Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution] Value lists cannot be deleted when the name of the uploaded file has a special character #86273

Closed
MadameSheema opened this issue Dec 17, 2020 · 3 comments · Fixed by #93176
Assignees
Labels
bug Fixes for quality problems that affect the customer experience Feature:Rule Value Lists Security Solution Detection Rule Value Lists area impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v7.12.0

Comments

@MadameSheema
Copy link
Member

MadameSheema commented Dec 17, 2020

Describe the bug:

  • Value lists cannot be deleted when the name of the uploaded file has a special character like (

Kibana/Elasticsearch Stack version:

  • 7.11.0 BC1

Functional Area (e.g. Endpoint management, timelines, resolver, etc.):

  • Value lists

Preconditions:

  • To have uploaded a value list with a name with special characters i.e. 1000_words (1).csv

Steps to reproduce:

  1. Navigate to Security > Detections
  2. Click on Manage detection rules button
  3. Click on Upload value lists
  4. Click on the Icon trash
  5. Click on Remove value list

Current behavior:

  • No error message is displayed
  • Value list is not deleted

Expected behavior:

  • The value list is deleted

Errors in browser console (if relevant):

{"message":"KQLSyntaxError: Expected \")\", AND, OR, whitespace but \"(\" found.\n(exception-list.attributes.list_type: item AND exception-list.attributes.entries.list.id:1000_words (1).csv) OR (exception-list-agnostic.attributes.list_type: item AND exception-list-agnostic.attributes.entries.list.id:1000_words (1).csv) \n----------------------------------------------------------------------------------------------------^: Bad Request","status_code":400}

@MadameSheema MadameSheema added bug Fixes for quality problems that affect the customer experience impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Feature:Rule Value Lists Security Solution Detection Rule Value Lists area v7.11.0 labels Dec 17, 2020
@MadameSheema
Copy link
Member Author

@peluja1012 @spong is this issue going to be fixed on 7.12?

@ghost
Copy link

ghost commented Mar 11, 2021

Hi @MadameSheema

We have validated this issue on 7.12.0 BC4 and Observed that issue is Fixed. The user is able to delete the value list file that contains special characters

Build Details:

Version: 7.12.0-BC4
Platform: Production
Commit:99ac38d70e426f589bb61a034c96e602d759cfab
Build:39242
https://staging.elastic.co/7.12.0-336ff10d/summary-7.12.0.html

Screenshot:
upload_value_list
value_list_file_deleted

Thanks!!

@ghost ghost added the QA:Validated Issue has been validated by QA label Mar 11, 2021
@ghost
Copy link

ghost commented Mar 30, 2021

Bug Conversion:

Updated 01 test case for this ticket:
https://elastic.testrail.io/index.php?/cases/view/34927

Thanks!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Fixes for quality problems that affect the customer experience Feature:Rule Value Lists Security Solution Detection Rule Value Lists area impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. QA:Validated Issue has been validated by QA Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v7.12.0
Projects
None yet
3 participants