Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Detections] Associate Endpoint Exceptions List to Rule during rule creation/update #71794

Merged
merged 3 commits into from
Jul 15, 2020

Conversation

rylnd
Copy link
Contributor

@rylnd rylnd commented Jul 15, 2020

Summary

This adds the following:

  • Checkbox to associate/dissociate a given rule with the global exceptions list on create/edit
  • Changes default stacking of the Alerts Histogram to be signal.rule.name
  • Fixes a react warning on the rule creation form(s)

TODO

Followup Actions:

For maintainers

rylnd added 3 commits July 14, 2020 18:29
EuiText generates a div, but this is inside of an EuiCard which is a
paragraph. Defines a span with equivalent styles, instead.
@rylnd rylnd self-assigned this Jul 15, 2020
@rylnd rylnd changed the title [Security Solution][Detections] Associate Endpoint Exceptions List to Rule during rule creation [Security Solution][Detections] Associate Endpoint Exceptions List to Rule during rule creation/update Jul 15, 2020
@rylnd
Copy link
Contributor Author

rylnd commented Jul 15, 2020

@benskelker this adds the "Associate Global Endpoint Exception List" option to rule creation/update.

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Build metrics

‼️ unable to find a baseline build for [master@8da80fe]. Try merging the upstream branch and trying again.

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@rylnd rylnd marked this pull request as ready for review July 15, 2020 01:46
@rylnd rylnd requested review from a team as code owners July 15, 2020 01:46
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@@ -83,7 +83,7 @@ const NO_LEGEND_DATA: LegendItem[] = [];
export const AlertsHistogramPanel = memo<AlertsHistogramPanelProps>(
({
chartHeight,
defaultStackByOption = alertsHistogramOptions[0],
defaultStackByOption = alertsHistogramOptions[8], // signal.rule.name
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! 🙂

Copy link
Member

@spong spong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks for the extra fixes here too @rylnd! 🙂

@rylnd rylnd merged commit cbe8f00 into elastic:master Jul 15, 2020
@rylnd rylnd deleted the associate_endpoint_list_to_rule branch July 15, 2020 02:28
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jul 15, 2020
* master: (82 commits)
  Fixed the spacing of child accordion items for policy response dialog. (elastic#71677)
  [SECURITY] Timeline bug 7.9 (elastic#71748)
  use fixed isChromeVisible method (elastic#71813)
  [SIEM][Detection Engine][Lists] Adds specific endpoint_list REST API and API for abilities to auto-create the endpoint_list if it gets deleted (elastic#71792)
  [test] Skips flaky Saved Objects Management test
  [APM] Remove watcher integration (elastic#71655)
  [APM] Increase `xpack.apm.ui.transactionGroupBucketSize` (elastic#71661)
  [test] Skips Ingest Manager test preventing ES promotion
  [test] Skips flaky detection engine tests
  Revert "re-fix navigate path for master add SAML login to login_page (elastic#71337)"
  [tests] Temporarily skipped Fleet tests
  [test] Skipped monitoring test
  [Security Solution][Detections] Associate Endpoint Exceptions List to Rule during rule creation/update (elastic#71794)
  Add endpoint exception creation API validation (elastic#71791)
  Skip jest tests that timeout waiting for react (elastic#71801)
  [Security Solution][Exceptions] - Adds filtering to endpoint index patterns by exceptional fields (elastic#71757)
  [Reporting] Re-delete a file (elastic#71730)
  [Security Solution] [Detections] Fixes bug for determining when we hit max signals after filtering with lists (elastic#71768)
  [Ingest Manager] Better display of Fleet requirements (elastic#71686)
  [tests] Temporarily skipped to promote snapshot
  ...
cnasikas pushed a commit that referenced this pull request Jul 15, 2020
…ist to Rule during rule creation/update (#71794) (#71806)

Co-authored-by: Elastic Machine <[email protected]>
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
release_note:enhancement Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.9.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants