Skip to content

Commit

Permalink
[8.x] [Cloud Security] Temporarily disabled rule creation for 3P find…
Browse files Browse the repository at this point in the history 
…ings (elastic#196185) (elastic#196268)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Cloud Security] Temporarily disabled rule creation for 3P findings
(elastic#196185)](elastic#196185)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT
[{"author":{"name":"Jordan","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-15T09:56:18Z","message":"[Cloud
Security] Temporarily disabled rule creation for 3P findings
(elastic#196185)","sha":"3034dc86a778d8acdf0240fe00f0354132f03bd7","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Cloud
Security","backport:prev-minor"],"title":"[Cloud Security] Temporarily
disabled rule creation for 3P
findings","number":196185,"url":"https://github.com/elastic/kibana/pull/196185","mergeCommit":{"message":"[Cloud
Security] Temporarily disabled rule creation for 3P findings
(elastic#196185)","sha":"3034dc86a778d8acdf0240fe00f0354132f03bd7"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/196185","number":196185,"mergeCommit":{"message":"[Cloud
Security] Temporarily disabled rule creation for 3P findings
(elastic#196185)","sha":"3034dc86a778d8acdf0240fe00f0354132f03bd7"}}]}]
BACKPORT-->

Co-authored-by: Jordan <[email protected]>
  • Loading branch information
@kibanamachine @JordanSh
kibanamachine and JordanSh authored Oct 15, 2024
1 parent 06d98dc commit d2ef45f
Show file tree
Hide file tree
Showing 4 changed files with 44 additions and 10 deletions.
32 changes: 24 additions & 8 deletions x-pack/plugins/cloud_security_posture/public/components/detection_rule_counter.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import { METRIC_TYPE } from '@kbn/analytics';
import { useHistory } from 'react-router-dom';
import useSessionStorage from 'react-use/lib/useSessionStorage';
import { useQueryClient } from '@tanstack/react-query';
import { i18n as kbnI18n } from '@kbn/i18n';
import { useFetchDetectionRulesAlertsStatus } from '../common/api/use_fetch_detection_rules_alerts_status';
import { useFetchDetectionRulesByTags } from '../common/api/use_fetch_detection_rules_by_tags';
import { RuleResponse } from '../common/types';
Expand Down Expand Up @@ -67,15 +68,30 @@ export const DetectionRuleCounter = ({ tags, createRuleFn }: DetectionRuleCounte
}, [history]);

const createDetectionRuleOnClick = useCallback(async () => {
uiMetricService.trackUiMetric(METRIC_TYPE.CLICK, CREATE_DETECTION_RULE_FROM_FLYOUT);
const startServices = { analytics, notifications, i18n, theme };
setIsCreateRuleLoading(true);
const ruleResponse = await createRuleFn(http);
setIsCreateRuleLoading(false);
showCreateDetectionRuleSuccessToast(startServices, http, ruleResponse);
// Triggering a refetch of rules and alerts to update the UI
queryClient.invalidateQueries([DETECTION_ENGINE_RULES_KEY]);
queryClient.invalidateQueries([DETECTION_ENGINE_ALERTS_KEY]);

try {
setIsCreateRuleLoading(true);
uiMetricService.trackUiMetric(METRIC_TYPE.CLICK, CREATE_DETECTION_RULE_FROM_FLYOUT);

const ruleResponse = await createRuleFn(http);

setIsCreateRuleLoading(false);
showCreateDetectionRuleSuccessToast(startServices, http, ruleResponse);

// Triggering a refetch of rules and alerts to update the UI
queryClient.invalidateQueries([DETECTION_ENGINE_RULES_KEY]);
queryClient.invalidateQueries([DETECTION_ENGINE_ALERTS_KEY]);
} catch (e) {
setIsCreateRuleLoading(false);

notifications.toasts.addWarning({
title: kbnI18n.translate('xpack.csp.detectionRuleCounter.alerts.createRuleErrorTitle', {
defaultMessage: 'Coming Soon',
}),
text: e.message,
});
}
}, [createRuleFn, http, analytics, notifications, i18n, theme, queryClient]);

if (alertsIsError) return <>{'-'}</>;
Expand Down
10 changes: 9 additions & 1 deletion ...ecurity_posture/public/pages/configurations/utils/create_detection_rule_from_benchmark.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@
import { HttpSetup } from '@kbn/core/public';
import { LATEST_FINDINGS_RETENTION_POLICY } from '@kbn/cloud-security-posture-common';
import type { CspBenchmarkRule } from '@kbn/cloud-security-posture-common/schema/rules/latest';
import { i18n } from '@kbn/i18n';
import { FINDINGS_INDEX_PATTERN } from '../../../../common/constants';

import { createDetectionRule } from '../../../common/api/create_detection_rule';
import { generateBenchmarkRuleTags } from '../../../../common/utils/detection_rules';

Expand Down Expand Up @@ -63,6 +63,14 @@ export const createDetectionRuleFromBenchmarkRule = async (
http: HttpSetup,
benchmarkRule: CspBenchmarkRule['metadata']
) => {
if (!benchmarkRule.benchmark?.posture_type) {
throw new Error(
i18n.translate('xpack.csp.createDetectionRuleFromBenchmarkRule.createRuleErrorMessage', {
defaultMessage: 'Rule creation is currently only available for Elastic findings',
})
);
}

return await createDetectionRule({
http,
rule: {
Expand Down
2 changes: 1 addition & 1 deletion ...sture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jest.mock('../../../common/utils/is_native_csp_finding', () => ({
isNativeCspFinding: jest.fn(),
}));

describe('CreateDetectionRuleFromVulnerability', () => {
describe.skip('CreateDetectionRuleFromVulnerability', () => {
describe('getVulnerabilityTags', () => {
it('should return tags with CSP_RULE_TAG and vulnerability id', () => {
const mockVulnerability = {
Expand Down
10 changes: 10 additions & 0 deletions ...ty_posture/public/pages/vulnerabilities/utils/create_detection_rule_from_vulnerability.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import {
VULNERABILITIES_SEVERITY,
} from '@kbn/cloud-security-posture-common';
import type { Vulnerability } from '@kbn/cloud-security-posture-common/schema/vulnerabilities/latest';
import { CSP_VULN_DATASET } from '../../../common/utils/get_vendor_name';
import { isNativeCspFinding } from '../../../common/utils/is_native_csp_finding';
import { VULNERABILITIES_INDEX_PATTERN } from '../../../../common/constants';
import { createDetectionRule } from '../../../common/api/create_detection_rule';
Expand Down Expand Up @@ -87,6 +88,15 @@ export const createDetectionRuleFromVulnerabilityFinding = async (
http: HttpSetup,
vulnerabilityFinding: CspVulnerabilityFinding
) => {
if (vulnerabilityFinding.data_stream?.dataset !== CSP_VULN_DATASET) {
throw new Error(
i18n.translate(
'xpack.csp.createDetectionRuleFromVulnerabilityFinding.createRuleErrorMessage',
{ defaultMessage: 'Rule creation is currently only available for Elastic findings' }
)
);
}

const tags = getVulnerabilityTags(vulnerabilityFinding);
const vulnerability = vulnerabilityFinding.vulnerability;

Expand Down

0 comments on commit d2ef45f

Please sign in to comment.