-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] Add ability to import exception lists #92613
Comments
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Pinging @elastic/security-solution (Team: SecuritySolution) |
Referencing conversation around importing/exporting rules via the SO Management UI in #50266. If we have success with #99741 / #87992, we might just be able to leverage the SO Management UI for Security Rules/Exceptions/Actions (though value lists will still need to be managed via the dedicated Security Solution UI though). |
## Summary Addresses #92613 and #117399 Goal is to allow users to import their exception lists and items alongside their rules. This PR does not complete all the UI updates needed, but does tackle the majority of use cases. The bulk of the changes occur in `import_rules_route` and the new `import_exceptions_route`. - Adds exceptions import endpoint in `lists` plugin - Adds exceptions import logic in import rules route in `security_solution` plugin - Adds integration tests for exception import endpoint - Adds integration tests for rules import endpoint to account for new functionality - Purposely not yet adding an import modal in the exceptions table UI until further list management features added (checked with product on this front)
## Summary Addresses elastic#92613 and elastic#117399 Goal is to allow users to import their exception lists and items alongside their rules. This PR does not complete all the UI updates needed, but does tackle the majority of use cases. The bulk of the changes occur in `import_rules_route` and the new `import_exceptions_route`. - Adds exceptions import endpoint in `lists` plugin - Adds exceptions import logic in import rules route in `security_solution` plugin - Adds integration tests for exception import endpoint - Adds integration tests for rules import endpoint to account for new functionality - Purposely not yet adding an import modal in the exceptions table UI until further list management features added (checked with product on this front)
…120824) * [Security Solution][Platform] - Exceptions imports (#118816) ## Summary Addresses #92613 and #117399 Goal is to allow users to import their exception lists and items alongside their rules. This PR does not complete all the UI updates needed, but does tackle the majority of use cases. The bulk of the changes occur in `import_rules_route` and the new `import_exceptions_route`. - Adds exceptions import endpoint in `lists` plugin - Adds exceptions import logic in import rules route in `security_solution` plugin - Adds integration tests for exception import endpoint - Adds integration tests for rules import endpoint to account for new functionality - Purposely not yet adding an import modal in the exceptions table UI until further list management features added (checked with product on this front)
## Summary Addresses elastic#92613 and elastic#117399 Goal is to allow users to import their exception lists and items alongside their rules. This PR does not complete all the UI updates needed, but does tackle the majority of use cases. The bulk of the changes occur in `import_rules_route` and the new `import_exceptions_route`. - Adds exceptions import endpoint in `lists` plugin - Adds exceptions import logic in import rules route in `security_solution` plugin - Adds integration tests for exception import endpoint - Adds integration tests for rules import endpoint to account for new functionality - Purposely not yet adding an import modal in the exceptions table UI until further list management features added (checked with product on this front)
Implemented by #118816 |
In 7.11 we introduced the Exceptions Lists view to management exception lists. This view currently allows users to export exception lists. However, the ability to import these lists is missing. This issue is to add this functionality in the Security App's UI.
The text was updated successfully, but these errors were encountered: