Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Rule Executions Results with status as Warning are visible under Status Filter as Succeeded . #187132

Closed
arvindersingh-qasource opened this issue Jun 28, 2024 · 7 comments
Closed

[Security Solution] Rule Executions Results with status as Warning are visible under Status Filter as Succeeded . #187132

arvindersingh-qasource opened this issue Jun 28, 2024 · 7 comments
Labels
bug Fixes for quality problems that affect the customer experience impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Detection Engine Security Solution Detection Engine Area Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. triage_needed

Comments

@arvindersingh-qasource
Copy link

Describe the bug
Rule Executions Results with status as Warning are visible under Status Filter as Succeeded .

Build Details

VERSION: 8.15.0
BUILD: 75747
COMMIT: db5ff403594ecb833137454a09e9455c18de740e

Browser Details
This issue is occurring on all browsers.

Preconditions

  1. Kibana v8.15 snapshot must be available.
  2. manualRuleRunEnabled must be enabled.
  3. Rule with having Runtime warnings must be available.

Steps to Reproduce

  1. Navigate to Security -> Rules -> Detection Rules
  2. Open pre-requisite rule with runtime warnings.
  3. Navigate to Execution results tab.
  4. Select filters as Status : Succeeded
  5. Observe that Rule Executions Results with status as Warning are visible under Status Filter as Succeeded .

Actual Result
Rule Executions Results with status as Warning are visible under Status Filter as Succeeded .

Expected Result
Rule Executions Results should be shown for correct status with respect to selected filter.

What's Working

  • N/A

What's Not Working

  • N/A

Screenshot
1
@arvindersingh-qasource arvindersingh-qasource added the impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. label Jun 28, 2024
@botelastic botelastic bot added the needs-team Issues missing a team label label Jun 28, 2024
@arvindersingh-qasource
Copy link
Author

@karanbirsingh-qasource Please review this ticket

Thanks.

@ghost ghost assigned MadameSheema and unassigned ghost Jun 28, 2024
@ghost ghost added triage_needed Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Jun 28, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@botelastic botelastic bot removed the needs-team Issues missing a team label label Jun 28, 2024
@ghost ghost added the bug Fixes for quality problems that affect the customer experience label Jun 28, 2024
@MadameSheema MadameSheema added Team:Detection Rule Management Security Detection Rule Management Team Team:Detection Engine Security Solution Detection Engine Area labels Jun 28, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-engine (Team:Detection Engine)

@MadameSheema MadameSheema added Team:Detections and Resp Security Detection Response Team and removed Team:Detection Rule Management Security Detection Rule Management Team labels Jun 28, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@nkhristinin
Copy link
Contributor

nkhristinin commented Jun 28, 2024
edited
Loading

Hey, it's warning for scheduled rule. @MadameSheema can we try to reproduce this in 8.14? I think maybe it's older bug?

Like have normal runs, have successful and with warning, and then try to filter by succesfull
maybe related to #136138

@banderror
Copy link
Contributor

@nkhristinin It's an old bug that was there before you added manual rule runs. I don't think any immediate action is needed here.

@arvindersingh-qasource @MadameSheema Closing as a duplicate of #137935 and #136138.

@banderror banderror closed this as not planned Won't fix, can't repro, duplicate, stale Jun 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Detection Engine Security Solution Detection Engine Area Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. triage_needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@banderror @nkhristinin @elasticmachine @MadameSheema @arvindersingh-qasource