Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution]While adding rule exception , the auto added comment not have "Alert Id" text in it. #160615

Closed
sukhwindersingh-qasource opened this issue Jun 27, 2023 · 7 comments
Closed

[Security Solution]While adding rule exception , the auto added comment not have "Alert Id" text in it. #160615

sukhwindersingh-qasource opened this issue Jun 27, 2023 · 7 comments
Labels
bug Fixes for quality problems that affect the customer experience fixed impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Detection Engine Security Solution Detection Engine Area Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.9.0

Comments

@sukhwindersingh-qasource
Copy link

Describe the bug:

  • While adding rule exception , the auto added comment not have "Alert Id" text in it.

Build Details:

VERSION: 8.9.0 BC1
BUILD: 64385
COMMIT: 313dac73d8d3bc5930447f732e3ae163fb1b7f70

Preconditions

  • Kibana should be running.
  • Alerts should be present.

Steps to Reproduce

  • Navigate to Alerts page.
  • Click on more option.
  • Click on add rule exception .
  • Navigate to comment section.
  • The auto added comment should have "Alert Id" text in it because we get confuse the digit written belongs to which field.

Actual result

  • While adding rule exception , the auto added comment not have "Alert Id" text in it.

Expected Result

  • While adding rule exception , the auto added comment Should have "Alert Id" text in it.

Screen-Cast

image
@sukhwindersingh-qasource sukhwindersingh-qasource added bug Fixes for quality problems that affect the customer experience triage_needed impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Jun 27, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@vgomez-el vgomez-el added the Team:Detection Engine Security Solution Detection Engine Area label Jun 27, 2023
@vgomez-el
Copy link

@sukhwindersingh-qasource this PR, which contains some fixes to Auto populating the Exception flyout, will be included in 8.9 BC2, can you check if this issue still happens on that BC2 once it is ready, please? Thank you

@yctercero
Copy link
Contributor

++ the text change was included in that PR that @vgomez-el linked to - just not sure if it made the BC2 cut.

@sukhwindersingh-qasource
Copy link
Author

Hi @vgomez-el , @yctercero
We have validated this on the 8.9.0 BC2 and it is not Fixed

Please find the below Testing Details:

Build info

VERSION: 8.9.0 BC2
BUILD: 64459
COMMIT: 6950a2b8207d8388ee8c842d6c0e2b1e1031fd36

Screen-Shot

image

We will validate this on BC3 once it will be available on productions.

Thanks!!

@yctercero
Copy link
Contributor

@sukhwindersingh-qasource it should be in BC3, code is merged. Thanks!

@MadameSheema MadameSheema added fixed v8.9.0 Team:Detections and Resp Security Detection Response Team and removed triage_needed labels Jul 3, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@ghost
Copy link

ghost commented Jul 10, 2023

Hi @yctercero

Thanks for the update and Yes Issue is Fixed on BC3 ✔️ and _id text is now showing in comment section of Rule Exception.

Build Details:

Version: 8.9.0
Commit: fc463b96275c55dc44524f79f617b0026b7f8667
Build: 64584

Screen-Shot

image

Hence we are closing this issue and adding "QA:Validated" tag to it.

thanks !!

@ghost ghost closed this as completed Jul 10, 2023
@ghost ghost added the QA:Validated Issue has been validated by QA label Jul 10, 2023
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience fixed impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Detection Engine Security Solution Detection Engine Area Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.9.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@yctercero @elasticmachine @MadameSheema @sukhwindersingh-qasource @vgomez-el