Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Exceptions] - Fix bug allowing user to type in custom field option for endpoint exception #152619

Merged
merged 7 commits into from
Mar 8, 2023

Conversation

yctercero
Copy link
Contributor

@yctercero yctercero commented Mar 2, 2023

Summary

Addresses #149814

Custom field options for exceptions were introduced with the 8.6 exception updates. This option was meant for non-endpoint exceptions. In the UI, endpoint exceptions should continue to only allow user to select from allowlisted fields.

There are and were no changes to the API, so the API remains open to accepting custom values for both types of exceptions.

Fixed

non_endpoint.mov
bug_fix_endpoint.mov

Checklist

@yctercero yctercero added bug Fixes for quality problems that affect the customer experience release_note:fix Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Feature:Rule Exceptions Security Solution Detection Rule Exceptions area Team:Security Solution Platform Security Solution Platform Team backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) v8.7.0 labels Mar 2, 2023
@yctercero yctercero requested a review from a team as a code owner March 2, 2023 20:53
@yctercero yctercero self-assigned this Mar 2, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@yctercero yctercero enabled auto-merge (squash) March 7, 2023 19:45
@yctercero
Copy link
Contributor Author

@elasticmachine merge upstream

@yctercero
Copy link
Contributor Author

@elasticmachine merge upstream

@yctercero
Copy link
Contributor Author

@elasticmachine merge upstream

@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] Security Solution Tests #4 / Exceptions flyout "after each" hook for "Warns users about mapping conflicts on problematic field selection"

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
lists 153.2KB 153.2KB +3.0B
Unknown metric groups

ESLint disabled line counts

id before after diff
securitySolution 428 430 +2

Total ESLint disabled count

id before after diff
securitySolution 505 507 +2

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @yctercero

@yctercero yctercero merged commit 586f9a1 into elastic:main Mar 8, 2023
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Mar 8, 2023
…stom field option for endpoint exception (elastic#152619)

## Summary

Addresses elastic#149814

(cherry picked from commit 586f9a1)
@kibanamachine
Copy link
Contributor

💚 All backports created successfully

Status Branch Result
8.7

Note: Successful backport PRs will be merged automatically after passing CI.

Questions ?

Please refer to the Backport tool documentation

kibanamachine added a commit that referenced this pull request Mar 8, 2023
… in custom field option for endpoint exception (#152619) (#152882)

# Backport

This will backport the following commits from `main` to `8.7`:
- [[Security Solution][Exceptions] - Fix bug allowing user to type in
custom field option for endpoint exception
(#152619)](#152619)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Yara
Tercero","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-03-08T08:32:16Z","message":"[Security
Solution][Exceptions] - Fix bug allowing user to type in custom field
option for endpoint exception (#152619)\n\n## Summary\r\n\r\nAddresses
https://github.com/elastic/kibana/issues/149814","sha":"586f9a14613ce2f22836affe4c1f6c56181e6836","branchLabelMapping":{"^v8.8.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:
SecuritySolution","Feature:Rule Exceptions","Team:Security Solution
Platform","backport:prev-minor","v8.7.0","v8.8.0"],"number":152619,"url":"https://github.com/elastic/kibana/pull/152619","mergeCommit":{"message":"[Security
Solution][Exceptions] - Fix bug allowing user to type in custom field
option for endpoint exception (#152619)\n\n## Summary\r\n\r\nAddresses
https://github.com/elastic/kibana/issues/149814","sha":"586f9a14613ce2f22836affe4c1f6c56181e6836"}},"sourceBranch":"main","suggestedTargetBranches":["8.7"],"targetPullRequestStates":[{"branch":"8.7","label":"v8.7.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.8.0","labelRegex":"^v8.8.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/152619","number":152619,"mergeCommit":{"message":"[Security
Solution][Exceptions] - Fix bug allowing user to type in custom field
option for endpoint exception (#152619)\n\n## Summary\r\n\r\nAddresses
https://github.com/elastic/kibana/issues/149814","sha":"586f9a14613ce2f22836affe4c1f6c56181e6836"}}]}]
BACKPORT-->

Co-authored-by: Yara Tercero <[email protected]>
bmorelli25 pushed a commit to bmorelli25/kibana that referenced this pull request Mar 10, 2023
…stom field option for endpoint exception (elastic#152619)

## Summary

Addresses elastic#149814
@yctercero yctercero deleted the 149814 branch April 15, 2023 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:prev-minor Backport to (8.x) the previous minor version (i.e. one version back from main) bug Fixes for quality problems that affect the customer experience Feature:Rule Exceptions Security Solution Detection Rule Exceptions area release_note:fix Team:Security Solution Platform Security Solution Platform Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.7.0 v8.8.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants