-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] Add threshold
, machine_learning_job_id
and anomaly_threshold
editable fields
#200323
[Security Solution] Add threshold
, machine_learning_job_id
and anomaly_threshold
editable fields
#200323
Conversation
c195e14
to
ff1858e
Compare
ff1858e
to
d13fb76
Compare
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Pinging @elastic/security-solution (Team: SecuritySolution) |
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
f198cad
to
b6a9d92
Compare
I guess, it's my bias. That's the default width I use for browsing. It takes half of a 27-inch screen.
I've prepared deployments for you folks, so you can see how it behaves. You can use a rule called Potential LSASS Memory Dump via PssCaptureSnapShot in both deployments. Try resizing the window with this rule open in Rule editing page and in the Upgrade flyout to see the difference. With default styles: (link) With styles from this branch: (link) Looking forward to your feedback! |
Hey @nikitaindik, I dont mind the new width but do not particularly like the error message and the way it bumps things down that sways me to the narrower field approach. |
@vitaliidm @ARWNightingale Hey folks, I've simplified the styling a bit, removed reliance on constants, and ensured that the error text doesn't shrink. Here's how it looks: rep.movflyout.movWhat do you think? |
@nikitaindik looks great! thanks |
Screen.Recording.2024-12-18.at.12.05.26.movI have noticed when number input changes status from invalid to valid and vice versa, cursor position changes automatically due to error message appearing and disappearing. @ARWNightingale, what your thoughts on this? Should we leave it as it is now? |
@vitaliidm I dont like it to be honest, I did not notice that quick shift, ideally no movement would be best. Maybe that requires a little more room or a shorter error message? |
@ARWNightingale @vitaliidm Since error message can have different length in different languages, I guess our options are: Have a fixed size for number inputs, but it'll cause text to wrap (which is fine, imo) Schermopname.2024-12-18.om.17.15.45.movLimit the width of dropdowns to have some space left over for number inputs to expand Schermopname.2024-12-18.om.17.18.29.movThe downside with these options is that ideally we want to have as much width as possible for the dropdown since field names can be quite long. Schermopname.2024-12-18.om.17.24.11.mov |
@nikitaindik Im happy with the small drop and text wrap, I dont see this as a major UX issue. |
@vitaliidm I pushed the change, please take a look. |
@nikitaindik, I am approving this PR But before merge, let's address ML change too: Custom job button located far away on the right side of column, which does not look good Old UINew UI |
@vitaliidm Thanks for the review! 🙏 I've addressed your last comment about the spacing for ML button before merging. |
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
History
cc @nikitaindik |
Starting backport for target branches: 8.x https://github.com/elastic/kibana/actions/runs/12401252816 |
💔 All backports failed
Manual backportTo create the backport manually run:
Questions ?Please refer to the Backport tool documentation |
…nomaly_threshold` editable fields (elastic#200323) **Partially addresses: elastic#171520 ## Summary **Changes in this PR**: - `threshold` and `machine_learning_job_id`, `anomaly_threshold` are now editable in the Rule Upgrade flyout <img width="1840" alt="Schermafbeelding 2024-11-26 om 08 59 24" src="https://github.com/user-attachments/assets/b76ef89b-8051-4eba-8d67-9e86a0408e83"> ### Testing - Ensure the `prebuiltRulesCustomizationEnabled` feature flag is enabled. - To simulate the availability of prebuilt rule upgrades, downgrade a currently installed prebuilt rule using the `PATCH api/detection_engine/rules` API. - Set `version: 1` in the request body to downgrade it to version 1. - Modify other rule fields in the request body as needed to test the changes. (cherry picked from commit 042344e)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
…and `anomaly_threshold` editable fields (#200323) (#204840) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Add `threshold`, `machine_learning_job_id` and `anomaly_threshold` editable fields (#200323)](#200323) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Nikita Indik","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-12-18T21:01:57Z","message":"[Security Solution] Add `threshold`, `machine_learning_job_id` and `anomaly_threshold` editable fields (#200323)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\n\n## Summary\n**Changes in this PR**:\n- `threshold` and `machine_learning_job_id`, `anomaly_threshold` are now\neditable in the Rule Upgrade flyout\n\n<img width=\"1840\" alt=\"Schermafbeelding 2024-11-26 om 08 59 24\"\nsrc=\"https://github.com/user-attachments/assets/b76ef89b-8051-4eba-8d67-9e86a0408e83\">\n\n\n### Testing\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is\nenabled.\n- To simulate the availability of prebuilt rule upgrades, downgrade a\ncurrently installed prebuilt rule using the `PATCH\napi/detection_engine/rules` API.\n - Set `version: 1` in the request body to downgrade it to version 1.\n- Modify other rule fields in the request body as needed to test the\nchanges.","sha":"042344e27db3b9ae07f5af3b7b1840105afc2a5b","branchLabelMapping":{"^v9.0.0$":"main","^v8.18.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","ci:cloud-deploy","ci:project-deploy-security","backport:version","v8.18.0"],"number":200323,"url":"https://github.com/elastic/kibana/pull/200323","mergeCommit":{"message":"[Security Solution] Add `threshold`, `machine_learning_job_id` and `anomaly_threshold` editable fields (#200323)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\n\n## Summary\n**Changes in this PR**:\n- `threshold` and `machine_learning_job_id`, `anomaly_threshold` are now\neditable in the Rule Upgrade flyout\n\n<img width=\"1840\" alt=\"Schermafbeelding 2024-11-26 om 08 59 24\"\nsrc=\"https://github.com/user-attachments/assets/b76ef89b-8051-4eba-8d67-9e86a0408e83\">\n\n\n### Testing\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is\nenabled.\n- To simulate the availability of prebuilt rule upgrades, downgrade a\ncurrently installed prebuilt rule using the `PATCH\napi/detection_engine/rules` API.\n - Set `version: 1` in the request body to downgrade it to version 1.\n- Modify other rule fields in the request body as needed to test the\nchanges.","sha":"042344e27db3b9ae07f5af3b7b1840105afc2a5b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","labelRegex":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/200323","number":200323,"mergeCommit":{"message":"[Security Solution] Add `threshold`, `machine_learning_job_id` and `anomaly_threshold` editable fields (#200323)\n\n**Partially addresses: https://github.com/elastic/kibana/issues/171520**\n\n## Summary\n**Changes in this PR**:\n- `threshold` and `machine_learning_job_id`, `anomaly_threshold` are now\neditable in the Rule Upgrade flyout\n\n<img width=\"1840\" alt=\"Schermafbeelding 2024-11-26 om 08 59 24\"\nsrc=\"https://github.com/user-attachments/assets/b76ef89b-8051-4eba-8d67-9e86a0408e83\">\n\n\n### Testing\n- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is\nenabled.\n- To simulate the availability of prebuilt rule upgrades, downgrade a\ncurrently installed prebuilt rule using the `PATCH\napi/detection_engine/rules` API.\n - Set `version: 1` in the request body to downgrade it to version 1.\n- Modify other rule fields in the request body as needed to test the\nchanges.","sha":"042344e27db3b9ae07f5af3b7b1840105afc2a5b"}},{"branch":"8.x","label":"v8.18.0","labelRegex":"^v8.18.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
…nomaly_threshold` editable fields (elastic#200323) **Partially addresses: elastic#171520 ## Summary **Changes in this PR**: - `threshold` and `machine_learning_job_id`, `anomaly_threshold` are now editable in the Rule Upgrade flyout <img width="1840" alt="Schermafbeelding 2024-11-26 om 08 59 24" src="https://github.com/user-attachments/assets/b76ef89b-8051-4eba-8d67-9e86a0408e83"> ### Testing - Ensure the `prebuiltRulesCustomizationEnabled` feature flag is enabled. - To simulate the availability of prebuilt rule upgrades, downgrade a currently installed prebuilt rule using the `PATCH api/detection_engine/rules` API. - Set `version: 1` in the request body to downgrade it to version 1. - Modify other rule fields in the request body as needed to test the changes.
Partially addresses: #171520
Summary
Changes in this PR:
threshold
andmachine_learning_job_id
,anomaly_threshold
are now editable in the Rule Upgrade flyoutTesting
prebuiltRulesCustomizationEnabled
feature flag is enabled.PATCH api/detection_engine/rules
API.version: 1
in the request body to downgrade it to version 1.