Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution]Data view details twice in Rule Definition section #164828

Closed
ghost opened this issue Aug 25, 2023 · 8 comments · Fixed by #164494
Closed

[Security Solution]Data view details twice in Rule Definition section #164828

ghost opened this issue Aug 25, 2023 · 8 comments · Fixed by #164494
Assignees
@yctercero
Labels
bug Fixes for quality problems that affect the customer experience fixed impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Detection Engine Security Solution Detection Engine Area Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.9.2 v8.10.0

Comments

@ghost
Copy link

ghost commented Aug 25, 2023

Describe the bug:
Data view details twice in Rule Definition section

Kibana/Elasticsearch Stack version
Version: 8.10.0 BC2
Commit: fa3473f
Build: 66107

Browser and Browser OS Version:
Firefox for windows OS
Version: 116.0.3

Elastic Endpoint Version:
v8.10.2

Original install method:
Build summary: https://staging.elastic.co/8.10.0-049269aa/summary-8.10.0.html

Functional Area:
Data View Rule

Initial Setup:

  • Rule with Data View should be available

Steps to reproduce

  • Go to Rule Created using data view
  • Check Rule Definition section on Rule Details Page
  • Observed that details of data view used is shown twice

Additional Observation

  • Issue is also occuring the Rule details preview as it is picking details from the rule details page
  • Issue is occuring on 8.9.1 as well

image

Current behavior

  • Data view details twice in Rule Definition section

Expected behavior:

  • Data view details should show only once in Rule Definition section

Screen-Shot:

image

Errors in browser console:

None

Any additional context (logs, chat logs, magical formulas, etc.):

None
@ghost ghost added bug Fixes for quality problems that affect the customer experience triage_needed Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Aug 25, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@ghost ghost added the impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. label Aug 25, 2023
@ghost
Copy link
Author

ghost commented Aug 25, 2023

@amolnater-qasource please review

@amolnater-qasource
Copy link

Reviewed & assigned to @MadameSheema

@MadameSheema MadameSheema added Team:Detection Engine Security Solution Detection Engine Area Team:Detections and Resp Security Detection Response Team labels Aug 25, 2023
@yctercero
Copy link
Contributor

Being addressed by @nikitaindik here - #164494

@nikitaindik nikitaindik mentioned this issue Aug 26, 2023
Merged
1 task
nikitaindik added a commit that referenced this issue Aug 28, 2023
@yctercero @nikitaindik
[Rule Details] - Update rule details data view id text (#164494)
31e9557 
**Resolves: #164828
**Related UX writing issue:
elastic/ux-writing#46

## Summary

In rule details page, when a rule has a data view selected, two labels
show up as "Data View". This appears to be a bug, as one of those labels
should be "Data view ID" and another should be "Data view index
pattern".

Thanks to @MadameSheema @nikitaindik for finding this. 

### Before 

![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)

### After
<img width="808" alt="Screenshot 2023-08-26 at 19 30 54"
src="https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58">


### Checklist

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)

---------

Co-authored-by: Nikita Indik <nikita.indik@elastic.co>
kibanamachine pushed a commit to kibanamachine/kibana that referenced this issue Aug 28, 2023
@yctercero
[Rule Details] - Update rule details data view id text (elastic#164494)
4b7594b 
**Resolves: elastic#164828
**Related UX writing issue:
elastic/ux-writing#46

## Summary

In rule details page, when a rule has a data view selected, two labels
show up as "Data View". This appears to be a bug, as one of those labels
should be "Data view ID" and another should be "Data view index
pattern".

Thanks to @MadameSheema @nikitaindik for finding this.

### Before

![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)

### After
<img width="808" alt="Screenshot 2023-08-26 at 19 30 54"
src="https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58">

### Checklist

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)

---------

Co-authored-by: Nikita Indik <nikita.indik@elastic.co>
(cherry picked from commit 31e9557)
nikitaindik pushed a commit to nikitaindik/kibana that referenced this issue Aug 28, 2023
@yctercero @nikitaindik
[Rule Details] - Update rule details data view id text (elastic#164494)
85684db 
**Resolves: elastic#164828
**Related UX writing issue:
elastic/ux-writing#46

In rule details page, when a rule has a data view selected, two labels
show up as "Data View". This appears to be a bug, as one of those labels
should be "Data view ID" and another should be "Data view index
pattern".

Thanks to @MadameSheema @nikitaindik for finding this.

