Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] [Platform] Need to resolve action connectors #119976

Closed
dhurley14 opened this issue Nov 30, 2021 · 2 comments · Fixed by #120975
Closed

[Security Solution] [Platform] Need to resolve action connectors #119976

dhurley14 opened this issue Nov 30, 2021 · 2 comments · Fixed by #120975
Assignees
@dhurley14
Labels
bug Fixes for quality problems that affect the customer experience Feature:Actions/ConnectorsManagement Issues related to Connectors Management UX Feature:Alerting/RuleActions Issues related to the Actions attached to Rules on the Alerting Framework Feature:Detection Rules Security Solution rules and Detection Engine Feature:Rule Actions Security Solution Detection Rule Actions area impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Detections and Resp Security Detection Response Team Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Team:Security Solution Platform Security Solution Platform Team v8.0.0 v8.1.0

Comments

@dhurley14
Copy link
Contributor

dhurley14 commented Nov 30, 2021
edited
Loading

If an action connector is created pre-8.0 in a non-default space, that connector will have a new id generated in > 8.0 and will not be found when trying to create new rules or importing rules into the security solution with references to that action connector.

  1. We need to expose a resolve function in the actions client
  2. We need to update this line in the security solution to use the resolve function instead of the getAll

Edit: After meeting with the team looks like this should be part of the work for #118767 and involves using those same functions the SOM uses for determining conflicts and/or updating fields on import
@dhurley14 dhurley14 added v8.0.0 Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Detection Rules Security Solution rules and Detection Engine Team:Detections and Resp Security Detection Response Team Feature:Rule Actions Security Solution Detection Rule Actions area Feature:Actions/ConnectorsManagement Issues related to Connectors Management UX Feature:Alerting/RuleActions Issues related to the Actions attached to Rules on the Alerting Framework v8.1.0 Team:Security Solution Platform Security Solution Platform Team labels Nov 30, 2021
@dhurley14 dhurley14 self-assigned this Nov 30, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@dhurley14 dhurley14 mentioned this issue Dec 9, 2021
Merged
2 tasks
@dhurley14 dhurley14 added bug Fixes for quality problems that affect the customer experience impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. labels Dec 15, 2021
@kobelb kobelb added the needs-team Issues missing a team label label Jan 31, 2022
@botelastic botelastic bot removed the needs-team Issues missing a team label label Jan 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dhurley14 dhurley14

Labels
bug Fixes for quality problems that affect the customer experience Feature:Actions/ConnectorsManagement Issues related to Connectors Management UX Feature:Alerting/RuleActions Issues related to the Actions attached to Rules on the Alerting Framework Feature:Detection Rules Security Solution rules and Detection Engine Feature:Rule Actions Security Solution Detection Rule Actions area impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Detections and Resp Security Detection Response Team Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Team:Security Solution Platform Security Solution Platform Team v8.0.0 v8.1.0
Projects
None yet
Milestone
No milestone
3 participants
@kobelb @dhurley14 @elasticmachine