Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Add "Customized Elastic rule" badge to Rule Details page #186914

Conversation

nikitaindik
Copy link
Contributor

@nikitaindik nikitaindik commented Jun 25, 2024

Resolves: #180170

Summary

This PR adds a "Customized Elastic rule" badge to the Rule Details page. This badge is only displayed if a rule has rule_source.is_customized set to true and the feature flag is turned on.

Tests for this feature will be added later under a separate ticket (#186916).

Screenshots

Customized Elastic rule – has badge
Scherm­afbeelding 2024-06-25 om 19 29 47

Custom rule – no badge
Scherm­afbeelding 2024-06-25 om 19 29 02

@nikitaindik nikitaindik requested a review from a team as a code owner June 25, 2024 17:33
@nikitaindik nikitaindik requested a review from xcrzx June 25, 2024 17:33
@nikitaindik nikitaindik self-assigned this Jun 25, 2024
@nikitaindik nikitaindik added release_note:skip Skip the PR/issue when compiling release notes Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area v8.15.0 labels Jun 25, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

@nikitaindik nikitaindik changed the title [Security Solution] Add Customized Elastic rule` to Rule Details page [Security Solution] Add "Customized Elastic rule" badge to Rule Details page Jun 25, 2024
Copy link
Contributor

@dplumlee dplumlee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thanks @nikitaindik!

<>
<EuiFlexGroup gutterSize="xs" alignItems="center" justifyContent="flexStart">
<EuiFlexGroup gutterSize="m" alignItems="center" justifyContent="flexStart">
{rule?.rule_source?.type === 'external' && rule.rule_source.is_customized && (
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We might also need to check for the rule customization feature flag before showing this badge. Our users could already have customized rules before we release this feature.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right! I forgot that rules can be modified via API. Added the feature flag check.

@nikitaindik nikitaindik marked this pull request as draft June 26, 2024 10:01
@nikitaindik nikitaindik force-pushed the rule-customized-indication-rule-details-page branch from 2034003 to d5fdc48 Compare June 26, 2024 10:05
@nikitaindik nikitaindik marked this pull request as ready for review June 26, 2024 10:07
@nikitaindik nikitaindik requested a review from a team as a code owner June 26, 2024 10:07
Copy link
Contributor

@banderror banderror left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great, thank you @nikitaindik 👍 ✅

@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 5533 5535 +2

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 13.7MB 13.7MB +1.5KB

History

  • 💛 Build #217737 was flaky 69063cba10096f97ac4c4af282fe2574c2b4d423

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @nikitaindik

@nikitaindik nikitaindik merged commit 199e2ad into elastic:main Jun 26, 2024
36 checks passed
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Jun 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:skip This commit does not require backporting Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area release_note:skip Skip the PR/issue when compiling release notes Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.15.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Security Solution] Show if a rule is customized on the Rule Details page
8 participants