-
Notifications
You must be signed in to change notification settings - Fork 191
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prebuilt rule customization - per-field rule diffs #4783
Labels
Docset: ESS
Issues that apply to docs in the Stack release
Docset: Serverless
Issues for Serverless Security
Feature: Prebuilt rules
Feature: Rules
Team: Detections/Response
Detections and Response
v8.13.0
Comments
11 tasks
joepeeples
added
Team: Detections/Response
Detections and Response
Feature: Rules
Feature: Prebuilt rules
Docset: Serverless
Issues for Serverless Security
Docset: ESS
Issues that apply to docs in the Stack release
v8.13.0
labels
Feb 8, 2024
dplumlee
added a commit
to elastic/kibana
that referenced
this issue
Feb 12, 2024
## Summary Addresses #166489 Docs issue: elastic/security-docs#4783 Adds per-field diffs for the rule upgrade flyout ### Acceptance Criteria - [x] The tab with per-field diffs is hidden behind a new feature flag. When the flag is off, the tab does not appear in the flyout. The tab should work regardless of the value of `jsonPrebuiltRulesDiffingEnabled`. - [x] Per-field diffs are read-only components. We don't need to let the user "merge" differences using these components. - [x] Diffs for complex fields are rendered as JSON diffs using the same component used for rendering the JSON diff for the whole rule. This means this component should be abstracted away and should accept `unknown` values in props instead of `RuleResponse`. - [x] Diffs for related fields are grouped or rendered close to each other. For example: - [x] Index patterns + Data view id - [x] Custom query + Filters + Language + Saved query id - [x] The tab uses the response from the `upgrade/_review` API endpoint and doesn't need any other API calls to render itself. - [x] The tab renders itself under 150ms. ### Screenshots <img width="1587" alt="Screenshot 2024-02-07 at 1 36 34 AM" src="https://github.com/elastic/kibana/assets/56367316/85dce529-064e-4025-b82c-2e89f6ec800b"> <img width="994" alt="Screenshot 2024-02-07 at 1 36 52 AM" src="https://github.com/elastic/kibana/assets/56367316/c226973f-ad46-4565-90c0-437316b138b4"> ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: jpdjere <[email protected]>
CoenWarmer
pushed a commit
to CoenWarmer/kibana
that referenced
this issue
Feb 15, 2024
## Summary Addresses elastic#166489 Docs issue: elastic/security-docs#4783 Adds per-field diffs for the rule upgrade flyout ### Acceptance Criteria - [x] The tab with per-field diffs is hidden behind a new feature flag. When the flag is off, the tab does not appear in the flyout. The tab should work regardless of the value of `jsonPrebuiltRulesDiffingEnabled`. - [x] Per-field diffs are read-only components. We don't need to let the user "merge" differences using these components. - [x] Diffs for complex fields are rendered as JSON diffs using the same component used for rendering the JSON diff for the whole rule. This means this component should be abstracted away and should accept `unknown` values in props instead of `RuleResponse`. - [x] Diffs for related fields are grouped or rendered close to each other. For example: - [x] Index patterns + Data view id - [x] Custom query + Filters + Language + Saved query id - [x] The tab uses the response from the `upgrade/_review` API endpoint and doesn't need any other API calls to render itself. - [x] The tab renders itself under 150ms. ### Screenshots <img width="1587" alt="Screenshot 2024-02-07 at 1 36 34 AM" src="https://github.com/elastic/kibana/assets/56367316/85dce529-064e-4025-b82c-2e89f6ec800b"> <img width="994" alt="Screenshot 2024-02-07 at 1 36 52 AM" src="https://github.com/elastic/kibana/assets/56367316/c226973f-ad46-4565-90c0-437316b138b4"> ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: jpdjere <[email protected]>
fkanout
pushed a commit
to fkanout/kibana
that referenced
this issue
Mar 4, 2024
## Summary Addresses elastic#166489 Docs issue: elastic/security-docs#4783 Adds per-field diffs for the rule upgrade flyout ### Acceptance Criteria - [x] The tab with per-field diffs is hidden behind a new feature flag. When the flag is off, the tab does not appear in the flyout. The tab should work regardless of the value of `jsonPrebuiltRulesDiffingEnabled`. - [x] Per-field diffs are read-only components. We don't need to let the user "merge" differences using these components. - [x] Diffs for complex fields are rendered as JSON diffs using the same component used for rendering the JSON diff for the whole rule. This means this component should be abstracted away and should accept `unknown` values in props instead of `RuleResponse`. - [x] Diffs for related fields are grouped or rendered close to each other. For example: - [x] Index patterns + Data view id - [x] Custom query + Filters + Language + Saved query id - [x] The tab uses the response from the `upgrade/_review` API endpoint and doesn't need any other API calls to render itself. - [x] The tab renders itself under 150ms. ### Screenshots <img width="1587" alt="Screenshot 2024-02-07 at 1 36 34 AM" src="https://github.com/elastic/kibana/assets/56367316/85dce529-064e-4025-b82c-2e89f6ec800b"> <img width="994" alt="Screenshot 2024-02-07 at 1 36 52 AM" src="https://github.com/elastic/kibana/assets/56367316/c226973f-ad46-4565-90c0-437316b138b4"> ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: jpdjere <[email protected]>
joepeeples
changed the title
[Request] Prebuilt rule customization - per-field rule diffs
Prebuilt rule customization - per-field rule diffs
Mar 4, 2024
PRs merged for both classic and serverless |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
Docset: ESS
Issues that apply to docs in the Stack release
Docset: Serverless
Issues for Serverless Security
Feature: Prebuilt rules
Feature: Rules
Team: Detections/Response
Detections and Response
v8.13.0
Description
As part of Prebuilt Rule Customization, users will be able to view a per-field list of component diffs for updated prebuilt rules, giving them visibility into how each rule is changing when Elastic sends out updated rules.
Background & resources
Condensed docs issue template info
8.13.0
perFieldPrebuiltRulesDiffingEnabled
Docs Pull Requests
The text was updated successfully, but these errors were encountered: