-
Notifications
You must be signed in to change notification settings - Fork 8.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[8.x] [Security Solution] Add
threshold, machine_learning_job_id …
…and `anomaly_threshold` editable fields (#200323) (#204840) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Add `threshold`, `machine_learning_job_id` and `anomaly_threshold` editable fields (#200323)](#200323) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Nikita Indik","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-12-18T21:01:57Z","message":"[Security Solution] Add `threshold`, `machine_learning_job_id` and `anomaly_threshold` editable fields (#200323)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\n\n## Summary\n**Changes in this PR**:\n- `threshold` and `machine_learning_job_id`, `anomaly_threshold` are now\neditable in the Rule Upgrade flyout\n\n<img width=\"1840\" alt=\"Schermafbeelding 2024-11-26 om 08 59 24\"\nsrc=\"https://github.com/user-attachments/assets/b76ef89b-8051-4eba-8d67-9e86a0408e83\">\n\n\n### Testing\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is\nenabled.\n- To simulate the availability of prebuilt rule upgrades, downgrade a\ncurrently installed prebuilt rule using the `PATCH\napi/detection_engine/rules` API.\n - Set `version: 1` in the request body to downgrade it to version 1.\n- Modify other rule fields in the request body as needed to test the\nchanges.","sha":"042344e27db3b9ae07f5af3b7b1840105afc2a5b","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","ci:cloud-deploy","ci:project-deploy-security","backport:version","v8.18.0"],"number":200323,"url":"https://github.com/elastic/kibana/pull/200323","mergeCommit":{"message":"[Security Solution] Add `threshold`, `machine_learning_job_id` and `anomaly_threshold` editable fields (#200323)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\n\n## Summary\n**Changes in this PR**:\n- `threshold` and `machine_learning_job_id`, `anomaly_threshold` are now\neditable in the Rule Upgrade flyout\n\n<img width=\"1840\" alt=\"Schermafbeelding 2024-11-26 om 08 59 24\"\nsrc=\"https://github.com/user-attachments/assets/b76ef89b-8051-4eba-8d67-9e86a0408e83\">\n\n\n### Testing\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is\nenabled.\n- To simulate the availability of prebuilt rule upgrades, downgrade a\ncurrently installed prebuilt rule using the `PATCH\napi/detection_engine/rules` API.\n - Set `version: 1` in the request body to downgrade it to version 1.\n- Modify other rule fields in the request body as needed to test the\nchanges.","sha":"042344e27db3b9ae07f5af3b7b1840105afc2a5b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/200323","number":200323,"mergeCommit":{"message":"[Security Solution] Add `threshold`, `machine_learning_job_id` and `anomaly_threshold` editable fields (#200323)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\n\n## Summary\n**Changes in this PR**:\n- `threshold` and `machine_learning_job_id`, `anomaly_threshold` are now\neditable in the Rule Upgrade flyout\n\n<img width=\"1840\" alt=\"Schermafbeelding 2024-11-26 om 08 59 24\"\nsrc=\"https://github.com/user-attachments/assets/b76ef89b-8051-4eba-8d67-9e86a0408e83\">\n\n\n### Testing\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is\nenabled.\n- To simulate the availability of prebuilt rule upgrades, downgrade a\ncurrently installed prebuilt rule using the `PATCH\napi/detection_engine/rules` API.\n - Set `version: 1` in the request body to downgrade it to version 1.\n- Modify other rule fields in the request body as needed to test the\nchanges.","sha":"042344e27db3b9ae07f5af3b7b1840105afc2a5b"}},{"branch":"8.x","label":"v8.18.0","labelRegex":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
- Loading branch information
1 parent
e0ee319
commit bac06d3
Showing
47 changed files
with
1,152 additions
and
543 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
12 changes: 12 additions & 0 deletions
12
...curity/plugins/security_solution/public/common/utils/normalize_machine_learning_job_id.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import type { MachineLearningJobId } from '../../../common/api/detection_engine'; | ||
|
|
||
| export function normalizeMachineLearningJobId(jobId: MachineLearningJobId): string[] { | ||
| return typeof jobId === 'string' ? [jobId] : jobId; | ||
| } |
34 changes: 34 additions & 0 deletions
34
...tection_engine/rule_creation/components/anomaly_threshold_edit/anomaly_threshold_edit.tsx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import React from 'react'; | ||
| import { UseField } from '../../../../shared_imports'; | ||
| import { AnomalyThresholdSlider } from '../../../rule_creation_ui/components/anomaly_threshold_slider'; | ||
| import * as i18n from './translations'; | ||
|
|
||
| const componentProps = { | ||
| describedByIds: ['anomalyThreshold'], | ||
| }; | ||
|
|
||
| interface AnomalyThresholdEditProps { | ||
| path: string; | ||
| } | ||
|
|
||
| export function AnomalyThresholdEdit({ path }: AnomalyThresholdEditProps): JSX.Element { | ||
| return ( | ||
| <UseField | ||
| path={path} | ||
| config={ANOMALY_THRESHOLD_FIELD_CONFIG} | ||
| component={AnomalyThresholdSlider} | ||
| componentProps={componentProps} | ||
| /> | ||
| ); | ||
| } | ||
|
|
||
| const ANOMALY_THRESHOLD_FIELD_CONFIG = { | ||
| label: i18n.ANOMALY_THRESHOLD_LABEL, | ||
| }; |
8 changes: 8 additions & 0 deletions
8
...solution/public/detection_engine/rule_creation/components/anomaly_threshold_edit/index.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| export { AnomalyThresholdEdit } from './anomaly_threshold_edit'; |
15 changes: 15 additions & 0 deletions
15
...n/public/detection_engine/rule_creation/components/anomaly_threshold_edit/translations.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import { i18n } from '@kbn/i18n'; | ||
|
|
||
| export const ANOMALY_THRESHOLD_LABEL = i18n.translate( | ||
| 'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldAnomalyThresholdLabel', | ||
| { | ||
| defaultMessage: 'Anomaly score threshold', | ||
| } | ||
| ); |
25 changes: 25 additions & 0 deletions
25
...c/detection_engine/rule_creation/components/create_ml_job_button/create_ml_job_button.tsx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import React from 'react'; | ||
| import { EuiButton } from '@elastic/eui'; | ||
| import { useKibana } from '../../../../common/lib/kibana'; | ||
| import * as i18n from './translations'; | ||
|
|
||
| export function CreateCustomMlJobButton(): JSX.Element { | ||
| const { navigateToApp } = useKibana().services.application; | ||
|
|
||
| return ( | ||
| <EuiButton | ||
| iconType="popout" | ||
| iconSide="right" | ||
| onClick={() => navigateToApp('ml', { openInNewTab: true })} | ||
| > | ||
| {i18n.CREATE_CUSTOM_JOB_BUTTON_TITLE} | ||
| </EuiButton> | ||
| ); | ||
| } |
15 changes: 15 additions & 0 deletions
15
...ion/public/detection_engine/rule_creation/components/create_ml_job_button/translations.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import { i18n } from '@kbn/i18n'; | ||
|
|
||
| export const CREATE_CUSTOM_JOB_BUTTON_TITLE = i18n.translate( | ||
| 'xpack.securitySolution.detectionEngine.mlSelectJob.createCustomJobButtonTitle', | ||
| { | ||
| defaultMessage: 'Create custom job', | ||
| } | ||
| ); |
8 changes: 8 additions & 0 deletions
8
...on/public/detection_engine/rule_creation/components/machine_learning_job_id_edit/index.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| export { MachineLearningJobIdEdit } from './machine_learning_job_id_edit'; |
53 changes: 53 additions & 0 deletions
53
...ne/rule_creation/components/machine_learning_job_id_edit/machine_learning_job_id_edit.tsx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import React, { useMemo } from 'react'; | ||
| import { UseField, fieldValidators } from '../../../../shared_imports'; | ||
| import { MlJobSelect } from '../ml_job_select'; | ||
| import { useSecurityJobs } from '../../../../common/components/ml_popover/hooks/use_security_jobs'; | ||
| import * as i18n from './translations'; | ||
|
|
||
| interface MachineLearningJobIdEditProps { | ||
| path: string; | ||
| shouldShowHelpText?: boolean; | ||
| } | ||
|
|
||
| export function MachineLearningJobIdEdit({ | ||
| path, | ||
| shouldShowHelpText, | ||
| }: MachineLearningJobIdEditProps): JSX.Element { | ||
| const { loading, jobs } = useSecurityJobs(); | ||
|
|
||
| const componentProps = useMemo( | ||
| () => ({ | ||
| jobs, | ||
| loading, | ||
| shouldShowHelpText, | ||
| }), | ||
| [jobs, loading, shouldShowHelpText] | ||
| ); | ||
|
|
||
| return ( | ||
| <UseField | ||
| path={path} | ||
| config={MACHINE_LEARNING_JOB_ID_FIELD_CONFIG} | ||
| component={MlJobSelect} | ||
| componentProps={componentProps} | ||
| /> | ||
| ); | ||
| } | ||
|
|
||
| const MACHINE_LEARNING_JOB_ID_FIELD_CONFIG = { | ||
| label: i18n.MACHINE_LEARNING_JOB_ID_LABEL, | ||
| validations: [ | ||
| { | ||
| validator: fieldValidators.emptyField( | ||
| i18n.MACHINE_LEARNING_JOB_ID_EMPTY_FIELD_VALIDATION_ERROR | ||
| ), | ||
| }, | ||
| ], | ||
| }; |
22 changes: 22 additions & 0 deletions
22
...ic/detection_engine/rule_creation/components/machine_learning_job_id_edit/translations.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| /* | ||
| * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
| * or more contributor license agreements. Licensed under the Elastic License | ||
| * 2.0; you may not use this file except in compliance with the Elastic License | ||
| * 2.0. | ||
| */ | ||
|
|
||
| import { i18n } from '@kbn/i18n'; | ||
|
|
||
| export const MACHINE_LEARNING_JOB_ID_LABEL = i18n.translate( | ||
| 'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldMachineLearningJobIdLabel', | ||
| { | ||
| defaultMessage: 'Machine Learning job', | ||
| } | ||
| ); | ||
|
|
||
| export const MACHINE_LEARNING_JOB_ID_EMPTY_FIELD_VALIDATION_ERROR = i18n.translate( | ||
| 'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.machineLearningJobIdRequired', | ||
| { | ||
| defaultMessage: 'A Machine Learning job is required.', | ||
| } | ||
| ); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.