Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Rule Export toaster message includes confusing statement "Prebuilt Rules were excluded..." #126087

Closed
MikePaquette opened this issue Feb 21, 2022 · 8 comments
Labels
bug Fixes for quality problems that affect the customer experience Feature:Rule Management Security Solution Detection Rule Management area fixed impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.4.0

Comments

@MikePaquette
Copy link

Kibana version: 8.1.0 BC1

Elasticsearch version: 8.1.0 BC1

Server OS version: Elastic Cloud ESS default

Browser version: Google Chrome Version 98.0.4758.102 (Official Build) (x86_64)

Browser OS version: macOS Monterey Version 12.2.1 (21D62)

Original install method (e.g. download page, yum, from source, etc.): Elastic Cloud ESS GCP Europe-West-1

Describe the bug:
When exporting custom rules, toaster messages says that prebuilt rules were excluded. Confuses me since I did not select any prebuilt rules.

Steps to reproduce:

  1. Create one or more custom rules
  2. Select the one(s) you want to export
  3. Choose bulk-actions -> export
  4. Watch for toast message in the lower right

Expected behavior:
Sentence about the prebuilt rules should not appear, since I did not select any prebuilt rules for export.

Screenshots (if relevant):
image

Errors in browser console (if relevant): None

Provide logs and/or server output (if relevant): N/A

Any additional context: This is not a new behavior in 8.1.0, AFAIK

cc: @jethr0null

@MikePaquette MikePaquette added bug Fixes for quality problems that affect the customer experience impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Feature:Rule Management Security Solution Detection Rule Management area labels Feb 21, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@MadameSheema MadameSheema added the Team:Detection Rule Management Security Detection Rule Management Team label Feb 21, 2022
@MindyRS MindyRS added the Team:Detections and Resp Security Detection Response Team label Feb 23, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@banderror banderror removed their assignment Mar 7, 2022
@peluja1012
Copy link
Contributor

Hi @vitaliidm, is this issue fixed your recent PR here #136418

@vitaliidm
Copy link
Contributor

yes, correct @peluja1012

@MadameSheema
Copy link
Member

@deepikakeshav-qasource @karanbirsingh-qasource can you please validate this on latest BC? Thanks!

@ghost
Copy link

ghost commented Aug 8, 2022

Hi @MadameSheema ,

We have validated this issue on 8.4.0 BC2 build and observed that issue is Partially Fixed.

Please find the below Testing Details:

Build info

VERSION : 8.4.0 BC2
Build: 55166
COMMIT: 9e9e0d6a685cbc2858a85a357f93dcb76259fdee

Observations:

  • When export only prebuilt rules from bulk actions 🟢

image

  • When export prebuilt rules + custom rules from bulk actions. 🔴
    Wrong count is displaying for custom rules

image

  • When export only custom rules from bulk actions 🟢

image

Thanks!!

@banderror banderror self-assigned this Aug 8, 2022
@banderror
Copy link
Contributor

I tested it in the a6cf51cf90ecde400fd33d02b23ffa5e651b9012 commit (this one is newer than 9e9e0d6a685cbc2858a85a357f93dcb76259fdee) and wasn't able to reproduce it. It works as expected and the number of custom rules is calculated correctly.

@deepikakeshav-qasource my guess is it might be related to the fact that we don't refresh the page after importing rules (see #136758 and #137969). By any chance, is it possible that you had 5 custom rules, imported 4 additional custom rules and without doing a page refresh tried to export those?

We will need steps to repro this in order to localize a potential bug here. If there is one, can we please open a new GH issue for it and close this one? I think we addressed the original issue of having a confusing statement in the toast.

@banderror banderror removed their assignment Aug 8, 2022
@ghost
Copy link

ghost commented Aug 9, 2022

Hi @banderror ,

We have not import any rule while testing out this ticket.

However, We have created the new build today and tested out this scenario and the issue is not occurring on it. but on my old build 8.4.0 bc2 issue is still occurring.
I have tried refreshing, opening environment in private windows. however, issue is still occurring

We have reported the new issue. Hence, we are closing this issue.

Moreover, We have shared this build details over slack.

Please let us know if anything else is required from our end!!

Thanks!!

@ghost ghost closed this as completed Aug 9, 2022
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Fixes for quality problems that affect the customer experience Feature:Rule Management Security Solution Detection Rule Management area fixed impact:low Addressing this issue will have a low level of impact on the quality/strength of our product. Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.4.0
Projects
None yet
Development

No branches or pull requests

7 participants