts similarity index 78% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/read_only_view.cy.ts index 5cb1ac70818ca..16cff076ce399 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/rule_details_flow/read_only_view.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/rule_details_flow/read_only_view.cy.ts @@ -6,26 +6,26 @@ */ import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { getExceptionList } from '../../../objects/exception'; -import { getNewRule } from '../../../objects/rule'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { login } from '../../../tasks/login'; -import { visitRulesManagementTable } from '../../../tasks/rules_management'; -import { goToExceptionsTab, goToAlertsTab } from '../../../tasks/rule_details'; -import { goToRuleDetailsOf } from '../../../tasks/alerts_detection_rules'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { getExceptionList } from '../../../../../objects/exception'; +import { getNewRule } from '../../../../../objects/rule'; +import { createRule } from '../../../../../tasks/api_calls/rules'; +import { login } from '../../../../../tasks/login'; +import { visitRulesManagementTable } from '../../../../../tasks/rules_management'; +import { goToExceptionsTab, goToAlertsTab } from '../../../../../tasks/rule_details'; +import { goToRuleDetailsOf } from '../../../../../tasks/alerts_detection_rules'; +import { deleteAlertsAndRules } from '../../../../../tasks/api_calls/common'; import { NO_EXCEPTIONS_EXIST_PROMPT, EXCEPTION_ITEM_VIEWER_CONTAINER, ADD_EXCEPTIONS_BTN_FROM_VIEWER_HEADER, ADD_EXCEPTIONS_BTN_FROM_EMPTY_PROMPT_BTN, -} from '../../../screens/exceptions'; -import { EXCEPTION_ITEM_ACTIONS_BUTTON } from '../../../screens/rule_details'; +} from '../../../../../screens/exceptions'; +import { EXCEPTION_ITEM_ACTIONS_BUTTON } from '../../../../../screens/rule_details'; import { createExceptionList, createExceptionListItem, deleteExceptionList, -} from '../../../tasks/api_calls/exceptions'; +} from '../../../../../tasks/api_calls/exceptions'; describe('Exceptions viewer read only', { tags: ['@ess'] }, () => { const exceptionList = getExceptionList(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts similarity index 88% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts index 1226b3bf77244..5b2326ec617a6 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/list_detail_page/list_details.cy.ts @@ -5,13 +5,13 @@ * 2.0. */ -import { getExceptionList } from '../../../../objects/exception'; -import { getNewRule } from '../../../../objects/rule'; +import { getExceptionList } from '../../../../../../objects/exception'; +import { getNewRule } from '../../../../../../objects/rule'; -import { login } from '../../../../tasks/login'; -import { visit } from '../../../../tasks/navigation'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { EXCEPTIONS_URL, exceptionsListDetailsUrl } from '../../../../urls/navigation'; +import { login } from '../../../../../../tasks/login'; +import { visit } from '../../../../../../tasks/navigation'; +import { createRule } from '../../../../../../tasks/api_calls/rules'; +import { EXCEPTIONS_URL, exceptionsListDetailsUrl } from '../../../../../../urls/navigation'; import { createSharedExceptionList, editExceptionLisDetails, @@ -19,13 +19,13 @@ import { saveLinkedRules, validateSharedListLinkedRules, waitForExceptionListDetailToBeLoaded, -} from '../../../../tasks/exceptions_table'; -import { createExceptionList } from '../../../../tasks/api_calls/exceptions'; +} from '../../../../../../tasks/exceptions_table'; +import { createExceptionList } from '../../../../../../tasks/api_calls/exceptions'; import { EXCEPTIONS_LIST_MANAGEMENT_NAME, EXCEPTIONS_LIST_MANAGEMENT_DESCRIPTION, EXCEPTION_LIST_DETAILS_LINK_RULES_BTN, -} from '../../../../screens/exceptions'; +} from '../../../../../../screens/exceptions'; const LIST_NAME = 'My exception list'; const UPDATED_LIST_NAME = 'Updated exception list'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts similarity index 91% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts index dd21e8571673c..d1449f6ff99fe 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/manage_exceptions.cy.ts @@ -7,10 +7,10 @@ import type { RuleResponse } from '@kbn/security-solution-plugin/common/api/detection_engine'; import { MAX_COMMENT_LENGTH } from '@kbn/security-solution-plugin/common/constants'; -import { getNewRule } from '../../../objects/rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { createRule } from '../../../tasks/api_calls/rules'; +import { getNewRule } from '../../../../../objects/rule'; +import { login } from '../../../../../tasks/login'; +import { visit } from '../../../../../tasks/navigation'; +import { createRule } from '../../../../../tasks/api_calls/rules'; import { addExceptionFlyoutItemName, editException, @@ -23,8 +23,8 @@ import { deleteFirstExceptionItemInListDetailPage, addExceptionHugeComment, editExceptionComment, -} from '../../../tasks/exceptions'; -import { EXCEPTIONS_URL } from '../../../urls/navigation'; +} from '../../../../../tasks/exceptions'; +import { EXCEPTIONS_URL } from '../../../../../urls/navigation'; import { CONFIRM_BTN, @@ -33,18 +33,18 @@ import { EXCEPTIONS_LIST_MANAGEMENT_NAME, EXECPTION_ITEM_CARD_HEADER_TITLE, EMPTY_EXCEPTIONS_VIEWER, -} from '../../../screens/exceptions'; +} from '../../../../../screens/exceptions'; import { addExceptionListFromSharedExceptionListHeaderMenu, createSharedExceptionList, findSharedExceptionListItemsByName, -} from '../../../tasks/exceptions_table'; -import { visitRuleDetailsPage } from '../../../tasks/rule_details'; +} from '../../../../../tasks/exceptions_table'; +import { visitRuleDetailsPage } from '../../../../../tasks/rule_details'; import { deleteAlertsAndRules, deleteEndpointExceptionList, deleteExceptionLists, -} from '../../../tasks/api_calls/common'; +} from '../../../../../tasks/api_calls/common'; describe('Manage exceptions', { tags: ['@ess', '@serverless'] }, () => { beforeEach(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts similarity index 87% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts index a4c251617b5f8..04bfe4d8b4e09 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/duplicate_lists.cy.ts @@ -5,24 +5,27 @@ * 2.0. */ -import { deleteAlertsAndRules, deleteExceptionLists } from '../../../../tasks/api_calls/common'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { getExceptionList } from '../../../../objects/exception'; -import { assertNumberOfExceptionItemsExists } from '../../../../tasks/exceptions'; +import { + deleteAlertsAndRules, + deleteExceptionLists, +} from '../../../../../../tasks/api_calls/common'; +import { createRule } from '../../../../../../tasks/api_calls/rules'; +import { getExceptionList } from '../../../../../../objects/exception'; +import { assertNumberOfExceptionItemsExists } from '../../../../../../tasks/exceptions'; import { assertExceptionListsExists, duplicateSharedExceptionListFromListsManagementPageByListId, findSharedExceptionListItemsByName, waitForExceptionsTableToBeLoaded, -} from '../../../../tasks/exceptions_table'; -import { login } from '../../../../tasks/login'; -import { visit } from '../../../../tasks/navigation'; -import { EXCEPTIONS_URL } from '../../../../urls/navigation'; +} from '../../../../../../tasks/exceptions_table'; +import { login } from '../../../../../../tasks/login'; +import { visit } from '../../../../../../tasks/navigation'; +import { EXCEPTIONS_URL } from '../../../../../../urls/navigation'; import { createExceptionList, createExceptionListItem, -} from '../../../../tasks/api_calls/exceptions'; -import { getNewRule } from '../../../../objects/rule'; +} from '../../../../../../tasks/api_calls/exceptions'; +import { getNewRule } from '../../../../../../objects/rule'; const expiredDate = new Date(Date.now() - 1000000).toISOString(); const futureDate = new Date(Date.now() + 1000000).toISOString(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts similarity index 85% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts index c40b578b588de..3eab52a6e7ba6 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/filter_table.cy.ts @@ -5,22 +5,22 @@ * 2.0. */ -import { getExceptionList } from '../../../../objects/exception'; -import { getNewRule } from '../../../../objects/rule'; +import { getExceptionList } from '../../../../../../objects/exception'; +import { getNewRule } from '../../../../../../objects/rule'; import { EXCEPTIONS_TABLE_SHOWING_LISTS, EXCEPTIONS_TABLE_LIST_NAME, -} from '../../../../screens/exceptions'; -import { createExceptionList } from '../../../../tasks/api_calls/exceptions'; -import { createRule } from '../../../../tasks/api_calls/rules'; +} from '../../../../../../screens/exceptions'; +import { createExceptionList } from '../../../../../../tasks/api_calls/exceptions'; +import { createRule } from '../../../../../../tasks/api_calls/rules'; import { waitForExceptionsTableToBeLoaded, searchForExceptionList, clearSearchSelection, -} from '../../../../tasks/exceptions_table'; -import { login } from '../../../../tasks/login'; -import { visit } from '../../../../tasks/navigation'; -import { EXCEPTIONS_URL } from '../../../../urls/navigation'; +} from '../../../../../../tasks/exceptions_table'; +import { login } from '../../../../../../tasks/login'; +import { visit } from '../../../../../../tasks/navigation'; +import { EXCEPTIONS_URL } from '../../../../../../urls/navigation'; const EXCEPTION_LIST_NAME = 'My test list'; const EXCEPTION_LIST_NAME_TWO = 'A test list 2'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts similarity index 90% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts index 01c790ebec861..17ec79fdbd3a7 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/import_lists.cy.ts @@ -8,7 +8,7 @@ import { IMPORT_SHARED_EXCEPTION_LISTS_CLOSE_BTN, EXCEPTIONS_TABLE_SHOWING_LISTS, -} from '../../../../screens/exceptions'; +} from '../../../../../../screens/exceptions'; import { waitForExceptionsTableToBeLoaded, importExceptionLists, @@ -16,10 +16,10 @@ import { importExceptionListWithSelectingCreateNewOption, validateImportExceptionListWentSuccessfully, validateImportExceptionListFailedBecauseExistingListFound, -} from '../../../../tasks/exceptions_table'; -import { login } from '../../../../tasks/login'; -import { visit } from '../../../../tasks/navigation'; -import { EXCEPTIONS_URL } from '../../../../urls/navigation'; +} from '../../../../../../tasks/exceptions_table'; +import { login } from '../../../../../../tasks/login'; +import { visit } from '../../../../../../tasks/navigation'; +import { EXCEPTIONS_URL } from '../../../../../../urls/navigation'; describe('Import Lists', { tags: ['@ess', '@serverless', '@skipInServerless'] }, () => { const LIST_TO_IMPORT_FILENAME = 'cypress/fixtures/7_16_exception_list.ndjson'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts similarity index 87% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts index e6158addd2cd8..2d1dbf6ed24cf 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/manage_lists.cy.ts @@ -6,14 +6,17 @@ */ import { ExceptionListSchema } from '@kbn/securitysolution-io-ts-list-types'; -import { expectedExportedExceptionList, getExceptionList } from '../../../../objects/exception'; -import { getNewRule } from '../../../../objects/rule'; +import { + expectedExportedExceptionList, + getExceptionList, +} from '../../../../../../objects/exception'; +import { getNewRule } from '../../../../../../objects/rule'; -import { createRule } from '../../../../tasks/api_calls/rules'; -import { login } from '../../../../tasks/login'; -import { visit } from '../../../../tasks/navigation'; +import { createRule } from '../../../../../../tasks/api_calls/rules'; +import { login } from '../../../../../../tasks/login'; +import { visit } from '../../../../../../tasks/navigation'; -import { EXCEPTIONS_URL } from '../../../../urls/navigation'; +import { EXCEPTIONS_URL } from '../../../../../../urls/navigation'; import { assertNumberLinkedRules, createSharedExceptionList, @@ -22,14 +25,14 @@ import { exportExceptionList, linkRulesToExceptionList, waitForExceptionsTableToBeLoaded, -} from '../../../../tasks/exceptions_table'; +} from '../../../../../../tasks/exceptions_table'; import { EXCEPTIONS_LIST_MANAGEMENT_NAME, EXCEPTIONS_TABLE_SHOWING_LISTS, -} from '../../../../screens/exceptions'; -import { createExceptionList } from '../../../../tasks/api_calls/exceptions'; +} from '../../../../../../screens/exceptions'; +import { createExceptionList } from '../../../../../../tasks/api_calls/exceptions'; -import { TOASTER } from '../../../../screens/alerts_detection_rules'; +import { TOASTER } from '../../../../../../screens/alerts_detection_rules'; const EXCEPTION_LIST_NAME = 'My test list'; const EXCEPTION_LIST_TO_DUPLICATE_NAME = 'A test list 2'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts similarity index 79% rename from x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts index 8a7ee172aed30..31405abf18de5 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/exceptions/shared_exception_lists_management/shared_exception_list_page/read_only.cy.ts @@ -7,21 +7,24 @@ import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { getExceptionList } from '../../../../objects/exception'; +import { getExceptionList } from '../../../../../../objects/exception'; import { EXCEPTIONS_OVERFLOW_ACTIONS_BTN, EXCEPTIONS_TABLE_SHOWING_LISTS, -} from '../../../../screens/exceptions'; -import { createExceptionList, deleteExceptionList } from '../../../../tasks/api_calls/exceptions'; +} from '../../../../../../screens/exceptions'; +import { + createExceptionList, + deleteExceptionList, +} from '../../../../../../tasks/api_calls/exceptions'; import { dismissCallOut, getCallOut, waitForCallOutToBeShown, MISSING_PRIVILEGES_CALLOUT, -} from '../../../../tasks/common/callouts'; -import { login } from '../../../../tasks/login'; -import { visit } from '../../../../tasks/navigation'; -import { EXCEPTIONS_URL } from '../../../../urls/navigation'; +} from '../../../../../../tasks/common/callouts'; +import { login } from '../../../../../../tasks/login'; +import { visit } from '../../../../../../tasks/navigation'; +import { EXCEPTIONS_URL } from '../../../../../../urls/navigation'; // TODO: https://github.com/elastic/kibana/issues/161539 Do we need to run it in Serverless? describe('Shared exception lists - read only', { tags: ['@ess', '@skipInServerless'] }, () => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions.cy.ts similarity index 76% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions.cy.ts index 3053f8e5c5698..7cf4433bd2871 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions.cy.ts @@ -5,27 +5,30 @@ * 2.0. */ -import { getIndexConnector } from '../../../objects/connector'; -import { getSimpleCustomQueryRule } from '../../../objects/rule'; +import { getIndexConnector } from '../../../../objects/connector'; +import { getSimpleCustomQueryRule } from '../../../../objects/rule'; -import { goToRuleDetailsOf } from '../../../tasks/alerts_detection_rules'; -import { deleteIndex, waitForNewDocumentToBeIndexed } from '../../../tasks/api_calls/elasticsearch'; +import { goToRuleDetailsOf } from '../../../../tasks/alerts_detection_rules'; +import { + deleteIndex, + waitForNewDocumentToBeIndexed, +} from '../../../../tasks/api_calls/elasticsearch'; import { deleteAlertsAndRules, deleteConnectors, deleteDataView, -} from '../../../tasks/api_calls/common'; +} from '../../../../tasks/api_calls/common'; import { createAndEnableRule, fillAboutRuleAndContinue, fillDefineCustomRuleAndContinue, fillRuleAction, fillScheduleRuleAndContinue, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; // TODO: https://github.com/elastic/kibana/issues/161539 describe( diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions_pli_complete.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_complete.cy.ts similarity index 69% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions_pli_complete.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_complete.cy.ts index 13c35a3cce6c4..6afa38bf81f6c 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions_pli_complete.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_complete.cy.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { getNewRule } from '../../../objects/rule'; +import { getNewRule } from '../../../../objects/rule'; import { INDEX_SELECTOR, @@ -13,18 +13,18 @@ import { WEBHOOK_ACTION_BTN, EMAIL_ACTION_BTN, ACTION_BTN, -} from '../../../screens/common/rule_actions'; +} from '../../../../screens/common/rule_actions'; -import { createRule } from '../../../tasks/api_calls/rules'; +import { createRule } from '../../../../tasks/api_calls/rules'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { goToActionsStepTab } from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; +import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; +import { goToActionsStepTab } from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; -import { editFirstRule } from '../../../tasks/alerts_detection_rules'; +import { editFirstRule } from '../../../../tasks/alerts_detection_rules'; -import { visit } from '../../../tasks/navigation'; +import { visit } from '../../../../tasks/navigation'; const rule = getNewRule(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions_pli_essentials.