[Serverless][Security Solution] Unfriendly error message when creating an invalid exception #168213
Comments
MadameSheema
added
bug
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
MikePaquette
added
the
impact:high
|
After discussion with @yctercero we decided to fix the issue by limiting the length of the comment to 30K characters. We took same approach as used in Cases. User will not be allowed to create/edit exception with the comment longer than 30K and validation error will be shown. 
|
… exception (#168213) (#170764) ## Summary Addresses #168213 With this PR we limit the length of the comments in exceptions to 30K characters. We took same approach as used in Cases. User will not be allowed to create/edit exception with the comment longer than 30K and validation error will be shown. Right now if user tries to add a very long comment (above 32K characters) the server throws an exception due to the length limitation of the `keyword` type. After the fix, user will see a validation error on putting very long text as a comment <img width="1294" alt="Screenshot 2023-11-07 at 16 47 10" src="https://github.com/elastic/kibana/assets/2700761/16c284a8-ab63-45d7-80dd-e50f48a3f5e2">
|
@MadameSheema this bug was fixed and merged into the main branch. Ready to be tested! |
|
@MadameSheema @e40pud maybe we should start confirming fixes and such on |
|
@yctercero good idea, will make sure that QA we test changes before they go into the main! |
Tested in Serverless Production EnviormentServerless Project: Project: keep_security-solutions-testing Preconditions:
Describe the bug: Unfriendly message when creating an exception in Serveless Steps to reproduce:
Current behavior Error message is not displayed when creating an exception with a long character length in comments Expected behavior: Error message is not displayed when creating an exception with a long character length in comments Observations:I have tested in the Serverless Environment in Project and there is no Screenshots of behavior:Screenshot of exception with the long character comment: 
Conclusion:
|
|
@cybersecdiva thanks for taking a look at the issue, but the validation performed was incorrect, so with the description provided during the testing process, we cannot assure that the bug has been correctly fixed and the fix is already available in the QA environment. As described, the issue was originally reported because the text of the displayed error was not user-friendly, not because an error was displayed. If you check the expected behavior, we are expecting an error message to be displayed. I'll reopen the ticket because the fix is still pending to be validated. |
|
@MadameSheema to fix this issue we prevented user from adding comments longer than 30k characters. This will assure that we do not see the error message like shown in the description. Instead we gonna see the validation error during typing the comment like shown here #168213 (comment) |
|
@MadameSheema Thank you for the update and for the clarification. I see now that I misread based on the error handling message. I have retested (with over 33k+ characters) this and it aligns with @e40pud 's comment - the number of 30k character limitation validation error that shows up. 
|
|
I can assess that the bug is fixed as @e40pud has described on his comment:
@cybersecdiva Is also right on her second validation:
User now cannot create more than 30K character length comments, and it prevents the issue to happen: REC-20240125122044.mp4I will close this issue and consider it validated on 8.12 version. |
Describe the bug:
Kibana/Elasticsearch Stack version:
Steps to reproduce:
Rules>Shared exceptions listsException nameConditionsAdd rule exceptionCurrent behavior:
Expected behavior:
OR
Add rule exceptionsome sort of validation should be performed letting the user know in advanced if the information entered is correct or not.Additional information:
The text was updated successfully, but these errors were encountered: