[Security Solution] The incorrect count is displayed in "Update 101 Elastic prebuilt rules" under Detections rules when upgraded the build from 7.9.2 to 7.10.0.

[ghost]

Kibana version:
Kibana: 7.10.0 BC1

Elasticsearch version:
Elasticsearch: 7.10.0 BC1

Host OS and Browser version:
Windows, All

Describe the bug
The incorrect count is displayed in "Update 101 Elastic prebuilt rules" under Detections rules when upgraded the build from 7.9.2 to 7.10.0.

Build Details:
Elastic-Stack : 7.10.0 BC1
Artifacts: https://staging.elastic.co/7.10.0-116336aa/summary-7.10.0.html

Preconditions

1. Cloud environment 7.9.2 should exist.
2. Auditbeat should be installed.

Steps to Reproduce

1. Install the elastic rules, 203 rule will be installed and upgrade the build to 7.10.0
2. Now navigate to Detection Rules under the detection tab.
3. "Update 101 Elastic prebuilt rules" button is displaying with 203 elastic rules.
4. Now click on "Update 101 Elastic prebuilt rules" and observe that the total count displayed under elastic rules is 322

Impacted Test case(s)
N/A

Actual Result
The incorrect count is displayed in "Update 101 Elastic prebuilt rules" under Detections rules when upgraded the build from 7.9.2 to 7.10.0.

Expected Result
The correct count should be displayed in "Update 101 Elastic prebuilt rules" under Detections rules when upgraded the build from 7.9.2 to 7.10.0.

What's Working
N/A

What's not Working
N/A

Screenshot:

• During Upgrade:
  

• After Upgrade
  

[elasticmachine]

Pinging @elastic/siem (Team:SIEM)

[ghost]

@manishgupta-qasource Please Review

[spong]

We've got #80389 in flight which will fix the text when timelines have already been installed. Once merged (so we don't conflict), we can update the text to be something along the lines:

• Update {updateRules} and install {newRules} new Elastic prebuilt rules.
• Update {updateRules} Elastic prebuilt rules.
• Install {newRules} new Elastic prebuilt rules.

[elasticmachine]

Pinging @elastic/kibana-security (Team:Security Solution)

[MadameSheema]

@deepikakeshav-qasource can you please validate this ticket once 7.10BC3 is available in Cloud? Thanks :)

[ghost]

Hi @MadameSheema,

We have validated this ticket on 7.10.0 BC3 build and observed that issue is not fixed yet. The incorrect count is still displaying under Detections rules when upgraded the build from 7.9.2 to 7.10.0.

Build Details:

Commit : ed66f41a8a60ad03426beff65ed270a743c46ac4
Build : 35817
Artifact page: https://staging.elastic.co/7.10.0-aea04452/summary-7.10.0.html

Screenshots:

• Before upgrade
  

• After upgrade
  

Thanks!!

[MadameSheema]

@peluja1012 @spong are we still targeting the fix for 7.10? thanks :)

[spong]

This will have to wait for now it seems @MadameSheema -- the fix is low impact enough that it can be backported to 7.10.1 though.

[ghost]

Hi @MadameSheema,

We have validated this ticket on 7.13.0 BC4 build and observed that issue is still ocurring. Update {updateRules} and install {newRules} new Elastic prebuilt rules are not displayed when upgrade the build.

Build Details:

Version:7.13.0 BC4
Commit:5a6bad454ffe263aafed54cbd3f764253694bf37
Build:40749

Screenshot:

Thanks!!

[ghost]

Hi @MadameSheema ,

We have validated this ticket on 7.15.0-SNAPSHOT build and found that issue is Still Occurring.

Build Details:

Version:7.15.0 SNAPSHOT
Commit:aa12d107c38c5cda96fc32bcd1f8226df172826a
Build:43370

Screenshot:

Thanks.

[spong]

Still present as of reviewing latest 7.16 rules PR: #118657.

Also linking these two enhancement requests for improving this upgrade UI/UX as perhaps these efforts can be bundled to re-work this UX:
#88563
#92553

[banderror]

We can close this now. We've reworked the whole workflow for installing and upgrading prebuilt rules in #158450, and the callout mentioned in this bug doesn't exist anymore.