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts similarity index 69% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions_pli_essentials.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts index d36cdc7137de6..71212f6819a69 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_actions/rule_actions_pli_essentials.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_actions/rule_actions_pli_essentials.cy.ts @@ -5,7 +5,7 @@ * 2.0. */ -import { getNewRule } from '../../../objects/rule'; +import { getNewRule } from '../../../../objects/rule'; import { INDEX_SELECTOR, @@ -13,18 +13,18 @@ import { WEBHOOK_ACTION_BTN, EMAIL_ACTION_BTN, ACTION_BTN, -} from '../../../screens/common/rule_actions'; +} from '../../../../screens/common/rule_actions'; -import { createRule } from '../../../tasks/api_calls/rules'; +import { createRule } from '../../../../tasks/api_calls/rules'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { goToActionsStepTab } from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; +import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; +import { goToActionsStepTab } from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; -import { editFirstRule } from '../../../tasks/alerts_detection_rules'; +import { editFirstRule } from '../../../../tasks/alerts_detection_rules'; -import { visit } from '../../../tasks/navigation'; +import { visit } from '../../../../tasks/navigation'; const rule = getNewRule(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/common_flows.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/common_flows.cy.ts similarity index 81% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/common_flows.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/common_flows.cy.ts index 9628f03f2d102..de17f4d7aaea9 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/common_flows.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/common_flows.cy.ts @@ -5,8 +5,8 @@ * 2.0. */ -import { ruleFields } from '../../../data/detection_engine'; -import { getTimeline } from '../../../objects/timeline'; +import { ruleFields } from '../../../../data/detection_engine'; +import { getTimeline } from '../../../../objects/timeline'; import { ABOUT_CONTINUE_BTN, @@ -16,10 +16,10 @@ import { DEFINE_EDIT_BUTTON, RULE_NAME_INPUT, SCHEDULE_CONTINUE_BUTTON, -} from '../../../screens/create_new_rule'; -import { RULE_NAME_HEADER } from '../../../screens/rule_details'; -import { createTimeline } from '../../../tasks/api_calls/timelines'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +} from '../../../../screens/create_new_rule'; +import { RULE_NAME_HEADER } from '../../../../screens/rule_details'; +import { createTimeline } from '../../../../tasks/api_calls/timelines'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; import { createAndEnableRule, expandAdvancedSettings, @@ -37,10 +37,10 @@ import { fillThreatSubtechnique, fillThreatTechnique, importSavedQuery, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; -import { visit } from '../../../tasks/navigation'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; +import { visit } from '../../../../tasks/navigation'; // This test is meant to test touching all the common various components in rule creation // to ensure we don't miss any changes that maybe affect one of these more obscure UI components diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_query_rule.cy.ts similarity index 72% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_query_rule.cy.ts index 5e41440f48f4e..d5918e21fa105 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_query_rule.cy.ts @@ -5,19 +5,19 @@ * 2.0. */ -import { getNewRule } from '../../../objects/rule'; -import { RULE_NAME_HEADER } from '../../../screens/rule_details'; +import { getNewRule } from '../../../../objects/rule'; +import { RULE_NAME_HEADER } from '../../../../screens/rule_details'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; import { fillScheduleRuleAndContinue, fillAboutRuleMinimumAndContinue, fillDefineCustomRuleAndContinue, createRuleWithoutEnabling, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; describe('Create custom query rule', { tags: ['@ess', '@serverless'] }, () => { const rule = getNewRule(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_query_rule_data_view.cy.ts similarity index 88% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_query_rule_data_view.cy.ts index 7a6d1fa889e58..e93a06dd3ca66 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_query_rule_data_view.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_query_rule_data_view.cy.ts @@ -5,9 +5,9 @@ * 2.0. */ -import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; -import { getDataViewRule } from '../../../objects/rule'; -import { ALERTS_COUNT, ALERT_GRID_CELL } from '../../../screens/alerts'; +import { formatMitreAttackDescription, getHumanizedDuration } from '../../../../helpers/rules'; +import { getDataViewRule } from '../../../../objects/rule'; +import { ALERTS_COUNT, ALERT_GRID_CELL } from '../../../../screens/alerts'; import { CUSTOM_RULES_BTN, @@ -15,12 +15,12 @@ import { RULE_NAME, RULE_SWITCH, SEVERITY, -} from '../../../screens/alerts_detection_rules'; +} from '../../../../screens/alerts_detection_rules'; import { ABOUT_CONTINUE_BTN, RULE_DESCRIPTION_INPUT, RULE_NAME_INPUT, -} from '../../../screens/create_new_rule'; +} from '../../../../screens/create_new_rule'; import { ADDITIONAL_LOOK_BACK_DETAILS, @@ -46,17 +46,17 @@ import { TIMELINE_TEMPLATE_DETAILS, DATA_VIEW_DETAILS, EDIT_RULE_SETTINGS_LINK, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; import { getRulesManagementTableRows, goToRuleDetailsOf, -} from '../../../tasks/alerts_detection_rules'; +} from '../../../../tasks/alerts_detection_rules'; import { deleteAlertsAndRules, deleteDataView, postDataView, -} from '../../../tasks/api_calls/common'; +} from '../../../../tasks/api_calls/common'; import { createAndEnableRule, createRuleWithoutEnabling, @@ -64,14 +64,14 @@ import { fillDefineCustomRuleAndContinue, fillScheduleRuleAndContinue, waitForAlertsToPopulate, -} from '../../../tasks/create_new_rule'; +} from '../../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; -import { getDetails, waitForTheRuleToBeExecuted } from '../../../tasks/rule_details'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; +import { getDetails, waitForTheRuleToBeExecuted } from '../../../../tasks/rule_details'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; describe('Custom query rules', { tags: ['@ess', '@serverless'] }, () => { describe('Custom detection rules creation with data views', () => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_saved_query_rule.cy.ts similarity index 89% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_saved_query_rule.cy.ts index f55a51d8e4f64..5a87350b730da 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/custom_saved_query_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/custom_saved_query_rule.cy.ts @@ -5,14 +5,14 @@ * 2.0. */ -import { getNewRule, getSavedQueryRule } from '../../../objects/rule'; +import { getNewRule, getSavedQueryRule } from '../../../../objects/rule'; import { DEFINE_CONTINUE_BUTTON, LOAD_QUERY_DYNAMICALLY_CHECKBOX, QUERY_BAR, -} from '../../../screens/create_new_rule'; -import { TOASTER } from '../../../screens/alerts_detection_rules'; +} from '../../../../screens/create_new_rule'; +import { TOASTER } from '../../../../screens/alerts_detection_rules'; import { RULE_NAME_HEADER, SAVED_QUERY_NAME_DETAILS, @@ -20,11 +20,11 @@ import { SAVED_QUERY_FILTERS_DETAILS, DEFINE_RULE_PANEL_PROGRESS, CUSTOM_QUERY_DETAILS, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; -import { editFirstRule, goToRuleDetailsOf } from '../../../tasks/alerts_detection_rules'; -import { createSavedQuery, deleteSavedQueries } from '../../../tasks/api_calls/saved_queries'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { editFirstRule, goToRuleDetailsOf } from '../../../../tasks/alerts_detection_rules'; +import { createSavedQuery, deleteSavedQueries } from '../../../../tasks/api_calls/saved_queries'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; import { createAndEnableRule, fillAboutRuleAndContinue, @@ -33,19 +33,19 @@ import { getCustomQueryInput, checkLoadQueryDynamically, uncheckLoadQueryDynamically, -} from '../../../tasks/create_new_rule'; -import { saveEditedRule, visitEditRulePage } from '../../../tasks/edit_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; +} from '../../../../tasks/create_new_rule'; +import { saveEditedRule, visitEditRulePage } from '../../../../tasks/edit_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; import { assertDetailsNotExist, getDetails, visitRuleDetailsPage, -} from '../../../tasks/rule_details'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; +} from '../../../../tasks/rule_details'; +import { createRule } from '../../../../tasks/api_calls/rules'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; +import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; const savedQueryName = 'custom saved query'; const savedQueryQuery = 'process.name: test'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/esql_rule_ess.