Add query language support to Rule Details page

x-pack/plugins/security_solution/common/api/detection_engine/prebuilt_rules/review_rule_upgrade/review_rule_upgrade_route.ts

@@ -21,7 +21,7 @@ export interface RuleUpgradeStatsForReview {
   /** Number of installed prebuilt rules available for upgrade (stock + customized) */
   num_rules_to_upgrade_total: number;
 
-  /** Number of installed prebuilt rules with upgrade conflicts (SOLVABLE or NON_SOLVALBE) */
+  /** Number of installed prebuilt rules with upgrade conflicts (SOLVABLE or NON_SOLVABLE) */
   num_rules_with_conflicts: number;
 
   /** Number of installed prebuilt rules with NON_SOLVABLE upgrade conflicts */

x-pack/plugins/security_solution/public/detection_engine/rule_creation_ui/components/description_step/translations.ts

@@ -35,20 +35,41 @@ export const ESQL_QUERY_LABEL = i18n.translate(
   }
 );
 
+export const QUERY_LANGUAGE_LABEL = i18n.translate(
+  'xpack.securitySolution.detectionEngine.createRule.queryLanguageLabel',
+  {
+    defaultMessage: 'Custom query language',
+  }
+);
+
 export const THREAT_QUERY_LABEL = i18n.translate(
   'xpack.securitySolution.detectionEngine.createRule.threatQueryLabel',
   {
     defaultMessage: 'Indicator index query',
   }
 );
 
+export const THREAT_QUERY_LANGUAGE_LABEL = i18n.translate(
+  'xpack.securitySolution.detectionEngine.createRule.threatQueryLanguageLabel',
+  {
+    defaultMessage: 'Indicator index query language',
+  }
+);
+
 export const SAVED_QUERY_NAME_LABEL = i18n.translate(
   'xpack.securitySolution.detectionEngine.createRule.savedIdLabel',
   {
     defaultMessage: 'Saved query name',
   }
 );
 
+export const SAVED_QUERY_LANGUAGE_LABEL = i18n.translate(
+  'xpack.securitySolution.detectionEngine.createRule.savedQueryLanguageLabel',
+  {
+    defaultMessage: 'Saved query language',
+  }
+);
+
 export const SAVED_QUERY_FILTERS_LABEL = i18n.translate(
   'xpack.securitySolution.detectionEngine.createRule.savedQueryFiltersLabel',
   {

x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/helpers.ts

@@ -14,6 +14,7 @@ import {
   SCHEDULE_UPGRADE_FIELD_ORDER,
   SETUP_UPGRADE_FIELD_ORDER,
 } from './constants';
+import * as i18n from './translations';
 
 export const getSectionedFieldDiffs = (fields: FieldsGroupDiff[]) => {
   const aboutFields = [];
@@ -57,3 +58,14 @@ export const filterUnsupportedDiffOutcomes = (
       );
     })
   );
+
+export function getQueryLanguageLabel(language: string) {
+  switch (language) {
+    case 'kuery':
+      return i18n.KUERY_LANGUAGE_LABEL;
+    case 'lucene':
+      return i18n.LUCENE_LANGUAGE_LABEL;
+    default:
+      return language;
+  }
+}

x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/rule_definition_section.tsx

@@ -57,6 +57,7 @@ import {
   queryStyles,
   useRequiredFieldsStyles,
 } from './rule_definition_section.styles';
+import { getQueryLanguageLabel } from './helpers';
 
 interface SavedQueryNameProps {
   savedQueryName: string;
@@ -196,12 +197,17 @@ const AnomalyThreshold = ({ anomalyThreshold }: AnomalyThresholdProps) => (
 );
 
 interface MachineLearningJobListProps {
-  jobIds: string | string[];
+  jobIds?: string | string[];
   isInteractive: boolean;
 }
 
 export const MachineLearningJobList = ({ jobIds, isInteractive }: MachineLearningJobListProps) => {
   const { jobs } = useSecurityJobs();
+
+  if (!jobIds) {
+    return null;
+  }
+
   const jobIdsArray = Array.isArray(jobIds) ? jobIds : [jobIds];
 
   if (isInteractive) {
@@ -440,14 +446,28 @@ const prepareDefinitionSectionListItems = (
   }
 
   if (savedQuery) {
-    definitionSectionListItems.push({
-      title: (
-        <span data-test-subj="savedQueryNamePropertyTitle">
-          {descriptionStepI18n.SAVED_QUERY_NAME_LABEL}
-        </span>
-      ),
-      description: <SavedQueryName savedQueryName={savedQuery.attributes.title} />,
-    });
+    definitionSectionListItems.push(
+      {
+        title: (
+          <span data-test-subj="savedQueryNamePropertyTitle">
+            {descriptionStepI18n.SAVED_QUERY_NAME_LABEL}
+          </span>
+        ),
+        description: <SavedQueryName savedQueryName={savedQuery.attributes.title} />,
+      },
+      {
+        title: (
+          <span data-test-subj="savedQueryLanguagePropertyTitle">
+            {descriptionStepI18n.SAVED_QUERY_LANGUAGE_LABEL}
+          </span>
+        ),
+        description: (
+          <span data-test-subj="savedQueryLanguagePropertyValue">
+            {getQueryLanguageLabel(savedQuery.attributes.query.language)}
+          </span>
+        ),
+      }
+    );
 
     if (savedQuery.attributes.filters) {
       definitionSectionListItems.push({
@@ -514,12 +534,26 @@ const prepareDefinitionSectionListItems = (
         description: <Query query={rule.query} data-test-subj="esqlQueryPropertyValue" />,
       });
     } else {
-      definitionSectionListItems.push({
-        title: (
-          <span data-test-subj="customQueryPropertyTitle">{descriptionStepI18n.QUERY_LABEL}</span>
-        ),
-        description: <Query query={rule.query} data-test-subj="customQueryPropertyValue" />,
-      });
+      definitionSectionListItems.push(
+        {
+          title: (
+            <span data-test-subj="customQueryPropertyTitle">{descriptionStepI18n.QUERY_LABEL}</span>
+          ),
+          description: <Query query={rule.query} data-test-subj="customQueryPropertyValue" />,
+        },
+        {
+          title: (
+            <span data-test-subj="customQueryLanguagePropertyTitle">
+              {descriptionStepI18n.QUERY_LANGUAGE_LABEL}
+            </span>
+          ),
+          description: (
+            <span data-test-subj="customQueryLanguagePropertyValue">
+              {getQueryLanguageLabel(rule.language || '')}
+            </span>
+          ),
+        }
+      );
     }
   }
 
@@ -639,6 +673,21 @@ const prepareDefinitionSectionListItems = (
     });
   }
 
+  if ('threat_language' in rule && rule.threat_language) {
+    definitionSectionListItems.push({
+      title: (
+        <span data-test-subj="threatQueryLanguagePropertyTitle">
+          {descriptionStepI18n.THREAT_QUERY_LANGUAGE_LABEL}
+        </span>
+      ),
+      description: (
+        <span data-test-subj="threatQueryLanguagePropertyValue">
+          {getQueryLanguageLabel(rule.threat_language)}
+        </span>
+      ),
+    });
+  }
+
   if ('new_terms_fields' in rule && rule.new_terms_fields && rule.new_terms_fields.length > 0) {
     definitionSectionListItems.push({
       title: (

x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/field_components/kql_query/inline_kql_query.tsx

@@ -16,22 +16,36 @@ import type {
 } from '../../../../../../../../../common/api/detection_engine';
 import { Query, Filters } from '../../../../rule_definition_section';
 import * as descriptionStepI18n from '../../../../../../../rule_creation_ui/components/description_step/translations';
-import * as i18n from '../translations';
-import { getQueryLanguageLabel } from './utils';
+import { getQueryLanguageLabel } from '../../../../helpers';
+
+const defaultI18nLabels = {
+  query: descriptionStepI18n.QUERY_LABEL,
+  language: descriptionStepI18n.QUERY_LANGUAGE_LABEL,
+  filters: descriptionStepI18n.FILTERS_LABEL,
+};
 
 interface InlineQueryProps {
   kqlQuery: InlineKqlQuery;
   dataSource?: DiffableAllFields['data_source'];
+  i18nLabels?: {
+    query: string;
+    language: string;
+    filters: string;
+  };
 }
 
