elastic · nikitaindik · Dec 18, 2024 · Nov 16, 2024 · Nov 17, 2024 · Nov 26, 2024
diff --git a/x-pack/platform/plugins/private/translations/translations/fr-FR.json b/x-pack/platform/plugins/private/translations/translations/fr-FR.json
@@ -37757,7 +37757,6 @@
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdCardinalityFieldLabel": "Compte",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdCardinalityValueFieldLabel": "Valeurs uniques",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdFieldCardinalityFieldHelpText": "Sélectionner un champ pour vérifier la cardinalité",
-    "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdLabel": "Seuil",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ga.enableThresholdSuppressionForFieldsLabel": "Supprimer les alertes par champs sélectionnés : {fieldsString}",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ga.enableThresholdSuppressionLabel": "Supprimer les alertes",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.groupByDurationValueLabel": "Supprimer les alertes pour",

diff --git a/x-pack/platform/plugins/private/translations/translations/ja-JP.json b/x-pack/platform/plugins/private/translations/translations/ja-JP.json
@@ -37615,7 +37615,6 @@
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdCardinalityFieldLabel": "カウント",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdCardinalityValueFieldLabel": "一意の値",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdFieldCardinalityFieldHelpText": "カーディナリティを確認するフィールドを選択します",
-    "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdLabel": "しきい値",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ga.enableThresholdSuppressionForFieldsLabel": "選択したフィールドでアラートを非表示：{fieldsString}",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ga.enableThresholdSuppressionLabel": "アラートを非表示",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.groupByDurationValueLabel": "アラートを非表示",

diff --git a/x-pack/platform/plugins/private/translations/translations/zh-CN.json b/x-pack/platform/plugins/private/translations/translations/zh-CN.json
@@ -37043,7 +37043,6 @@
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdCardinalityFieldLabel": "计数",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdCardinalityValueFieldLabel": "唯一值",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdFieldCardinalityFieldHelpText": "选择字段以检查基数",
-    "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThresholdLabel": "阈值",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ga.enableThresholdSuppressionForFieldsLabel": "对选定字段阻止告警：{fieldsString}",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ga.enableThresholdSuppressionLabel": "阻止告警",
     "xpack.securitySolution.detectionEngine.createRule.stepDefineRule.groupByDurationValueLabel": "阻止以下项的告警",

