Normalize EQL cypress tests

* Similiar test descriptions * Similar formatting
elastic · Apr 11, 2024 · de90e0f · de90e0f
1 parent 582a11b
commit de90e0f
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 24 deletions.
diff --git a/...etection_response/detection_engine/rule_creation/event_correlation_rule_suppression.cy.ts b/...etection_response/detection_engine/rule_creation/event_correlation_rule_suppression.cy.ts
@@ -35,7 +35,7 @@ import {
 const SUPPRESS_BY_FIELDS = ['agent.type'];
 
 describe(
-  'Detection rules, Event Correlation, Alert Suppression',
+  'Detection Rule Creation - EQL Rules - With Alert Suppression',
   {
     tags: ['@ess', '@serverless'],
     // alertSuppressionForNonSequenceEqlRuleEnabled feature flag is also enabled in a global config
@@ -50,7 +50,7 @@ describe(
     },
   },
   () => {
-    describe('Non-sequence based Alerts', () => {
+    describe('with non-sequence queries', () => {
       const rule = getEqlRule();
       before(() => {
         cy.task('esArchiverLoad', { archiveName: 'auditbeat_multiple' });
@@ -67,7 +67,7 @@ describe(
         cy.task('esArchiverUnload', { archiveName: 'auditbeat_multiple' });
       });
 
-      it('creates rule with per rule execution suppression', () => {
+      it('creates a rule with a "per rule execution" suppression duration', () => {
         // selecting only suppression fields, the rest options would be default
         fillAlertSuppressionFields(SUPPRESS_BY_FIELDS);
         continueFromDefineStep();
@@ -99,7 +99,7 @@ describe(
         });
       });
 
-      it('creates rule rule with time interval suppression', () => {
+      it('creates a rule with a "per time interval" suppression duration', () => {
         const expectedSuppressByFields = SUPPRESS_BY_FIELDS.slice(0, 1);
 
         // fill suppress by fields and select non-default suppression options

diff --git a/...esponse/detection_engine/rule_creation/event_correlation_rule_suppression_ess_basic.cy.ts b/...esponse/detection_engine/rule_creation/event_correlation_rule_suppression_ess_basic.cy.ts
@@ -32,7 +32,7 @@ import { ruleDetailsUrl } from '../../../../urls/rule_details';
 const SUPPRESS_BY_FIELDS = ['agent.type'];
 
 describe(
-  'Detection rules, Event Correlation, Alert Suppression',
+  'Detection Rule Creation - EQL Rules - With Alert Suppression - Basic License',
   {
     tags: ['@ess'],
     // alertSuppressionForNonSequenceEqlRuleEnabled feature flag is also enabled in a global config
@@ -57,7 +57,7 @@ describe(
       cy.task('esArchiverUnload', { archiveName: 'auditbeat_multiple' });
     });
 
-    it('can not create rule with rule execution suppression on basic license for non-sequence based alerts', () => {
+    it('cannot create a rule with "per rule execution" suppression durations', () => {
       selectEqlRuleType();
 
       cy.get(ALERT_SUPPRESSION_FIELDS_INPUT).should('be.disabled');
@@ -67,7 +67,7 @@ describe(
       cy.get(TOOLTIP).contains('Platinum license');
     });
 
-    it('shows upselling message on rule details with suppression on basic license', () => {
+    it('shows an upselling message on rule suppression details', () => {
       const rule = getEqlRule();
 
       createRule({

diff --git a/...response/detection_engine/rule_creation/event_correlation_rule_suppression_sequence.cy.ts b/...response/detection_engine/rule_creation/event_correlation_rule_suppression_sequence.cy.ts
@@ -13,10 +13,13 @@ import { deleteAlertsAndRules } from '../../../../tasks/api_calls/common';
 import { fillDefineEqlRule, selectEqlRuleType } from '../../../../tasks/create_new_rule';
 