-export function InlineKqlQueryReadOnly({ kqlQuery, dataSource }: InlineQueryProps) {
+export function InlineKqlQueryReadOnly({
+  kqlQuery,
+  dataSource,
+  i18nLabels = defaultI18nLabels,
+}: InlineQueryProps) {
   const listItems: EuiDescriptionListProps['listItems'] = [
     {
-      title: descriptionStepI18n.QUERY_LABEL,
+      title: i18nLabels.query,
       description: <Query query={kqlQuery.query} />,
     },
     {
-      title: i18n.LANGUAGE_LABEL,
+      title: i18nLabels.language,
       description: getQueryLanguageLabel(kqlQuery.language),
     },
   ];
@@ -44,7 +58,7 @@ export function InlineKqlQueryReadOnly({ kqlQuery, dataSource }: InlineQueryProp
       dataSource.type === DataSourceType.data_view ? dataSource.data_view_id : undefined;
 
     listItems.push({
-      title: descriptionStepI18n.FILTERS_LABEL,
+      title: i18nLabels.filters,
       description: (
         <Filters filters={kqlQuery.filters as Filter[]} index={index} dataViewId={dataViewId} />
       ),

x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/field_components/kql_query/saved_kql_query.tsx

@@ -17,8 +17,7 @@ import type {
 import { Query, SavedQueryName, Filters } from '../../../../rule_definition_section';
 import * as descriptionStepI18n from '../../../../../../../rule_creation_ui/components/description_step/translations';
 import { useGetSavedQuery } from '../../../../../../../../detections/pages/detection_engine/rules/use_get_saved_query';
-import * as i18n from '../translations';
-import { getQueryLanguageLabel } from './utils';
+import { getQueryLanguageLabel } from '../../../../helpers';
 
 interface SavedQueryProps {
   kqlQuery: SavedKqlQuery;
@@ -42,7 +41,7 @@ export function SavedKqlQueryReadOnly({ kqlQuery, dataSource, ruleType }: SavedQ
       description: <SavedQueryName savedQueryName={savedQuery.attributes.title} />,
     },
     {
-      title: i18n.LANGUAGE_LABEL,
+      title: descriptionStepI18n.SAVED_QUERY_LANGUAGE_LABEL,
       description: getQueryLanguageLabel(savedQuery.attributes.query.language),
     },
   ];

x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/three_way_diff/final_readonly/field_components/threat_query/threat_query.tsx

@@ -10,13 +10,27 @@ import type {
   DiffableAllFields,
   InlineKqlQuery,
 } from '../../../../../../../../../common/api/detection_engine';
+import * as ruleDetailsI18n from '../../../../translations';
+import * as descriptionStepI18n from '../../../../../../../rule_creation_ui/components/description_step/translations';
 import { InlineKqlQueryReadOnly } from '../kql_query/inline_kql_query';
 
+const i18nLabels = {
+  query: descriptionStepI18n.THREAT_QUERY_LABEL,
+  language: descriptionStepI18n.THREAT_QUERY_LANGUAGE_LABEL,
+  filters: ruleDetailsI18n.THREAT_FILTERS_FIELD_LABEL,
+};
+
 interface ThreatQueryReadOnlyProps {
   threatQuery: InlineKqlQuery;
   dataSource: DiffableAllFields['data_source'];
 }
 
 export const ThreatQueryReadOnly = ({ threatQuery, dataSource }: ThreatQueryReadOnlyProps) => {
-  return <InlineKqlQueryReadOnly kqlQuery={threatQuery} dataSource={dataSource} />;
+  return (
+    <InlineKqlQueryReadOnly
+      kqlQuery={threatQuery}
+      dataSource={dataSource}
+      i18nLabels={i18nLabels}
+    />
+  );
 };

x-pack/plugins/security_solution/public/detection_engine/rule_management/components/rule_details/translations.ts

@@ -356,3 +356,17 @@ export const CUSTOMIZED_PREBUILT_RULE_LABEL = i18n.translate(
     defaultMessage: 'Customized Elastic rule',
   }
 );
+
+export const KUERY_LANGUAGE_LABEL = i18n.translate(
+  'xpack.securitySolution.detectionEngine.ruleDetails.kqlLanguageLabel',
+  {
+    defaultMessage: 'KQL',
+  }
+);
+
+export const LUCENE_LANGUAGE_LABEL = i18n.translate(
+  'xpack.securitySolution.detectionEngine.ruleDetails.luceneLanguageLabel',
+  {
+    defaultMessage: 'Lucene',
+  }
+);