![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)

<img width="808" alt="Screenshot 2023-08-26 at 19 30 54"
src="https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58">

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)

---------

Co-authored-by: Nikita Indik <nikita.indik@elastic.co>
(cherry picked from commit 31e9557)
kibanamachine referenced this issue Aug 28, 2023
@kibanamachine @yctercero
[8.10] [Rule Details] - Update rule details data view id text (#164494)…
52d4bc4 
… (#165015)

# Backport

This will backport the following commits from `main` to `8.10`:
- [[Rule Details] - Update rule details data view id text
(#164494)](#164494)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Yara
Tercero","email":"yctercero@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-08-28T16:29:00Z","message":"[Rule
Details] - Update rule details data view id text
(#164494)\n\n**Resolves:
https://github.com/elastic/kibana/issues/164828**\r\n**Related UX
writing
issue:\r\nhttps://github.com/elastic/ux-writing/issues/46**\r\n\r\n##
Summary\r\n\r\nIn rule details page, when a rule has a data view
selected, two labels\r\nshow up as \"Data View\". This appears to be a
bug, as one of those labels\r\nshould be \"Data view ID\" and another
should be \"Data view index\r\npattern\".\r\n\r\nThanks to @MadameSheema
@nikitaindik for finding this. \r\n\r\n### Before
\r\n\r\n![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)\r\n\r\n###
After\r\n<img width=\"808\" alt=\"Screenshot 2023-08-26 at 19 30
54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
Nikita Indik
<nikita.indik@elastic.co>","sha":"31e95574ae6d8cfa9e0ba4595e1068e9391b423d","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:Detection
Rule Management","ui-copy","Feature:Rule Details","Team:Detection
Engine","v8.10.0","v8.11.0","v8.9.2"],"number":164494,"url":"https://github.com/elastic/kibana/pull/164494","mergeCommit":{"message":"[Rule
Details] - Update rule details data view id text
(#164494)\n\n**Resolves:
https://github.com/elastic/kibana/issues/164828**\r\n**Related UX
writing
issue:\r\nhttps://github.com/elastic/ux-writing/issues/46**\r\n\r\n##
Summary\r\n\r\nIn rule details page, when a rule has a data view
selected, two labels\r\nshow up as \"Data View\". This appears to be a
bug, as one of those labels\r\nshould be \"Data view ID\" and another
should be \"Data view index\r\npattern\".\r\n\r\nThanks to @MadameSheema
@nikitaindik for finding this. \r\n\r\n### Before
\r\n\r\n![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)\r\n\r\n###
After\r\n<img width=\"808\" alt=\"Screenshot 2023-08-26 at 19 30
54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
Nikita Indik
<nikita.indik@elastic.co>","sha":"31e95574ae6d8cfa9e0ba4595e1068e9391b423d"}},"sourceBranch":"main","suggestedTargetBranches":["8.10","8.9"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164494","number":164494,"mergeCommit":{"message":"[Rule
Details] - Update rule details data view id text
(#164494)\n\n**Resolves:
https://github.com/elastic/kibana/issues/164828**\r\n**Related UX
writing
issue:\r\nhttps://github.com/elastic/ux-writing/issues/46**\r\n\r\n##
Summary\r\n\r\nIn rule details page, when a rule has a data view
selected, two labels\r\nshow up as \"Data View\". This appears to be a
bug, as one of those labels\r\nshould be \"Data view ID\" and another
should be \"Data view index\r\npattern\".\r\n\r\nThanks to @MadameSheema
@nikitaindik for finding this. \r\n\r\n### Before
\r\n\r\n![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)\r\n\r\n###
After\r\n<img width=\"808\" alt=\"Screenshot 2023-08-26 at 19 30
54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
Nikita Indik
<nikita.indik@elastic.co>","sha":"31e95574ae6d8cfa9e0ba4595e1068e9391b423d"}},{"branch":"8.9","label":"v8.9.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
nikitaindik referenced this issue Aug 28, 2023
@nikitaindik @yctercero
[8.9] [Rule Details] - Update rule details data view id text (#164494) (
098c0aa 
#165021)

