[Alerting] Enable rule import/export and allow rule types to exclude themselves from export #102999
Conversation
…ing/enable-rule-export-with-exclusions
ymao1
changed the title
ymao1
added
Feature:Alerting
release_note:skip
|
Pinging @elastic/kibana-alerting-services (Team:Alerting Services) |
botelastic
bot
added
Team:APM
|
Pinging @elastic/uptime (Team:uptime) |
|
Pinging @elastic/apm-ui (Team:apm) |
| @@ -57,6 +57,7 @@ export const mlAlertType = createSecurityMlRuleType({ | |||
| context: [{ name: 'server', description: 'the server' }], | |||
| }, | |||
| minimumLicenseRequired: 'basic', | |||
| isExportable: false, | |||
There was a problem hiding this comment.
Thanks, I realize this is commented out for some reason , but this should be good for when it's not.
|
Tested and the export button exists and the export shows a download but then opening it up I see this I think is expected behavior that we do exports but some are not exportable and then we track those. {"excludedObjects":[{"id":"9f28f534-c54c-11eb-844b-6346fd2e707c","reason":"excluded","type":"alert"}],"excludedObjectsCount":1,"exportedCount":0,"missingRefCount":0,"missingReferences":[]}However, the DELETE behavior actually throws up an error dialog which is different UI/UX. If this is expected that is ok, sounds like it is. But just mentioning the not-exportable vs. the not-deletable look like two different things we do within the UI/UX
|
|
On Import I see this with those types of exports, but I think this is also expected behavior?
I didn't try to do mixed and don't know what the expected behavior of re-importing things that contain unexportables are but this is a FYI. I did get this crash in my console: So this might be something missing with the re-import and this PR. |
|
Tested import/export within the security_solutions and we look good there so far 👍 that we can still import export. We also have e2e tests and Cypress tests so those would have caught it as well |
|
@FrankHassanabad Thank you for the thorough review! The DELETE behavior is the current expected in the Saved Objects Management UI because rules are considered a It looks like you've uncovered a bug with importing an When exporting and then importing a mixture of exportable and non-exportable rules, this error does not show up. |
If these assets aren't exportable why does the UI let the user think they are? Additionally, there are no errors displayed in the UI as a result of the export, so without opening an Will defer to the platform UX folks for the path forward here, but without any indication to the user in the UI that these assets weren't exported or aren't exportable, it feels like users could go about their way thinking the export was successful until they go and try to re-import and see it fail, at which point it could be too late. cc @MikePaquette and @paulewing |
@spong See the original discussion in this issue for context, specifically this comment and its replies. Agree that it is not ideal UX but we were trying to balance level of effort with utility. Since the long term goal is to align security rule import/export with the framework, we opted for now a medium LOE in order to make rule import/export through the framework available sooner. |
@spong It is not strictly accurate that there's no indication in the UI. There is a toaster that pops up with the following message:
|
I had missed that toast message, my apologies @ymao1! This is better, but I still think a little misleading when exporting just un-exportable security rules as we're using a success toast when no items were successful. I know these are corner cases and don't think they should hold up this feature, but just wanted to call attention to them as there is potential for confusion to security users here. Thank you for linking the associated issue/conversation as well, will read up from there 🙂 |
…ing/enable-rule-export-with-exclusions
|
Issue with importing a file with no export objects is fixed in this commit: 4a8fc64 Thanks to @pgayvallet! |
ymao1
added
the
auto-backport
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
Page load bundle
History
To update your PR or re-run it, just comment with: cc @ymao1 |
…themselves from export (elastic#102999) * Removing feature flag changes * Adding isExportable flag to rule type definition * Adding isExportable flag to rule type definition * Adding isExportable flag to rule type definition * Filtering rule on export by rule type isExportable flag * Fixing types * Adding docs * Fix condition when exportCount is 0 * Unit test for fix condition when exportCount is 0 Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
💚 Backport successful
This backport PR will be merged automatically after passing CI. |
…themselves from export (#102999) (#103598) * Removing feature flag changes * Adding isExportable flag to rule type definition * Adding isExportable flag to rule type definition * Adding isExportable flag to rule type definition * Filtering rule on export by rule type isExportable flag * Fixing types * Adding docs * Fix condition when exportCount is 0 * Unit test for fix condition when exportCount is 0 Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: ymao1 <ying.mao@elastic.co>
Resolves #101270
Summary
This PR removes the feature flag for enabling import/export of rules and takes advantage of the new
isExportableSO API to exclude security rule types and stack monitoring rule types from being exported.It adds an
isExportableflag to theAlertTypetype so that rule types can indicate whether or not they want they want to be exported from the SO Management UI at registration time. While the rule will still show up in the SO Management UI, a message will be logged for non-exportable rule types and the export file will include a listing and count of rules that were excluded from the export.To Verify
Checklist
Delete any items that are not applicable to this PR.