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/esql_rule_ess.cy.ts similarity index 85% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/esql_rule_ess.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/esql_rule_ess.cy.ts index 0e10557bcaf0e..7b6ba027c1122 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/esql_rule_ess.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/esql_rule_ess.cy.ts @@ -5,20 +5,20 @@ * 2.0. */ -import { getEsqlRule } from '../../../objects/rule'; +import { getEsqlRule } from '../../../../objects/rule'; -import { RULES_MANAGEMENT_TABLE, RULE_NAME } from '../../../screens/alerts_detection_rules'; +import { RULES_MANAGEMENT_TABLE, RULE_NAME } from '../../../../screens/alerts_detection_rules'; import { RULE_NAME_HEADER, RULE_TYPE_DETAILS, RULE_NAME_OVERRIDE_DETAILS, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; -import { ESQL_TYPE, ESQL_QUERY_BAR } from '../../../screens/create_new_rule'; +import { ESQL_TYPE, ESQL_QUERY_BAR } from '../../../../screens/create_new_rule'; -import { getDetails, goBackToRulesTable } from '../../../tasks/rule_details'; -import { expectNumberOfRules } from '../../../tasks/alerts_detection_rules'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { getDetails, goBackToRulesTable } from '../../../../tasks/rule_details'; +import { expectNumberOfRules } from '../../../../tasks/alerts_detection_rules'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; import { fillAboutRuleAndContinue, fillDefineEsqlRuleAndContinue, @@ -28,11 +28,11 @@ import { fillEsqlQueryBar, fillAboutSpecificEsqlRuleAndContinue, createRuleWithoutEnabling, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; describe('Detection ES|QL rules, creation', { tags: ['@ess'] }, () => { const rule = getEsqlRule(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/esql_rule_serverless.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/esql_rule_serverless.cy.ts similarity index 77% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/esql_rule_serverless.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/esql_rule_serverless.cy.ts index 108731a74680c..f2b2b07975a04 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/esql_rule_serverless.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/esql_rule_serverless.cy.ts @@ -5,15 +5,15 @@ * 2.0. */ -import { getEsqlRule } from '../../../objects/rule'; +import { getEsqlRule } from '../../../../objects/rule'; -import { ESQL_TYPE, NEW_TERMS_TYPE, THRESHOLD_TYPE } from '../../../screens/create_new_rule'; +import { ESQL_TYPE, NEW_TERMS_TYPE, THRESHOLD_TYPE } from '../../../../screens/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; -import { createRule } from '../../../tasks/api_calls/rules'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; +import { createRule } from '../../../../tasks/api_calls/rules'; describe('Detection ES|QL rules, creation', { tags: ['@serverless'] }, () => { beforeEach(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/event_correlation_rule.cy.ts similarity index 89% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/event_correlation_rule.cy.ts index 0966ae2709113..f02ec20ffd685 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/event_correlation_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/event_correlation_rule.cy.ts @@ -5,10 +5,10 @@ * 2.0. */ -import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; -import { getEqlRule, getEqlSequenceRule, getIndexPatterns } from '../../../objects/rule'; +import { formatMitreAttackDescription, getHumanizedDuration } from '../../../../helpers/rules'; +import { getEqlRule, getEqlSequenceRule, getIndexPatterns } from '../../../../objects/rule'; -import { ALERTS_COUNT, ALERT_DATA_GRID } from '../../../screens/alerts'; +import { ALERTS_COUNT, ALERT_DATA_GRID } from '../../../../screens/alerts'; import { CUSTOM_RULES_BTN, RISK_SCORE, @@ -16,7 +16,7 @@ import { RULE_NAME, RULE_SWITCH, SEVERITY, -} from '../../../screens/alerts_detection_rules'; +} from '../../../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_INVESTIGATION_NOTES, @@ -39,11 +39,11 @@ import { SEVERITY_DETAILS, TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; -import { getDetails, waitForTheRuleToBeExecuted } from '../../../tasks/rule_details'; -import { expectNumberOfRules, goToRuleDetailsOf } from '../../../tasks/alerts_detection_rules'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { getDetails, waitForTheRuleToBeExecuted } from '../../../../tasks/rule_details'; +import { expectNumberOfRules, goToRuleDetailsOf } from '../../../../tasks/alerts_detection_rules'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; import { createAndEnableRule, fillAboutRuleAndContinue, @@ -51,11 +51,11 @@ import { fillScheduleRuleAndContinue, selectEqlRuleType, waitForAlertsToPopulate, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; describe('EQL rules', { tags: ['@ess', '@serverless'] }, () => { beforeEach(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/indicator_match_rule.cy.ts similarity index 94% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/indicator_match_rule.cy.ts index 2b83c938b9473..5b0fc1f122928 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/indicator_match_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/indicator_match_rule.cy.ts @@ -5,20 +5,20 @@ * 2.0. */ -import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; +import { formatMitreAttackDescription, getHumanizedDuration } from '../../../../helpers/rules'; import { getIndexPatterns, getNewThreatIndicatorRule, getThreatIndexPatterns, indicatorRuleMatchingDoc, -} from '../../../objects/rule'; +} from '../../../../objects/rule'; import { ALERT_RULE_NAME, ALERT_RISK_SCORE, ALERT_SEVERITY, ALERTS_COUNT, -} from '../../../screens/alerts'; +} from '../../../../screens/alerts'; import { CUSTOM_RULES_BTN, RISK_SCORE, @@ -26,7 +26,7 @@ import { RULE_NAME, RULE_SWITCH, SEVERITY, -} from '../../../screens/alerts_detection_rules'; +} from '../../../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_INVESTIGATION_NOTES, @@ -53,9 +53,9 @@ import { SEVERITY_DETAILS, TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../../../screens/rule_details'; -import { INDICATOR_MATCH_ROW_RENDER, PROVIDER_BADGE } from '../../../screens/timeline'; -import { investigateFirstAlertInTimeline } from '../../../tasks/alerts'; +} from '../../../../screens/rule_details'; +import { INDICATOR_MATCH_ROW_RENDER, PROVIDER_BADGE } from '../../../../screens/timeline'; +import { investigateFirstAlertInTimeline } from '../../../../tasks/alerts'; import { duplicateFirstRule, duplicateRuleFromMenu, @@ -64,10 +64,10 @@ import { selectAllRules, goToRuleDetailsOf, disableAutoRefresh, -} from '../../../tasks/alerts_detection_rules'; -import { duplicateSelectedRulesWithExceptions } from '../../../tasks/rules_bulk_actions'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { loadPrepackagedTimelineTemplates } from '../../../tasks/api_calls/timelines'; +} from '../../../../tasks/alerts_detection_rules'; +import { duplicateSelectedRulesWithExceptions } from '../../../../tasks/rules_bulk_actions'; +import { createRule } from '../../../../tasks/api_calls/rules'; +import { loadPrepackagedTimelineTemplates } from '../../../../tasks/api_calls/timelines'; import { createAndEnableRule, fillAboutRuleAndContinue, @@ -92,26 +92,26 @@ import { getIndicatorOrButton, selectIndicatorMatchType, waitForAlertsToPopulate, -} from '../../../tasks/create_new_rule'; +} from '../../../../tasks/create_new_rule'; import { SCHEDULE_INTERVAL_AMOUNT_INPUT, SCHEDULE_INTERVAL_UNITS_INPUT, SCHEDULE_LOOKBACK_AMOUNT_INPUT, SCHEDULE_LOOKBACK_UNITS_INPUT, -} from '../../../screens/create_new_rule'; -import { goBackToRuleDetails } from '../../../tasks/edit_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; +} from '../../../../screens/create_new_rule'; +import { goBackToRuleDetails } from '../../../../tasks/edit_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; import { goBackToRulesTable, getDetails, waitForTheRuleToBeExecuted, visitRuleDetailsPage, -} from '../../../tasks/rule_details'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +} from '../../../../tasks/rule_details'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; +import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; const DEFAULT_THREAT_MATCH_QUERY = '@timestamp >= "now-30d/d"'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/machine_learning_rule.cy.ts similarity index 88% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/machine_learning_rule.cy.ts index 3929f57d0b6f5..4b3501db69859 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/machine_learning_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/machine_learning_rule.cy.ts @@ -6,8 +6,8 @@ */ import { isArray } from 'lodash'; -import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; -import { getMachineLearningRule } from '../../../objects/rule'; +import { formatMitreAttackDescription, getHumanizedDuration } from '../../../../helpers/rules'; +import { getMachineLearningRule } from '../../../../objects/rule'; import { CUSTOM_RULES_BTN, @@ -16,7 +16,7 @@ import { RULE_NAME, RULE_SWITCH, SEVERITY, -} from '../../../screens/alerts_detection_rules'; +} from '../../../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_RULE_DESCRIPTION, @@ -37,21 +37,21 @@ import { SEVERITY_DETAILS, TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; -import { getDetails } from '../../../tasks/rule_details'; -import { expectNumberOfRules, goToRuleDetailsOf } from '../../../tasks/alerts_detection_rules'; +import { getDetails } from '../../../../tasks/rule_details'; +import { expectNumberOfRules, goToRuleDetailsOf } from '../../../../tasks/alerts_detection_rules'; import { createAndEnableRule, fillAboutRuleAndContinue, fillDefineMachineLearningRuleAndContinue, fillScheduleRuleAndContinue, selectMachineLearningRuleType, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; describe( 'Machine Learning rules', diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/new_terms_rule.cy.ts similarity index 87% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/new_terms_rule.cy.ts index 570f19f3f72e1..3b77522dfbff5 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/new_terms_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/new_terms_rule.cy.ts @@ -5,10 +5,10 @@ * 2.0. */ -import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; -import { getIndexPatterns, getNewTermsRule } from '../../../objects/rule'; +import { formatMitreAttackDescription, getHumanizedDuration } from '../../../../helpers/rules'; +import { getIndexPatterns, getNewTermsRule } from '../../../../objects/rule'; -import { ALERT_DATA_GRID } from '../../../screens/alerts'; +import { ALERT_DATA_GRID } from '../../../../screens/alerts'; import { CUSTOM_RULES_BTN, RISK_SCORE, @@ -16,7 +16,7 @@ import { RULE_NAME, RULE_SWITCH, SEVERITY, -} from '../../../screens/alerts_detection_rules'; +} from '../../../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_INVESTIGATION_NOTES, @@ -41,11 +41,11 @@ import { TIMELINE_TEMPLATE_DETAILS, NEW_TERMS_HISTORY_WINDOW_DETAILS, NEW_TERMS_FIELDS_DETAILS, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; -import { getDetails, waitForTheRuleToBeExecuted } from '../../../tasks/rule_details'; -import { expectNumberOfRules, goToRuleDetailsOf } from '../../../tasks/alerts_detection_rules'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { getDetails, waitForTheRuleToBeExecuted } from '../../../../tasks/rule_details'; +import { expectNumberOfRules, goToRuleDetailsOf } from '../../../../tasks/alerts_detection_rules'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; import { createAndEnableRule, fillAboutRuleAndContinue, @@ -53,11 +53,11 @@ import { fillScheduleRuleAndContinue, selectNewTermsRuleType, waitForAlertsToPopulate, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; describe('New Terms rules', { tags: ['@ess', '@serverless'] }, () => { describe('Detection rules, New Terms', () => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/override.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/override.cy.ts similarity index 87% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/override.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/override.cy.ts index 9bb9f569c4dd1..841fc1b4fef8e 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/override.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/override.cy.ts @@ -5,10 +5,14 @@ * 2.0. */ -import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; -import { getIndexPatterns, getNewOverrideRule, getSeveritiesOverride } from '../../../objects/rule'; +import { formatMitreAttackDescription, getHumanizedDuration } from '../../../../helpers/rules'; +import { + getIndexPatterns, + getNewOverrideRule, + getSeveritiesOverride, +} from '../../../../objects/rule'; -import { ALERT_GRID_CELL, ALERTS_COUNT } from '../../../screens/alerts'; +import { ALERT_GRID_CELL, ALERTS_COUNT } from '../../../../screens/alerts'; import { CUSTOM_RULES_BTN, @@ -17,7 +21,7 @@ import { RULE_NAME, RULE_SWITCH, SEVERITY, -} from '../../../screens/alerts_detection_rules'; +} from '../../../../screens/alerts_detection_rules'; import { ABOUT_INVESTIGATION_NOTES, ABOUT_DETAILS, @@ -45,22 +49,22 @@ import { TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, TIMESTAMP_OVERRIDE_DETAILS, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { expectNumberOfRules, goToRuleDetailsOf } from '../../../tasks/alerts_detection_rules'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; +import { expectNumberOfRules, goToRuleDetailsOf } from '../../../../tasks/alerts_detection_rules'; import { createAndEnableRule, fillAboutRuleWithOverrideAndContinue, fillDefineCustomRuleAndContinue, fillScheduleRuleAndContinue, waitForAlertsToPopulate, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { getDetails, waitForTheRuleToBeExecuted } from '../../../tasks/rule_details'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { getDetails, waitForTheRuleToBeExecuted } from '../../../../tasks/rule_details'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; describe('Rules override', { tags: ['@ess', '@serverless'] }, () => { const rule = getNewOverrideRule(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule.cy.ts similarity index 89% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule.cy.ts index c81b93bc5757b..13c8965bf3e89 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule.cy.ts @@ -5,10 +5,10 @@ * 2.0. */ -import { formatMitreAttackDescription, getHumanizedDuration } from '../../../helpers/rules'; -import { getIndexPatterns, getNewThresholdRule } from '../../../objects/rule'; +import { formatMitreAttackDescription, getHumanizedDuration } from '../../../../helpers/rules'; +import { getIndexPatterns, getNewThresholdRule } from '../../../../objects/rule'; -import { ALERTS_COUNT, ALERT_GRID_CELL } from '../../../screens/alerts'; +import { ALERTS_COUNT, ALERT_GRID_CELL } from '../../../../screens/alerts'; import { CUSTOM_RULES_BTN, @@ -17,7 +17,7 @@ import { RULE_NAME, RULE_SWITCH, SEVERITY, -} from '../../../screens/alerts_detection_rules'; +} from '../../../../screens/alerts_detection_rules'; import { ABOUT_DETAILS, ABOUT_INVESTIGATION_NOTES, @@ -42,15 +42,10 @@ import { THRESHOLD_DETAILS, TIMELINE_TEMPLATE_DETAILS, SUPPRESS_FOR_DETAILS, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; +import { expectNumberOfRules, goToRuleDetailsOf } from '../../../../tasks/alerts_detection_rules'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; -import { - getDetails, - waitForTheRuleToBeExecuted, - assertDetailsNotExist, -} from '../../../tasks/rule_details'; -import { expectNumberOfRules, goToRuleDetailsOf } from '../../../tasks/alerts_detection_rules'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; import { createAndEnableRule, createRuleWithoutEnabling, @@ -62,11 +57,16 @@ import { fillScheduleRuleAndContinue, selectThresholdRuleType, waitForAlertsToPopulate, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { openRuleManagementPageViaBreadcrumbs } from '../../../tasks/rules_management'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { + getDetails, + assertDetailsNotExist, + waitForTheRuleToBeExecuted, +} from '../../../../tasks/rule_details'; +import { openRuleManagementPageViaBreadcrumbs } from '../../../../tasks/rules_management'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; describe( 'Threshold rules', diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule_ess_basic.