 import { TOOLTIP } from '../../../../screens/common';
-import { ALERT_SUPPRESSION_FIELDS } from '../../../../screens/create_new_rule';
+import {
+  ALERT_SUPPRESSION_FIELDS,
+  ALERT_SUPPRESSION_FIELDS_INPUT,
+} from '../../../../screens/create_new_rule';
 
 describe(
-  'Detection rules, Event Correlation,Disable Sequence Alert Suppression',
+  'Detection Rule Creation - EQL Rules - With Alert Suppression',
   {
     tags: ['@ess', '@serverless'],
     // alertSuppressionForNonSequenceEqlRuleEnabled feature flag is also enabled in a global config
@@ -31,7 +34,7 @@ describe(
     },
   },
   () => {
-    describe('sequence based Alerts', () => {
+    describe('with sequence queries ', () => {
       const rule = getEqlSequenceRule();
 
       beforeEach(() => {
@@ -43,7 +46,9 @@ describe(
         fillDefineEqlRule(rule);
       });
 
-      it('should disable the suppression fields incase of eql sequence query', () => {
+      it('disables the suppression fields and presents an informative tooltip', () => {
+        cy.get(ALERT_SUPPRESSION_FIELDS_INPUT).should('be.disabled');
+
         cy.get(ALERT_SUPPRESSION_FIELDS).trigger('mouseover');
         cy.get(TOOLTIP).contains('Suppression is not supported for EQL sequence queries.');
       });

diff --git a/...ction_engine/rule_creation/event_correlation_rule_suppression_serverless_essentials.cy.ts b/...ction_engine/rule_creation/event_correlation_rule_suppression_serverless_essentials.cy.ts
@@ -26,7 +26,7 @@ import { DEFINITION_DETAILS, SUPPRESS_BY_DETAILS } from '../../../../screens/rul
 const SUPPRESS_BY_FIELDS = ['agent.type'];
 
 describe(
-  'Detection rules, Event Correlation, Alert Suppression',
+  'Detection Rule Creation - EQL Rules - With Alert Suppression  - Serverless Essentials License',
   {
     tags: ['@serverless'],
     // alertSuppressionForNonSequenceEqlRuleEnabled feature flag is also enabled in a global config
@@ -56,21 +56,24 @@ describe(
     after(() => {
       cy.task('esArchiverUnload', { archiveName: 'auditbeat_multiple' });
     });
-    it('creates rule with per rule execution suppression for essentials license for non-sequence based alerts', () => {
-      visit(CREATE_RULE_URL);
-      selectEqlRuleType();
-      fillDefineEqlRule(rule);
 
-      // selecting only suppression fields, the rest options would be default
-      fillAlertSuppressionFields(SUPPRESS_BY_FIELDS);
-      continueFromDefineStep();
+    describe('with non-sequence queries', () => {
+      it('creates a rule with a "per rule execution" suppression duration', () => {
+        visit(CREATE_RULE_URL);
+        selectEqlRuleType();
+        fillDefineEqlRule(rule);
 
-      fillAboutRuleMinimumAndContinue(rule);
-      skipScheduleRuleAction();
-      createRuleWithoutEnabling();
+        // selecting only suppression fields, the rest options would be default
+        fillAlertSuppressionFields(SUPPRESS_BY_FIELDS);
+        continueFromDefineStep();
 
-      cy.get(DEFINITION_DETAILS).within(() => {
-        getDetails(SUPPRESS_BY_DETAILS).should('have.text', SUPPRESS_BY_FIELDS.join(''));
+        fillAboutRuleMinimumAndContinue(rule);
+        skipScheduleRuleAction();
+        createRuleWithoutEnabling();
+
+        cy.get(DEFINITION_DETAILS).within(() => {
+          getDetails(SUPPRESS_BY_DETAILS).should('have.text', SUPPRESS_BY_FIELDS.join(''));
+        });
       });
     });
   }