@@ -0,0 +1,12 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import type { MachineLearningJobId } from '../../../common/api/detection_engine';
+
+export function normalizeMachineLearningJobId(jobId: MachineLearningJobId): string[] {
+  return typeof jobId === 'string' ? [jobId] : jobId;
+}
@@ -0,0 +1,34 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+import { UseField } from '../../../../shared_imports';
+import { AnomalyThresholdSlider } from '../../../rule_creation_ui/components/anomaly_threshold_slider';
+import * as i18n from './translations';
+
+const componentProps = {
+  describedByIds: ['anomalyThreshold'],
+};
+
+interface AnomalyThresholdEditProps {
+  path: string;
+}
+
+export function AnomalyThresholdEdit({ path }: AnomalyThresholdEditProps): JSX.Element {
+  return (
+    <UseField
+      path={path}
+      config={ANOMALY_THRESHOLD_FIELD_CONFIG}
+      component={AnomalyThresholdSlider}
+      componentProps={componentProps}
+    />
+  );
+}
+
+const ANOMALY_THRESHOLD_FIELD_CONFIG = {
+  label: i18n.ANOMALY_THRESHOLD_LABEL,
+};
@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export { AnomalyThresholdEdit } from './anomaly_threshold_edit';
@@ -0,0 +1,15 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { i18n } from '@kbn/i18n';
+
+export const ANOMALY_THRESHOLD_LABEL = i18n.translate(
+  'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldAnomalyThresholdLabel',
+  {
+    defaultMessage: 'Anomaly score threshold',
+  }
+);
@@ -0,0 +1,25 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React from 'react';
+import { EuiButton } from '@elastic/eui';
+import { useKibana } from '../../../../common/lib/kibana';
+import * as i18n from './translations';
+
+export function CreateCustomMlJobButton(): JSX.Element {
+  const { navigateToApp } = useKibana().services.application;
+
+  return (
+    <EuiButton
+      iconType="popout"
+      iconSide="right"
+      onClick={() => navigateToApp('ml', { openInNewTab: true })}
+    >
+      {i18n.CREATE_CUSTOM_JOB_BUTTON_TITLE}
+    </EuiButton>
+  );
+}
@@ -0,0 +1,15 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { i18n } from '@kbn/i18n';
+
+export const CREATE_CUSTOM_JOB_BUTTON_TITLE = i18n.translate(
+  'xpack.securitySolution.detectionEngine.mlSelectJob.createCustomJobButtonTitle',
+  {
+    defaultMessage: 'Create custom job',
+  }
+);
@@ -0,0 +1,8 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+export { MachineLearningJobIdEdit } from './machine_learning_job_id_edit';
@@ -0,0 +1,53 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import React, { useMemo } from 'react';
+import { UseField, fieldValidators } from '../../../../shared_imports';
+import { MlJobSelect } from '../ml_job_select';
+import { useSecurityJobs } from '../../../../common/components/ml_popover/hooks/use_security_jobs';
+import * as i18n from './translations';
+
+interface MachineLearningJobIdEditProps {
+  path: string;
+  shouldShowHelpText?: boolean;
+}
+
+export function MachineLearningJobIdEdit({
+  path,
+  shouldShowHelpText,
+}: MachineLearningJobIdEditProps): JSX.Element {
+  const { loading, jobs } = useSecurityJobs();
+
+  const componentProps = useMemo(
+    () => ({
+      jobs,
+      loading,
+      shouldShowHelpText,
+    }),
+    [jobs, loading, shouldShowHelpText]
+  );
+
+  return (
+    <UseField
+      path={path}
+      config={MACHINE_LEARNING_JOB_ID_FIELD_CONFIG}
+      component={MlJobSelect}
+      componentProps={componentProps}
+    />
+  );
+}
+
+const MACHINE_LEARNING_JOB_ID_FIELD_CONFIG = {
+  label: i18n.MACHINE_LEARNING_JOB_ID_LABEL,
+  validations: [
+    {
+      validator: fieldValidators.emptyField(
+        i18n.MACHINE_LEARNING_JOB_ID_EMPTY_FIELD_VALIDATION_ERROR
+      ),
+    },
+  ],
+};
@@ -0,0 +1,22 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+
+import { i18n } from '@kbn/i18n';
+
+export const MACHINE_LEARNING_JOB_ID_LABEL = i18n.translate(
+  'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldMachineLearningJobIdLabel',
+  {
+    defaultMessage: 'Machine Learning job',
+  }
+);
+
+export const MACHINE_LEARNING_JOB_ID_EMPTY_FIELD_VALIDATION_ERROR = i18n.translate(
+  'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.machineLearningJobIdRequired',
+  {
+    defaultMessage: 'A Machine Learning job is required.',
+  }
+);
@@ -8,15 +8,46 @@
 import React from 'react';
 import { shallow } from 'enzyme';
 import { HelpText } from './help_text';
+import type { SecurityJob } from '../../../../common/components/ml_popover/types';
+
+jest.mock('../../../../common/lib/kibana', () => {
+  return {
+    useKibana: jest.fn().mockReturnValue({
+      services: {
+        application: {
+          getUrlForApp: () => '/app/ml',
+        },
+      },
+    }),
+  };
+});
 
 describe('MlJobSelect help text', () => {
   it('does not show warning if all jobs are running', () => {
-    const wrapper = shallow(<HelpText href={'https://test.com'} notRunningJobIds={[]} />);
+    const jobs = [
+      {
+        id: 'test-id',
+        jobState: 'opened',
+        datafeedState: 'opened',
+      },
+    ] as SecurityJob[];
+    const selectedJobIds = ['test-id'];
+
+    const wrapper = shallow(<HelpText jobs={jobs} selectedJobIds={selectedJobIds} />);
     expect(wrapper.find('[data-test-subj="ml-warning-not-running-jobs"]')).toHaveLength(0);
   });
 
   it('shows warning if there are jobs not running', () => {
-    const wrapper = shallow(<HelpText href={'https://test.com'} notRunningJobIds={['id']} />);
+    const jobs = [
+      {
+        id: 'test-id',
+        jobState: 'closed',
+        datafeedState: 'stopped',
+      },
+    ] as SecurityJob[];
+    const selectedJobIds = ['test-id'];
+
+    const wrapper = shallow(<HelpText jobs={jobs} selectedJobIds={selectedJobIds} />);
     expect(wrapper.find('[data-test-subj="ml-warning-not-running-jobs"]')).toHaveLength(1);
   });
 });