[8.x] [Rules migration][UI] Basic rule migrations UI (#10820) (#200978)…

… (#201545)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Rules migration][UI] Basic rule migrations UI (#10820)
(#200978)](#200978)

<!--- Backport version: 8.9.8 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Ievgen
Sorokopud","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-11-22T14:48:14Z","message":"[Rules
migration][UI] Basic rule migrations UI (#10820) (#200978)\n\n##
Summary\r\n\r\n[Internal
link](https://github.com/elastic/security-team/issues/10820)\r\nto the
feature details\r\n\r\nThis is a very first version of the SIEM rules
migrations UI\r\nfunctionality. The main goal is to setup and agree on a
folder structure\r\nwhere the feature gonna live. Tests covering feature
will follow in a\r\nseparate PR (see
[internal\r\nlink](elastic/security-team#11232)
for more\r\ndetails).\r\n\r\nThe code follows the structure of prebuilt
rules
feature\r\nhttps://github.com/elastic/kibana/tree/main/x-pack/plugins/security_solution/public/detection_engine/rule_management_ui/components/rules_table/add_prebuilt_rules_table\r\nand
hidden behind `siemMigrationsEnabled` feature flag.\r\n\r\n### Key UI
changes\r\n\r\n* New \"SIEM Rules Migrations.\" rules management
sub-page\r\n* Navigation between different \"finished\" migrations\r\n*
InMemory table with all the translations within the selected
migration\r\n* Translation details preview flyout with `Translation` and
`Overview`\r\ntabs\r\n* User cannot modify translations via
UI\r\n\r\n### Testing locally\r\n\r\nEnable the
flag\r\n\r\n```\r\nxpack.securitySolution.enableExperimental:
['siemMigrationsEnabled']\r\n```\r\n###
Screenshot\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a5a7e777-c5f8-40b4-be1d-1bd07a2729ac","sha":"a627e011a892e9eaa7ec234b7a08fc5572801bbc","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Threat
Hunting","Team:
SecuritySolution","backport:prev-minor"],"number":200978,"url":"https://github.com/elastic/kibana/pull/200978","mergeCommit":{"message":"[Rules
migration][UI] Basic rule migrations UI (#10820) (#200978)\n\n##
Summary\r\n\r\n[Internal
link](https://github.com/elastic/security-team/issues/10820)\r\nto the
feature details\r\n\r\nThis is a very first version of the SIEM rules
migrations UI\r\nfunctionality. The main goal is to setup and agree on a
folder structure\r\nwhere the feature gonna live. Tests covering feature
will follow in a\r\nseparate PR (see
[internal\r\nlink](elastic/security-team#11232)
for more\r\ndetails).\r\n\r\nThe code follows the structure of prebuilt
rules
feature\r\nhttps://github.com/elastic/kibana/tree/main/x-pack/plugins/security_solution/public/detection_engine/rule_management_ui/components/rules_table/add_prebuilt_rules_table\r\nand
hidden behind `siemMigrationsEnabled` feature flag.\r\n\r\n### Key UI
changes\r\n\r\n* New \"SIEM Rules Migrations.\" rules management
sub-page\r\n* Navigation between different \"finished\" migrations\r\n*
InMemory table with all the translations within the selected
migration\r\n* Translation details preview flyout with `Translation` and
`Overview`\r\ntabs\r\n* User cannot modify translations via
UI\r\n\r\n### Testing locally\r\n\r\nEnable the
flag\r\n\r\n```\r\nxpack.securitySolution.enableExperimental:
['siemMigrationsEnabled']\r\n```\r\n###
Screenshot\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a5a7e777-c5f8-40b4-be1d-1bd07a2729ac","sha":"a627e011a892e9eaa7ec234b7a08fc5572801bbc"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/200978","number":200978,"mergeCommit":{"message":"[Rules
migration][UI] Basic rule migrations UI (#10820) (#200978)\n\n##
Summary\r\n\r\n[Internal
link](https://github.com/elastic/security-team/issues/10820)\r\nto the
feature details\r\n\r\nThis is a very first version of the SIEM rules
migrations UI\r\nfunctionality. The main goal is to setup and agree on a
folder structure\r\nwhere the feature gonna live. Tests covering feature
will follow in a\r\nseparate PR (see
[internal\r\nlink](elastic/security-team#11232)
for more\r\ndetails).\r\n\r\nThe code follows the structure of prebuilt
rules
feature\r\nhttps://github.com/elastic/kibana/tree/main/x-pack/plugins/security_solution/public/detection_engine/rule_management_ui/components/rules_table/add_prebuilt_rules_table\r\nand
hidden behind `siemMigrationsEnabled` feature flag.\r\n\r\n### Key UI
changes\r\n\r\n* New \"SIEM Rules Migrations.\" rules management
sub-page\r\n* Navigation between different \"finished\" migrations\r\n*
InMemory table with all the translations within the selected
migration\r\n* Translation details preview flyout with `Translation` and
`Overview`\r\ntabs\r\n* User cannot modify translations via
UI\r\n\r\n### Testing locally\r\n\r\nEnable the
flag\r\n\r\n```\r\nxpack.securitySolution.enableExperimental:
['siemMigrationsEnabled']\r\n```\r\n###
Screenshot\r\n\r\n\r\nhttps://github.com/user-attachments/assets/a5a7e777-c5f8-40b4-be1d-1bd07a2729ac","sha":"a627e011a892e9eaa7ec234b7a08fc5572801bbc"}}]}]
BACKPORT-->