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule_ess_basic.cy.ts similarity index 69% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule_ess_basic.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule_ess_basic.cy.ts index 2c8d5879834e1..39328f560bff8 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule_ess_basic.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule_ess_basic.cy.ts @@ -8,15 +8,15 @@ import { ALERT_SUPPRESSION_DURATION_INPUT, THRESHOLD_ENABLE_SUPPRESSION_CHECKBOX, -} from '../../../screens/create_new_rule'; +} from '../../../../screens/create_new_rule'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { startBasicLicense } from '../../../tasks/api_calls/licensing'; -import { selectThresholdRuleType } from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; -import { TOOLTIP } from '../../../screens/common'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; +import { startBasicLicense } from '../../../../tasks/api_calls/licensing'; +import { selectThresholdRuleType } from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; +import { TOOLTIP } from '../../../../screens/common'; describe('Threshold rules, ESS basic license', { tags: ['@ess'] }, () => { beforeEach(() => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule_serverless_essentials.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule_serverless_essentials.cy.ts similarity index 74% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule_serverless_essentials.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule_serverless_essentials.cy.ts index ddeda8c0a2ff8..b990edbd0461c 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_creation/threshold_rule_serverless_essentials.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_creation/threshold_rule_serverless_essentials.cy.ts @@ -5,13 +5,12 @@ * 2.0. */ -import { THRESHOLD_ENABLE_SUPPRESSION_CHECKBOX } from '../../../screens/create_new_rule'; - -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { selectThresholdRuleType } from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { CREATE_RULE_URL } from '../../../urls/navigation'; +import { THRESHOLD_ENABLE_SUPPRESSION_CHECKBOX } from '../../../../screens/create_new_rule'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; +import { selectThresholdRuleType } from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { CREATE_RULE_URL } from '../../../../urls/navigation'; describe( 'Threshold rules, Serverless essentials license', diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/custom_query_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/custom_query_rule.cy.ts similarity index 88% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/custom_query_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/custom_query_rule.cy.ts index e9497851d4cb0..041ed42cd3de8 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/custom_query_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/custom_query_rule.cy.ts @@ -5,12 +5,12 @@ * 2.0. */ -import { getExistingRule, getEditedRule } from '../../../objects/rule'; +import { getExistingRule, getEditedRule } from '../../../../objects/rule'; import { ACTIONS_NOTIFY_WHEN_BUTTON, ACTIONS_SUMMARY_BUTTON, -} from '../../../screens/common/rule_actions'; +} from '../../../../screens/common/rule_actions'; import { CUSTOM_QUERY_INPUT, DEFINE_INDEX_INPUT, @@ -22,7 +22,7 @@ import { SEVERITY_DROPDOWN, TAGS_CLEAR_BUTTON, TAGS_FIELD, -} from '../../../screens/create_new_rule'; +} from '../../../../screens/create_new_rule'; import { ABOUT_DETAILS, ABOUT_INVESTIGATION_NOTES, @@ -39,20 +39,20 @@ import { SEVERITY_DETAILS, TAGS_DETAILS, TIMELINE_TEMPLATE_DETAILS, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; -import { createRule } from '../../../tasks/api_calls/rules'; -import { deleteAlertsAndRules, deleteConnectors } from '../../../tasks/api_calls/common'; -import { addEmailConnectorAndRuleAction } from '../../../tasks/common/rule_actions'; +import { createRule } from '../../../../tasks/api_calls/rules'; +import { deleteAlertsAndRules, deleteConnectors } from '../../../../tasks/api_calls/common'; +import { addEmailConnectorAndRuleAction } from '../../../../tasks/common/rule_actions'; import { fillAboutRule, goToAboutStepTab, goToActionsStepTab, goToScheduleStepTab, -} from '../../../tasks/create_new_rule'; -import { saveEditedRule, visitEditRulePage } from '../../../tasks/edit_rule'; -import { login } from '../../../tasks/login'; -import { getDetails } from '../../../tasks/rule_details'; +} from '../../../../tasks/create_new_rule'; +import { saveEditedRule, visitEditRulePage } from '../../../../tasks/edit_rule'; +import { login } from '../../../../tasks/login'; +import { getDetails } from '../../../../tasks/rule_details'; describe('Custom query rules', { tags: ['@ess', '@serverless', '@brokenInServerlessQA'] }, () => { const rule = getEditedRule(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/esql_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/esql_rule.cy.ts similarity index 78% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/esql_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/esql_rule.cy.ts index 20d48b211995e..50980e0add4f8 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/esql_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/esql_rule.cy.ts @@ -5,30 +5,30 @@ * 2.0. */ -import { getEsqlRule } from '../../../objects/rule'; +import { getEsqlRule } from '../../../../objects/rule'; -import { ESQL_QUERY_DETAILS, RULE_NAME_OVERRIDE_DETAILS } from '../../../screens/rule_details'; +import { ESQL_QUERY_DETAILS, RULE_NAME_OVERRIDE_DETAILS } from '../../../../screens/rule_details'; -import { ESQL_QUERY_BAR, ESQL_QUERY_BAR_EXPAND_BTN } from '../../../screens/create_new_rule'; +import { ESQL_QUERY_BAR, ESQL_QUERY_BAR_EXPAND_BTN } from '../../../../screens/create_new_rule'; -import { createRule } from '../../../tasks/api_calls/rules'; +import { createRule } from '../../../../tasks/api_calls/rules'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { getDetails } from '../../../tasks/rule_details'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; +import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; +import { getDetails } from '../../../../tasks/rule_details'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; import { clearEsqlQueryBar, fillEsqlQueryBar, fillOverrideEsqlRuleName, goToAboutStepTab, expandAdvancedSettings, -} from '../../../tasks/create_new_rule'; -import { login } from '../../../tasks/login'; +} from '../../../../tasks/create_new_rule'; +import { login } from '../../../../tasks/login'; -import { editFirstRule } from '../../../tasks/alerts_detection_rules'; +import { editFirstRule } from '../../../../tasks/alerts_detection_rules'; -import { saveEditedRule } from '../../../tasks/edit_rule'; -import { visit } from '../../../tasks/navigation'; +import { saveEditedRule } from '../../../../tasks/edit_rule'; +import { visit } from '../../../../tasks/navigation'; const rule = getEsqlRule(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/threshold_rule.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/threshold_rule.cy.ts similarity index 81% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/threshold_rule.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/threshold_rule.cy.ts index 2e249bb8f5195..2827417d62442 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/rule_edit/threshold_rule.