Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Prebuilt rule customization - per-field rule diffs #4783

Closed
2 tasks done
Tracked by #174167
dplumlee opened this issue Feb 8, 2024 · 1 comment
Closed
2 tasks done
Tracked by #174167

Prebuilt rule customization - per-field rule diffs #4783

dplumlee opened this issue Feb 8, 2024 · 1 comment
Assignees
Labels
Docset: ESS Issues that apply to docs in the Stack release Docset: Serverless Issues for Serverless Security Feature: Prebuilt rules Feature: Rules Team: Detections/Response Detections and Response v8.13.0

Comments

@dplumlee
Copy link
Contributor

dplumlee commented Feb 8, 2024

Description

As part of Prebuilt Rule Customization, users will be able to view a per-field list of component diffs for updated prebuilt rules, giving them visibility into how each rule is changing when Elastic sends out updated rules.

Screenshot 2024-02-08 at 1 35 05 AM

Background & resources

Condensed docs issue template info

  • Which documentation set does this change impact? ESS and serverless
  • ESS release: 8.13.0
  • Serverless release: March 4th
  • Feature differences: The feature is identical in ESS and serverless
  • API docs impact: No API impact
  • Prerequisites, privileges, feature flags: Feature flag name: perFieldPrebuiltRulesDiffingEnabled

Docs Pull Requests

Preview Give feedback
@joepeeples joepeeples self-assigned this Feb 8, 2024
@joepeeples joepeeples added Team: Detections/Response Detections and Response Feature: Rules Feature: Prebuilt rules Docset: Serverless Issues for Serverless Security Docset: ESS Issues that apply to docs in the Stack release v8.13.0 labels Feb 8, 2024
dplumlee added a commit to elastic/kibana that referenced this issue Feb 12, 2024
## Summary

Addresses #166489
Docs issue: elastic/security-docs#4783

Adds per-field diffs for the rule upgrade flyout 

### Acceptance Criteria

- [x] The tab with per-field diffs is hidden behind a new feature flag.
When the flag is off, the tab does not appear in the flyout. The tab
should work regardless of the value of
`jsonPrebuiltRulesDiffingEnabled`.
- [x] Per-field diffs are read-only components. We don't need to let the
user "merge" differences using these components.
- [x] Diffs for complex fields are rendered as JSON diffs using the same
component used for rendering the JSON diff for the whole rule. This
means this component should be abstracted away and should accept
`unknown` values in props instead of `RuleResponse`.
- [x] Diffs for related fields are grouped or rendered close to each
other. For example:
  - [x] Index patterns + Data view id
  - [x] Custom query + Filters + Language + Saved query id
- [x] The tab uses the response from the `upgrade/_review` API endpoint
and doesn't need any other API calls to render itself.
- [x] The tab renders itself under 150ms.

### Screenshots

<img width="1587" alt="Screenshot 2024-02-07 at 1 36 34 AM"
src="https://github.com/elastic/kibana/assets/56367316/85dce529-064e-4025-b82c-2e89f6ec800b">
<img width="994" alt="Screenshot 2024-02-07 at 1 36 52 AM"
src="https://github.com/elastic/kibana/assets/56367316/c226973f-ad46-4565-90c0-437316b138b4">

### Checklist

Delete any items that are not applicable to this PR.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

---------

Co-authored-by: jpdjere <[email protected]>
CoenWarmer pushed a commit to CoenWarmer/kibana that referenced this issue Feb 15, 2024
## Summary

Addresses elastic#166489
Docs issue: elastic/security-docs#4783

Adds per-field diffs for the rule upgrade flyout 

### Acceptance Criteria

- [x] The tab with per-field diffs is hidden behind a new feature flag.
When the flag is off, the tab does not appear in the flyout. The tab
should work regardless of the value of
`jsonPrebuiltRulesDiffingEnabled`.
- [x] Per-field diffs are read-only components. We don't need to let the
user "merge" differences using these components.
- [x] Diffs for complex fields are rendered as JSON diffs using the same
component used for rendering the JSON diff for the whole rule. This
means this component should be abstracted away and should accept
`unknown` values in props instead of `RuleResponse`.
- [x] Diffs for related fields are grouped or rendered close to each
other. For example:
  - [x] Index patterns + Data view id
  - [x] Custom query + Filters + Language + Saved query id
- [x] The tab uses the response from the `upgrade/_review` API endpoint
and doesn't need any other API calls to render itself.
- [x] The tab renders itself under 150ms.

### Screenshots

<img width="1587" alt="Screenshot 2024-02-07 at 1 36 34 AM"
src="https://github.com/elastic/kibana/assets/56367316/85dce529-064e-4025-b82c-2e89f6ec800b">
<img width="994" alt="Screenshot 2024-02-07 at 1 36 52 AM"
src="https://github.com/elastic/kibana/assets/56367316/c226973f-ad46-4565-90c0-437316b138b4">

### Checklist

Delete any items that are not applicable to this PR.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

---------

Co-authored-by: jpdjere <[email protected]>
fkanout pushed a commit to fkanout/kibana that referenced this issue Mar 4, 2024
## Summary

Addresses elastic#166489
Docs issue: elastic/security-docs#4783

Adds per-field diffs for the rule upgrade flyout 

### Acceptance Criteria

- [x] The tab with per-field diffs is hidden behind a new feature flag.
When the flag is off, the tab does not appear in the flyout. The tab
should work regardless of the value of
`jsonPrebuiltRulesDiffingEnabled`.
- [x] Per-field diffs are read-only components. We don't need to let the
user "merge" differences using these components.
- [x] Diffs for complex fields are rendered as JSON diffs using the same
component used for rendering the JSON diff for the whole rule. This
means this component should be abstracted away and should accept
`unknown` values in props instead of `RuleResponse`.
- [x] Diffs for related fields are grouped or rendered close to each
other. For example:
  - [x] Index patterns + Data view id
  - [x] Custom query + Filters + Language + Saved query id
- [x] The tab uses the response from the `upgrade/_review` API endpoint
and doesn't need any other API calls to render itself.
- [x] The tab renders itself under 150ms.

### Screenshots

<img width="1587" alt="Screenshot 2024-02-07 at 1 36 34 AM"
src="https://github.com/elastic/kibana/assets/56367316/85dce529-064e-4025-b82c-2e89f6ec800b">
<img width="994" alt="Screenshot 2024-02-07 at 1 36 52 AM"
src="https://github.com/elastic/kibana/assets/56367316/c226973f-ad46-4565-90c0-437316b138b4">

### Checklist

Delete any items that are not applicable to this PR.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials


### For maintainers

- [ ] This was checked for breaking API changes and was [labeled
appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)

---------

Co-authored-by: jpdjere <[email protected]>
@joepeeples joepeeples changed the title [Request] Prebuilt rule customization - per-field rule diffs Prebuilt rule customization - per-field rule diffs Mar 4, 2024
@joepeeples
Copy link
Contributor

PRs merged for both classic and serverless

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Docset: ESS Issues that apply to docs in the Stack release Docset: Serverless Issues for Serverless Security Feature: Prebuilt rules Feature: Rules Team: Detections/Response Detections and Response v8.13.0
Projects
None yet
Development

No branches or pull requests

2 participants