packages/deeplinks/security/deep_links.ts

@@ -69,6 +69,7 @@ export enum SecurityPageName {
   rulesAdd = 'rules-add',
   rulesCreate = 'rules-create',
   rulesLanding = 'rules-landing',
+  siemMigrationsRules = 'siem_migrations-rules',
   /*
    * Warning: Computed values are not permitted in an enum with string valued members
    * All threat intelligence page names must match `TIPageId` in x-pack/plugins/threat_intelligence/public/common/navigation/types.ts

x-pack/plugins/security_solution/common/constants.ts

@@ -138,6 +138,8 @@ export const APP_BLOCKLIST_PATH = `${APP_PATH}${BLOCKLIST_PATH}` as const;
 export const APP_RESPONSE_ACTIONS_HISTORY_PATH =
   `${APP_PATH}${RESPONSE_ACTIONS_HISTORY_PATH}` as const;
 export const NOTES_PATH = `${MANAGEMENT_PATH}/notes` as const;
+export const SIEM_MIGRATIONS_PATH = '/siem_migrations' as const;
+export const SIEM_MIGRATIONS_RULES_PATH = `${SIEM_MIGRATIONS_PATH}/rules` as const;
 
 // cloud logs to exclude from default index pattern
 export const EXCLUDE_ELASTIC_CLOUD_INDICES = ['-*elastic-cloud-logs-*'];

x-pack/plugins/security_solution/public/app/translations.ts

@@ -101,6 +101,13 @@ export const EXCEPTIONS = i18n.translate('xpack.securitySolution.navigation.exce
   defaultMessage: 'Shared exception lists',
 });
 
+export const SIEM_MIGRATIONS_RULES = i18n.translate(
+  'xpack.securitySolution.navigation.siemMigrationsRules',
+  {
+    defaultMessage: 'SIEM Rules Migrations',
+  }
+);
+
 export const ALERTS = i18n.translate('xpack.securitySolution.navigation.alerts', {
   defaultMessage: 'Alerts',
 });

x-pack/plugins/security_solution/public/lazy_sub_plugins.tsx

@@ -29,6 +29,7 @@ import { EntityAnalytics } from './entity_analytics';
 import { Assets } from './assets';
 import { Investigations } from './investigations';
 import { MachineLearning } from './machine_learning';
+import { SiemMigrations } from './siem_migrations';
 
 /**
  * The classes used to instantiate the sub plugins. These are grouped into a single object for the sake of bundling them in a single dynamic import.
@@ -53,5 +54,6 @@ const subPluginClasses = {
   Assets,
   Investigations,
   MachineLearning,
+  SiemMigrations,
 };
 export { subPluginClasses };

x-pack/plugins/security_solution/public/plugin.tsx

@@ -245,6 +245,7 @@ export class Plugin implements IPlugin<PluginSetup, PluginStart, SetupPlugins, S
         assets: new subPluginClasses.Assets(),
         investigations: new subPluginClasses.Investigations(),
         machineLearning: new subPluginClasses.MachineLearning(),
+        siemMigrations: new subPluginClasses.SiemMigrations(),
       };
     }
     return this._subPlugins;
@@ -279,6 +280,9 @@ export class Plugin implements IPlugin<PluginSetup, PluginStart, SetupPlugins, S
       assets: subPlugins.assets.start(),
       investigations: subPlugins.investigations.start(),
       machineLearning: subPlugins.machineLearning.start(),
+      siemMigrations: subPlugins.siemMigrations.start(
+        this.experimentalFeatures.siemMigrationsEnabled
+      ),
     };
   }
 

x-pack/plugins/security_solution/public/rules/links.ts

@@ -29,6 +29,7 @@ import type { LinkItem } from '../common/links';
 import { IconConsoleCloud } from '../common/icons/console_cloud';
 import { IconRollup } from '../common/icons/rollup';
 import { IconDashboards } from '../common/icons/dashboards';
+import { siemMigrationsLinks } from '../siem_migrations/links';
 