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/rule_edit/threshold_rule.cy.ts @@ -5,14 +5,14 @@ * 2.0. */ -import { getNewThresholdRule } from '../../../objects/rule'; +import { getNewThresholdRule } from '../../../../objects/rule'; import { SUPPRESS_FOR_DETAILS, DETAILS_TITLE, SUPPRESS_BY_DETAILS, SUPPRESS_MISSING_FIELD, -} from '../../../screens/rule_details'; +} from '../../../../screens/rule_details'; import { ALERT_SUPPRESSION_DURATION_INPUT, @@ -20,20 +20,20 @@ import { ALERT_SUPPRESSION_DURATION_PER_RULE_EXECUTION, ALERT_SUPPRESSION_DURATION_PER_TIME_INTERVAL, ALERT_SUPPRESSION_FIELDS, -} from '../../../screens/create_new_rule'; +} from '../../../../screens/create_new_rule'; -import { createRule } from '../../../tasks/api_calls/rules'; +import { createRule } from '../../../../tasks/api_calls/rules'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { getDetails, assertDetailsNotExist } from '../../../tasks/rule_details'; -import { deleteAlertsAndRules } from '../../../tasks/api_calls/common'; -import { login } from '../../../tasks/login'; +import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; +import { getDetails, assertDetailsNotExist } from '../../../../tasks/rule_details'; +import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common'; +import { login } from '../../../../tasks/login'; -import { editFirstRule } from '../../../tasks/alerts_detection_rules'; +import { editFirstRule } from '../../../../tasks/alerts_detection_rules'; -import { saveEditedRule, goBackToRuleDetails } from '../../../tasks/edit_rule'; -import { enablesAndPopulatesThresholdSuppression } from '../../../tasks/create_new_rule'; -import { visit } from '../../../tasks/navigation'; +import { saveEditedRule, goBackToRuleDetails } from '../../../../tasks/edit_rule'; +import { enablesAndPopulatesThresholdSuppression } from '../../../../tasks/create_new_rule'; +import { visit } from '../../../../tasks/navigation'; const rule = getNewThresholdRule(); diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/create_runtime_field.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/create_runtime_field.cy.ts similarity index 59% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/create_runtime_field.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/create_runtime_field.cy.ts index 6838532d55938..af6500c6e6db4 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/create_runtime_field.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/create_runtime_field.cy.ts @@ -5,23 +5,23 @@ * 2.0. */ -import { login } from '../../../tasks/login'; -import { visitWithTimeRange } from '../../../tasks/navigation'; -import { openTimelineUsingToggle } from '../../../tasks/security_main'; -import { openTimelineFieldsBrowser, populateTimeline } from '../../../tasks/timeline'; - -import { hostsUrl, ALERTS_URL } from '../../../urls/navigation'; - -import { createRule } from '../../../tasks/api_calls/rules'; - -import { getNewRule } from '../../../objects/rule'; -import { refreshPage } from '../../../tasks/security_header'; -import { waitForAlertsToPopulate } from '../../../tasks/create_new_rule'; -import { createField } from '../../../tasks/create_runtime_field'; -import { openAlertsFieldBrowser } from '../../../tasks/alerts'; -import { GET_DATA_GRID_HEADER } from '../../../screens/common/data_grid'; -import { GET_TIMELINE_HEADER } from '../../../screens/timeline'; -import { deleteRuntimeField } from '../../../tasks/api_calls/sourcerer'; +import { login } from '../../../../tasks/login'; +import { visitWithTimeRange } from '../../../../tasks/navigation'; +import { openTimelineUsingToggle } from '../../../../tasks/security_main'; +import { openTimelineFieldsBrowser, populateTimeline } from '../../../../tasks/timeline'; + +import { hostsUrl, ALERTS_URL } from '../../../../urls/navigation'; + +import { createRule } from '../../../../tasks/api_calls/rules'; + +import { getNewRule } from '../../../../objects/rule'; +import { refreshPage } from '../../../../tasks/security_header'; +import { waitForAlertsToPopulate } from '../../../../tasks/create_new_rule'; +import { createField } from '../../../../tasks/create_runtime_field'; +import { openAlertsFieldBrowser } from '../../../../tasks/alerts'; +import { GET_DATA_GRID_HEADER } from '../../../../screens/common/data_grid'; +import { GET_TIMELINE_HEADER } from '../../../../screens/timeline'; +import { deleteRuntimeField } from '../../../../tasks/api_calls/sourcerer'; const alertRunTimeField = 'field.name.alert.page'; const timelineRuntimeField = 'field.name.timeline'; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer.cy.ts similarity index 91% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer.cy.ts index d27444e3d9a82..beefd09dc4811 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer.cy.ts @@ -7,10 +7,10 @@ import { DEFAULT_INDEX_PATTERN } from '@kbn/security-solution-plugin/common/constants'; -import { login } from '../../../tasks/login'; -import { visitWithTimeRange } from '../../../tasks/navigation'; +import { login } from '../../../../tasks/login'; +import { visitWithTimeRange } from '../../../../tasks/navigation'; -import { hostsUrl } from '../../../urls/navigation'; +import { hostsUrl } from '../../../../urls/navigation'; import { addIndexToDefault, deselectSourcererOptions, @@ -25,9 +25,9 @@ import { openSourcerer, resetSourcerer, saveSourcerer, -} from '../../../tasks/sourcerer'; -import { postDataView } from '../../../tasks/api_calls/common'; -import { SOURCERER } from '../../../screens/sourcerer'; +} from '../../../../tasks/sourcerer'; +import { postDataView } from '../../../../tasks/api_calls/common'; +import { SOURCERER } from '../../../../screens/sourcerer'; const siemDataViewTitle = 'Security Default Data View'; const dataViews = ['auditbeat-*,fakebeat-*', 'auditbeat-*,*beat*,siem-read*,.kibana*,fakebeat-*']; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer_permissions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer_permissions.cy.ts similarity index 74% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer_permissions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer_permissions.cy.ts index e26756924b88e..4c7b0dd90da9f 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer_permissions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer_permissions.cy.ts @@ -7,11 +7,11 @@ import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { hostsUrl } from '../../../urls/navigation'; -import { postDataView } from '../../../tasks/api_calls/common'; -import { TOASTER } from '../../../screens/configure_cases'; -import { visit } from '../../../tasks/navigation'; -import { login } from '../../../tasks/login'; +import { hostsUrl } from '../../../../urls/navigation'; +import { postDataView } from '../../../../tasks/api_calls/common'; +import { TOASTER } from '../../../../screens/configure_cases'; +import { visit } from '../../../../tasks/navigation'; +import { login } from '../../../../tasks/login'; const dataViews = ['auditbeat-*,fakebeat-*', 'auditbeat-*,*beat*,siem-read*,.kibana*,fakebeat-*']; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer_timeline.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer_timeline.cy.ts similarity index 91% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer_timeline.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer_timeline.cy.ts index 64a4e7224f820..8e7be3970440e 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/sourcerer/sourcerer_timeline.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/sourcerer/sourcerer_timeline.cy.ts @@ -10,10 +10,10 @@ import { DEFAULT_INDEX_PATTERN, } from '@kbn/security-solution-plugin/common/constants'; -import { login } from '../../../tasks/login'; -import { visitWithTimeRange } from '../../../tasks/navigation'; +import { login } from '../../../../tasks/login'; +import { visitWithTimeRange } from '../../../../tasks/navigation'; -import { TIMELINES_URL } from '../../../urls/navigation'; +import { TIMELINES_URL } from '../../../../urls/navigation'; import { clickAlertCheckbox, deselectSourcererOptions, @@ -29,12 +29,12 @@ import { refreshUntilAlertsIndexExists, resetSourcerer, saveSourcerer, -} from '../../../tasks/sourcerer'; -import { openTimelineUsingToggle } from '../../../tasks/security_main'; -import { SOURCERER } from '../../../screens/sourcerer'; -import { createTimeline } from '../../../tasks/api_calls/timelines'; -import { getTimeline, getTimelineModifiedSourcerer } from '../../../objects/timeline'; -import { closeTimeline, openTimelineById } from '../../../tasks/timeline'; +} from '../../../../tasks/sourcerer'; +import { openTimelineUsingToggle } from '../../../../tasks/security_main'; +import { SOURCERER } from '../../../../screens/sourcerer'; +import { createTimeline } from '../../../../tasks/api_calls/timelines'; +import { getTimeline, getTimelineModifiedSourcerer } from '../../../../objects/timeline'; +import { closeTimeline, openTimelineById } from '../../../../tasks/timeline'; const siemDataViewTitle = 'Security Default Data View'; const dataViews = ['auditbeat-*,fakebeat-*', 'auditbeat-*,*beat*,siem-read*,.kibana*,fakebeat-*']; diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/permissions.