-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[8.x] [Security Solution] `FinalEdit`: Add fields that are …
…common for all rule types (#196642) (#199743) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] `FinalEdit`: Add fields that are common for all rule types (#196642)](#196642) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Nikita Indik","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-12T10:04:10Z","message":"[Security Solution] `FinalEdit`: Add fields that are common for all rule types (#196642)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\r\n**Is a follow-up to: https://github.com/elastic/kibana/pull/196326**\r\n\r\nThis PR enables editing of common fields in the new \"Updates\" tab of the rule upgrade flyout. The common fields are fields applicable to all rule types.\r\n\r\n## Summary\r\nThese fields are editable now:\r\n - `building_block`\r\n - `description`\r\n - `false_positives`\r\n - `investigation_fields`\r\n - `max_signals`\r\n - `note`\r\n - `references`\r\n - `related_integrations`\r\n - `required_fields`\r\n - `risk_score`\r\n - `risk_score_mapping`\r\n - `rule_name_override`\r\n - `rule_schedule`\r\n - `setup`\r\n - `severity`\r\n - `severity_mapping`\r\n - `tags`\r\n - `threat`\r\n - `timeline_template`\r\n - `timestamp_override`\r\n\r\n<img width=\"2672\" alt=\"Schermafbeelding 2024-10-16 om 17 32 06\" src=\"https://github.com/user-attachments/assets/6dd615e2-6e84-4e1f-b674-f42d03f575e7\">\r\n\r\n### Testing\r\n - Ensure the `prebuiltRulesCustomizationEnabled` feature flag is enabled.\r\n - To simulate the availability of prebuilt rule upgrades, downgrade a currently installed prebuilt rule using the `PATCH api/detection_engine/rules` API. \r\n - Set `version: 1` in the request body to downgrade it to version 1.\r\n - Modify other rule fields in the request body as needed to test the changes.","sha":"3d3b32faf6992f95805a37230e7e7e552e19a801","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:prev-minor"],"title":"[Security Solution] `FinalEdit`: Add fields that are common for all rule types","number":196642,"url":"https://github.com/elastic/kibana/pull/196642","mergeCommit":{"message":"[Security Solution] `FinalEdit`: Add fields that are common for all rule types (#196642)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\r\n**Is a follow-up to: https://github.com/elastic/kibana/pull/196326**\r\n\r\nThis PR enables editing of common fields in the new \"Updates\" tab of the rule upgrade flyout. The common fields are fields applicable to all rule types.\r\n\r\n## Summary\r\nThese fields are editable now:\r\n - `building_block`\r\n - `description`\r\n - `false_positives`\r\n - `investigation_fields`\r\n - `max_signals`\r\n - `note`\r\n - `references`\r\n - `related_integrations`\r\n - `required_fields`\r\n - `risk_score`\r\n - `risk_score_mapping`\r\n - `rule_name_override`\r\n - `rule_schedule`\r\n - `setup`\r\n - `severity`\r\n - `severity_mapping`\r\n - `tags`\r\n - `threat`\r\n - `timeline_template`\r\n - `timestamp_override`\r\n\r\n<img width=\"2672\" alt=\"Schermafbeelding 2024-10-16 om 17 32 06\" src=\"https://github.com/user-attachments/assets/6dd615e2-6e84-4e1f-b674-f42d03f575e7\">\r\n\r\n### Testing\r\n - Ensure the `prebuiltRulesCustomizationEnabled` feature flag is enabled.\r\n - To simulate the availability of prebuilt rule upgrades, downgrade a currently installed prebuilt rule using the `PATCH api/detection_engine/rules` API. \r\n - Set `version: 1` in the request body to downgrade it to version 1.\r\n - Modify other rule fields in the request body as needed to test the changes.","sha":"3d3b32faf6992f95805a37230e7e7e552e19a801"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196642","number":196642,"mergeCommit":{"message":"[Security Solution] `FinalEdit`: Add fields that are common for all rule types (#196642)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\r\n**Is a follow-up to: https://github.com/elastic/kibana/pull/196326**\r\n\r\nThis PR enables editing of common fields in the new \"Updates\" tab of the rule upgrade flyout. The common fields are fields applicable to all rule types.\r\n\r\n## Summary\r\nThese fields are editable now:\r\n - `building_block`\r\n - `description`\r\n - `false_positives`\r\n - `investigation_fields`\r\n - `max_signals`\r\n - `note`\r\n - `references`\r\n - `related_integrations`\r\n - `required_fields`\r\n - `risk_score`\r\n - `risk_score_mapping`\r\n - `rule_name_override`\r\n - `rule_schedule`\r\n - `setup`\r\n - `severity`\r\n - `severity_mapping`\r\n - `tags`\r\n - `threat`\r\n - `timeline_template`\r\n - `timestamp_override`\r\n\r\n<img width=\"2672\" alt=\"Schermafbeelding 2024-10-16 om 17 32 06\" src=\"https://github.com/user-attachments/assets/6dd615e2-6e84-4e1f-b674-f42d03f575e7\">\r\n\r\n### Testing\r\n - Ensure the `prebuiltRulesCustomizationEnabled` feature flag is enabled.\r\n - To simulate the availability of prebuilt rule upgrades, downgrade a currently installed prebuilt rule using the `PATCH api/detection_engine/rules` API. \r\n - Set `version: 1` in the request body to downgrade it to version 1.\r\n - Modify other rule fields in the request body as needed to test the changes.","sha":"3d3b32faf6992f95805a37230e7e7e552e19a801"}}]}] BACKPORT--> Co-authored-by: Nikita Indik <[email protected]>
- Loading branch information
1 parent
04a6dd9
commit bb3e3c7
Showing
69 changed files
with
2,248 additions
and
534 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.