# Backport

This will backport the following commits from `main` to `8.9`:
- [[Rule Details] - Update rule details data view id text
(#164494)](#164494)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Yara
Tercero","email":"yctercero@users.noreply.github.com"},"sourceCommit":{"committedDate":"2023-08-28T16:29:00Z","message":"[Rule
Details] - Update rule details data view id text
(#164494)\n\n**Resolves:
https://github.com/elastic/kibana/issues/164828**\r\n**Related UX
writing
issue:\r\nhttps://github.com/elastic/ux-writing/issues/46**\r\n\r\n##
Summary\r\n\r\nIn rule details page, when a rule has a data view
selected, two labels\r\nshow up as \"Data View\". This appears to be a
bug, as one of those labels\r\nshould be \"Data view ID\" and another
should be \"Data view index\r\npattern\".\r\n\r\nThanks to @MadameSheema
@nikitaindik for finding this. \r\n\r\n### Before
\r\n\r\n![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)\r\n\r\n###
After\r\n<img width=\"808\" alt=\"Screenshot 2023-08-26 at 19 30
54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
Nikita Indik
<nikita.indik@elastic.co>","sha":"31e95574ae6d8cfa9e0ba4595e1068e9391b423d","branchLabelMapping":{"^v8.11.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:Detection
Rule Management","ui-copy","Feature:Rule Details","Team:Detection
Engine","v8.10.0","v8.11.0","v8.9.2"],"number":164494,"url":"https://github.com/elastic/kibana/pull/164494","mergeCommit":{"message":"[Rule
Details] - Update rule details data view id text
(#164494)\n\n**Resolves:
https://github.com/elastic/kibana/issues/164828**\r\n**Related UX
writing
issue:\r\nhttps://github.com/elastic/ux-writing/issues/46**\r\n\r\n##
Summary\r\n\r\nIn rule details page, when a rule has a data view
selected, two labels\r\nshow up as \"Data View\". This appears to be a
bug, as one of those labels\r\nshould be \"Data view ID\" and another
should be \"Data view index\r\npattern\".\r\n\r\nThanks to @MadameSheema
@nikitaindik for finding this. \r\n\r\n### Before
\r\n\r\n![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)\r\n\r\n###
After\r\n<img width=\"808\" alt=\"Screenshot 2023-08-26 at 19 30
54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
Nikita Indik
<nikita.indik@elastic.co>","sha":"31e95574ae6d8cfa9e0ba4595e1068e9391b423d"}},"sourceBranch":"main","suggestedTargetBranches":["8.9"],"targetPullRequestStates":[{"branch":"8.10","label":"v8.10.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/165015","number":165015,"state":"OPEN"},{"branch":"main","label":"v8.11.0","labelRegex":"^v8.11.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/164494","number":164494,"mergeCommit":{"message":"[Rule
Details] - Update rule details data view id text
(#164494)\n\n**Resolves:
https://github.com/elastic/kibana/issues/164828**\r\n**Related UX
writing
issue:\r\nhttps://github.com/elastic/ux-writing/issues/46**\r\n\r\n##
Summary\r\n\r\nIn rule details page, when a rule has a data view
selected, two labels\r\nshow up as \"Data View\". This appears to be a
bug, as one of those labels\r\nshould be \"Data view ID\" and another
should be \"Data view index\r\npattern\".\r\n\r\nThanks to @MadameSheema
@nikitaindik for finding this. \r\n\r\n### Before
\r\n\r\n![image](https://github.com/elastic/kibana/assets/10927944/8ac8b6d4-1005-4c03-a71a-31216a1287c5)\r\n\r\n###
After\r\n<img width=\"808\" alt=\"Screenshot 2023-08-26 at 19 30
54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/15949146/b511bf92-0e90-4455-834c-36b8e75b2a58\">\r\n\r\n\r\n###
Checklist\r\n\r\n- [x] Any text added follows [EUI's
writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing),
uses\r\nsentence case text and includes
[i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n\r\n---------\r\n\r\nCo-authored-by:
Nikita Indik
<nikita.indik@elastic.co>","sha":"31e95574ae6d8cfa9e0ba4595e1068e9391b423d"}},{"branch":"8.9","label":"v8.9.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->

Co-authored-by: Yara Tercero <yctercero@users.noreply.github.com>
@MadameSheema
Copy link
Member

Pending to be validated.

@MadameSheema MadameSheema reopened this Aug 30, 2023
@cybersecdiva cybersecdiva added the QA:Validated Issue has been validated by QA label Aug 31, 2023
@cybersecdiva
Copy link

  • I have validated the issue is fixed ✅ in 8.10.0 BC3
  • Data view details have been updated to show Data View and Data view index pattern as two separate entities in Rules Definition
VERSION: 8.10.0
BUILD: 66261
COMMIT: 56348fa0ed0719679e24d6c58dc3dbee03928c4e

Screenshots:

Screenshot 2023-08-31 at 3 52 08 PM

Screen recording:

Data.view.and.rule.definition.mp4

@MadameSheema FYI QA Validation ✅

@ghost ghost closed this as completed Sep 1, 2023
@ghost
Copy link
Author

ghost commented Sep 1, 2023

Hi @MadameSheema

We have validated this issue on 8.10 BC3 and found the issue to be fixed now ✔️ .

Kibana/Elasticsearch Stack version

Version: 8.10.0 BC3
Commit: 56348fa0ed0719679e24d6c58dc3dbee03928c4e
Build: 66261

Screen-Cast:

image

Hence we are closing this issue and adding "QA:Validated" tag to it.

thanks !!

@ghost
Copy link
Author

ghost commented Sep 1, 2023

Hi @MadameSheema

We have validated this issue on 8.9.2 BC1 and found the issue to be fixed now ✔️ .

Kibana/Elasticsearch Stack version
Version: 8.9.2 BC1
COMMIT: 21f3ebd
Build: 64883

Screen-Shot:

image

Hence we are closing this issue and adding "QA:Validated" tag to it.

thanks !!

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yctercero yctercero

Labels
bug Fixes for quality problems that affect the customer experience fixed impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Detection Engine Security Solution Detection Engine Area Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.9.2 v8.10.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Rule Details] - Update rule details data view id text yctercero/kibana
5 participants
@yctercero @elasticmachine @MadameSheema @cybersecdiva @amolnater-qasource