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/value_lists/permissions.cy.ts similarity index 73% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/permissions.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/value_lists/permissions.cy.ts index 94ed3c97e5911..045f7e228ad14 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/permissions.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/value_lists/permissions.cy.ts @@ -7,10 +7,10 @@ import { ROLES } from '@kbn/security-solution-plugin/common/test'; -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; -import { VALUE_LISTS_MODAL_ACTIVATOR } from '../../../screens/lists'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; +import { VALUE_LISTS_MODAL_ACTIVATOR } from '../../../../screens/lists'; describe('value list permissions', { tags: ['@ess', '@skipInServerless'] }, () => { describe('user with restricted access role', () => { diff --git a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/value_lists.cy.ts b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/value_lists/value_lists.cy.ts similarity index 95% rename from x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/value_lists.cy.ts rename to x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/value_lists/value_lists.cy.ts index 4b1c3e93f631e..59d9e433d0153 100644 --- a/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/value_lists/value_lists.cy.ts +++ b/x-pack/test/security_solution_cypress/cypress/e2e/detection_response/detection_engine/value_lists/value_lists.cy.ts @@ -5,9 +5,9 @@ * 2.0. */ -import { login } from '../../../tasks/login'; -import { visit } from '../../../tasks/navigation'; -import { RULES_MANAGEMENT_URL } from '../../../urls/rules_management'; +import { login } from '../../../../tasks/login'; +import { visit } from '../../../../tasks/navigation'; +import { RULES_MANAGEMENT_URL } from '../../../../urls/rules_management'; import { createListsIndex, waitForValueListsModalToBeLoaded, @@ -22,9 +22,9 @@ import { waitForListsIndex, deleteValueLists, KNOWN_VALUE_LIST_FILES, -} from '../../../tasks/lists'; -import { VALUE_LISTS_TABLE, VALUE_LISTS_ROW } from '../../../screens/lists'; -import { refreshIndex } from '../../../tasks/api_calls/elasticsearch'; +} from '../../../../tasks/lists'; +import { VALUE_LISTS_TABLE, VALUE_LISTS_ROW } from '../../../../screens/lists'; +import { refreshIndex } from '../../../../tasks/api_calls/elasticsearch'; describe('value lists management modal', { tags: ['@ess', '@serverless'] }, () => { beforeEach(() => { diff --git a/x-pack/test/security_solution_cypress/package.json b/x-pack/test/security_solution_cypress/package.json index e1f552fdba9de..f19fe9431e756 100644 --- a/x-pack/test/security_solution_cypress/package.json +++ b/x-pack/test/security_solution_cypress/package.json @@ -7,12 +7,14 @@ "scripts": { "cypress": "NODE_OPTIONS=--openssl-legacy-provider ../../../node_modules/.bin/cypress", "cypress:open:ess": "TZ=UTC NODE_OPTIONS=--openssl-legacy-provider node ../../plugins/security_solution/scripts/start_cypress_parallel open --spec './cypress/e2e/**/*.cy.ts' --config-file ../../test/security_solution_cypress/cypress/cypress.config.ts --ftr-config-file ../../test/security_solution_cypress/cli_config", - "cypress:run:ess": "yarn cypress:ess --spec './cypress/e2e/!(investigations|explore|detection_response/rule_management)/**/*.cy.ts'", + "cypress:run:ess": "yarn cypress:ess --spec './cypress/e2e/!(investigations|explore|detection_response)/**/*.cy.ts'", "cypress:run:cases:ess": "yarn cypress:ess --spec './cypress/e2e/explore/cases/*.cy.ts'", "cypress:ess": "TZ=UTC NODE_OPTIONS=--openssl-legacy-provider node ../../plugins/security_solution/scripts/start_cypress_parallel run --config-file ../../test/security_solution_cypress/cypress/cypress_ci.config.ts --ftr-config-file ../../test/security_solution_cypress/cli_config", "cypress:rule_management:run:ess":"yarn cypress:ess --spec './cypress/e2e/detection_response/rule_management/!(prebuilt_rules)/**/*.cy.ts'", "cypress:rule_management:prebuilt_rules:run:ess": "yarn cypress:ess --spec './cypress/e2e/detection_response/rule_management/prebuilt_rules/**/*.cy.ts'", - "cypress:run:respops:ess": "yarn cypress:ess --spec './cypress/e2e/(detection_response|exceptions)/**/*.cy.ts'", + "cypress:detection_engine:run:ess":"yarn cypress:ess --spec './cypress/e2e/detection_response/detection_engine/!(exceptions)/**/*.cy.ts'", + "cypress:detection_engine:exceptions:run:ess": "yarn cypress:ess --spec './cypress/e2e/detection_response/detection_engine/exceptions/**/*.cy.ts'", + "cypress:run:respops:ess": "yarn cypress:ess --spec './cypress/e2e/(detection_response)/**/*.cy.ts'", "cypress:investigations:run:ess": "yarn cypress:ess --spec './cypress/e2e/investigations/**/*.cy.ts'", "cypress:explore:run:ess": "yarn cypress:ess --spec './cypress/e2e/explore/**/*.cy.ts'", "cypress:changed-specs-only:ess": "yarn cypress:ess --changed-specs-only --env burn=5", @@ -23,20 +25,24 @@ "cypress:cloud:serverless": "TZ=UTC NODE_OPTIONS=--openssl-legacy-provider NODE_TLS_REJECT_UNAUTHORIZED=0 ../../../node_modules/.bin/cypress", "cypress:open:cloud:serverless": "yarn cypress:cloud:serverless open --config-file ./cypress/cypress_serverless.config.ts --env CLOUD_SERVERLESS=true", "cypress:open:serverless": "yarn cypress:serverless open --config-file ../../test/security_solution_cypress/cypress/cypress_serverless.config.ts --spec './cypress/e2e/**/*.cy.ts'", - "cypress:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/!(investigations|explore|detection_response/rule_management)/**/*.cy.ts'", + "cypress:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/!(investigations|explore|detection_response)/**/*.cy.ts'", "cypress:run:cloud:serverless": "yarn cypress:cloud:serverless run --config-file ./cypress/cypress_ci_serverless.config.ts --env CLOUD_SERVERLESS=true", "cypress:rule_management:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/detection_response/rule_management/!(prebuilt_rules)/**/*.cy.ts'", "cypress:rule_management:prebuilt_rules:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/detection_response/rule_management/prebuilt_rules/**/*.cy.ts'", + "cypress:detection_engine:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/detection_response/detection_engine/!(exceptions)/**/*.cy.ts'", + "cypress:detection_engine:exceptions:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/detection_response/detection_engine/exceptions/**/*.cy.ts'", "cypress:investigations:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/investigations/**/*.cy.ts'", "cypress:explore:run:serverless": "yarn cypress:serverless --spec './cypress/e2e/explore/**/*.cy.ts'", "cypress:changed-specs-only:serverless": "yarn cypress:serverless --changed-specs-only --env burn=5", "cypress:burn:serverless": "yarn cypress:serverless --env burn=2", "cypress:qa:serverless": "TZ=UTC NODE_OPTIONS=--openssl-legacy-provider node ../../plugins/security_solution/scripts/start_cypress_parallel_serverless --config-file ../../test/security_solution_cypress/cypress/cypress_ci_serverless_qa.config.ts", "cypress:open:qa:serverless": "yarn cypress:qa:serverless open", - "cypress:run:qa:serverless": "yarn cypress:qa:serverless --spec './cypress/e2e/!(investigations|explore|detection_response/rule_management)/**/*.cy.ts'", + "cypress:run:qa:serverless": "yarn cypress:qa:serverless --spec './cypress/e2e/!(investigations|explore|detection_response)/**/*.cy.ts'", "cypress:run:qa:serverless:investigations": "yarn cypress:qa:serverless --spec './cypress/e2e/investigations/**/*.cy.ts'", "cypress:run:qa:serverless:explore": "yarn cypress:qa:serverless --spec './cypress/e2e/explore/**/*.cy.ts'", "cypress:run:qa:serverless:rule_management": "yarn cypress:qa:serverless --spec './cypress/e2e/detection_response/rule_management/!(prebuilt_rules)/**/*.cy.ts'", - "cypress:run:qa:serverless:rule_management:prebuilt_rules": "yarn cypress:qa:serverless --spec './cypress/e2e/detection_response/rule_management/prebuilt_rules/**/*.cy.ts'" + "cypress:run:qa:serverless:rule_management:prebuilt_rules": "yarn cypress:qa:serverless --spec './cypress/e2e/detection_response/rule_management/prebuilt_rules/**/*.cy.ts'", + "cypress:run:qa:serverless:detection_engine": "yarn cypress:qa:serverless --spec './cypress/e2e/detection_response/rule_management/!(exceptions)/**/*.cy.ts'", + "cypress:run:qa:serverless:detection_engine:exceptions": "yarn cypress:qa:serverless --spec './cypress/e2e/detection_response/rule_management/exceptions/**/*.cy.ts'" } } \ No newline at end of file