 export const links: LinkItem = {
   id: SecurityPageName.rulesLanding,
@@ -106,6 +107,7 @@ export const links: LinkItem = {
         }),
       ],
     },
+    siemMigrationsLinks,
   ],
   categories: [
     {
@@ -116,6 +118,7 @@ export const links: LinkItem = {
         SecurityPageName.rules,
         SecurityPageName.cloudSecurityPostureBenchmarks,
         SecurityPageName.exceptions,
+        SecurityPageName.siemMigrationsRules,
       ],
     },
     {

x-pack/plugins/security_solution/public/siem_migrations/index.ts

@@ -0,0 +1,19 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { SecuritySubPlugin } from '../app/types';
+import { routes } from './routes';
+
+export class SiemMigrations {
+  public setup() {}
+
+  public start(isEnabled = false): SecuritySubPlugin {
+    return {
+      routes: isEnabled ? routes : [],
+    };
+  }
+}

x-pack/plugins/security_solution/public/siem_migrations/jest.config.js

@@ -0,0 +1,19 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+module.exports = {
+  preset: '@kbn/test',
+  rootDir: '../../../../..',
+  roots: ['<rootDir>/x-pack/plugins/security_solution/public/siem_migrations'],
+  coverageDirectory:
+    '<rootDir>/target/kibana-coverage/jest/x-pack/plugins/security_solution/public/siem_migrations',
+  coverageReporters: ['text', 'html'],
+  collectCoverageFrom: [
+    '<rootDir>/x-pack/plugins/security_solution/public/siem_migrations/**/*.{ts,tsx}',
+  ],
+  moduleNameMapper: require('../../server/__mocks__/module_name_map'),
+};

x-pack/plugins/security_solution/public/siem_migrations/links.ts

@@ -0,0 +1,35 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { i18n } from '@kbn/i18n';
+import {
+  SecurityPageName,
+  SERVER_APP_ID,
+  SIEM_MIGRATIONS_RULES_PATH,
+} from '../../common/constants';
+import { SIEM_MIGRATIONS_RULES } from '../app/translations';
+import type { LinkItem } from '../common/links/types';
+import { IconConsoleCloud } from '../common/icons/console_cloud';
+
+export const siemMigrationsLinks: LinkItem = {
+  id: SecurityPageName.siemMigrationsRules,
+  title: SIEM_MIGRATIONS_RULES,
+  description: i18n.translate('xpack.securitySolution.appLinks.siemMigrationsRulesDescription', {
+    defaultMessage: 'SIEM Rules Migrations.',
+  }),
+  landingIcon: IconConsoleCloud,
+  path: SIEM_MIGRATIONS_RULES_PATH,
+  capabilities: [`${SERVER_APP_ID}.show`],
+  skipUrlState: true,
+  hideTimeline: true,
+  globalSearchKeywords: [
+    i18n.translate('xpack.securitySolution.appLinks.siemMigrationsRules', {
+      defaultMessage: 'SIEM Rules Migrations',
+    }),
+  ],
+  experimentalKey: 'siemMigrationsEnabled',
+};

x-pack/plugins/security_solution/public/siem_migrations/routes.tsx

@@ -0,0 +1,31 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+
+import type { SecuritySubPluginRoutes } from '../app/types';
+import { SIEM_MIGRATIONS_RULES_PATH, SecurityPageName } from '../../common/constants';
+import { RulesPage } from './rules/pages';
+import { PluginTemplateWrapper } from '../common/components/plugin_template_wrapper';
+import { SecurityRoutePageWrapper } from '../common/components/security_route_page_wrapper';
+
+export const RulesRoutes = () => {
+  return (
+    <PluginTemplateWrapper>
+      <SecurityRoutePageWrapper pageName={SecurityPageName.siemMigrationsRules}>
+        <RulesPage />
+      </SecurityRoutePageWrapper>
+    </PluginTemplateWrapper>
+  );
+};
+
+export const routes: SecuritySubPluginRoutes = [
+  {
+    path: SIEM_MIGRATIONS_RULES_PATH,
+    component: RulesRoutes,
+  },
+];

x-pack/plugins/security_solution/public/siem_migrations/rules/api/api.ts

@@ -0,0 +1,66 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { replaceParams } from '@kbn/openapi-common/shared';
+
+import { KibanaServices } from '../../../common/lib/kibana';
+
+import {
+  SIEM_RULE_MIGRATIONS_ALL_STATS_PATH,
+  SIEM_RULE_MIGRATION_PATH,
+} from '../../../../common/siem_migrations/constants';
+import type {
+  GetAllStatsRuleMigrationResponse,
+  GetRuleMigrationResponse,
+} from '../../../../common/siem_migrations/model/api/rules/rule_migration.gen';
+
+/**
+ * Retrieves the stats for all the existing migrations, aggregated by `migration_id`.
+ *
+ * @param signal AbortSignal for cancelling request
+ *
+ * @throws An error if response is not OK
+ */
+export const getRuleMigrationsStatsAll = async ({
+  signal,
+}: {
+  signal: AbortSignal | undefined;
+}): Promise<GetAllStatsRuleMigrationResponse> => {
+  return KibanaServices.get().http.fetch<GetAllStatsRuleMigrationResponse>(
+    SIEM_RULE_MIGRATIONS_ALL_STATS_PATH,
+    {
+      method: 'GET',
+      version: '1',
+      signal,
+    }
+  );
+};
+
+/**
+ * Retrieves all the migration rule documents of a specific migration.
+ *
+ * @param migrationId `id` of the migration to retrieve rule documents for
+ * @param signal AbortSignal for cancelling request
+ *
+ * @throws An error if response is not OK
+ */
+export const getRuleMigrations = async ({
+  migrationId,
+  signal,
+}: {
+  migrationId: string;
+  signal: AbortSignal | undefined;
+}): Promise<GetRuleMigrationResponse> => {
+  return KibanaServices.get().http.fetch<GetRuleMigrationResponse>(
+    replaceParams(SIEM_RULE_MIGRATION_PATH, { migration_id: migrationId }),
+    {
+      method: 'GET',
+      version: '1',
+      signal,
+    }
+  );
+};

x-pack/plugins/security_solution/public/siem_migrations/rules/api/hooks/constants.ts

@@ -0,0 +1,13 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+const ONE_MINUTE = 60000;
+
+export const DEFAULT_QUERY_OPTIONS = {
+  refetchIntervalInBackground: false,
+  staleTime: ONE_MINUTE * 5,
+};

x-pack/plugins/security_solution/public/siem_migrations/rules/api/hooks/use_get_rule_migrations.ts

@@ -0,0 +1,33 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { UseQueryOptions } from '@tanstack/react-query';
+import { useQuery } from '@tanstack/react-query';
+import { replaceParams } from '@kbn/openapi-common/shared';
+import { DEFAULT_QUERY_OPTIONS } from './constants';
+import { getRuleMigrations } from '../api';
+import type { GetRuleMigrationResponse } from '../../../../../common/siem_migrations/model/api/rules/rule_migration.gen';
+import { SIEM_RULE_MIGRATION_PATH } from '../../../../../common/siem_migrations/constants';
+
+export const useGetRuleMigrationsQuery = (
+  migrationId: string,
+  options?: UseQueryOptions<GetRuleMigrationResponse>
+) => {
+  const SPECIFIC_MIGRATION_PATH = replaceParams(SIEM_RULE_MIGRATION_PATH, {
+    migration_id: migrationId,
+  });
+  return useQuery<GetRuleMigrationResponse>(
+    ['GET', SPECIFIC_MIGRATION_PATH],
+    async ({ signal }) => {
+      return getRuleMigrations({ migrationId, signal });
+    },
+    {
+      ...DEFAULT_QUERY_OPTIONS,
+      ...options,
+    }
+  );
+};

x-pack/plugins/security_solution/public/siem_migrations/rules/api/hooks/use_get_rule_migrations_stats_all.ts

@@ -0,0 +1,30 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { UseQueryOptions } from '@tanstack/react-query';
+import { useQuery } from '@tanstack/react-query';
+import { DEFAULT_QUERY_OPTIONS } from './constants';
+import { getRuleMigrationsStatsAll } from '../api';
+import type { GetAllStatsRuleMigrationResponse } from '../../../../../common/siem_migrations/model/api/rules/rule_migration.gen';
+import { SIEM_RULE_MIGRATIONS_ALL_STATS_PATH } from '../../../../../common/siem_migrations/constants';
+
+export const GET_RULE_MIGRATIONS_STATS_ALL_QUERY_KEY = ['GET', SIEM_RULE_MIGRATIONS_ALL_STATS_PATH];
+
+export const useGetRuleMigrationsStatsAllQuery = (
+  options?: UseQueryOptions<GetAllStatsRuleMigrationResponse>
+) => {
+  return useQuery<GetAllStatsRuleMigrationResponse>(
+    GET_RULE_MIGRATIONS_STATS_ALL_QUERY_KEY,
+    async ({ signal }) => {
+      return getRuleMigrationsStatsAll({ signal });
+    },
+    {
+      ...DEFAULT_QUERY_OPTIONS,
+      ...options,
+    }
+  );
+};