Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution][Detection Rules] Update prebuilt rule threats to match schema #92281

Merged
merged 7 commits into from
Feb 24, 2021
Merged

[Security Solution][Detection Rules] Update prebuilt rule threats to match schema #92281

merged 7 commits into from
Feb 24, 2021

Conversation

dplumlee
Copy link
Contributor

@dplumlee dplumlee commented Feb 22, 2021
edited
Loading

Summary

Addresses #87546

Updates the rule schema to reflect the frontend validation of threat technique field being made optional.

As per some discussion, we're planning on updating the prebuilt rule files with some refactoring being done after the 7.13 release but this will make it so when the detection rules team updates their generated rules, they should work out of the box whenever the time comes

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@dplumlee dplumlee added v8.0.0 release_note:skip Skip the PR/issue when compiling release notes Feature:Detection Rules Security Solution rules and Detection Engine v7.12.0 Team:Detections and Resp Security Detection Response Team v7.13.0 labels Feb 22, 2021
@dplumlee dplumlee self-assigned this Feb 22, 2021
@dplumlee dplumlee marked this pull request as ready for review February 23, 2021 00:21
@dplumlee dplumlee requested a review from a team as a code owner February 23, 2021 00:21
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@brokensound77 brokensound77 mentioned this pull request Feb 23, 2021
Closed
@dplumlee
Copy link
Contributor Author

@elasticmachine merge upstream

FrankHassanabad
FrankHassanabad approved these changes Feb 24, 2021
View reviewed changes
Copy link
Contributor

@FrankHassanabad FrankHassanabad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great. Simple straight forward, easy to read. LGTM

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 7.7MB 7.7MB +848.0B

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 234.7KB 234.9KB +148.0B

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @dplumlee

@dplumlee dplumlee merged commit 3471eaa into elastic:master Feb 24, 2021
This was referenced Feb 24, 2021
Merged
Merged
dplumlee added a commit to dplumlee/kibana that referenced this pull request Feb 24, 2021
@dplumlee
[Security Solution][Detection Rules] Update prebuilt rule threats to …
a821346 
…match schema (elastic#92281)
@dplumlee dplumlee deleted the update-prebuilt-rule-threats branch February 24, 2021 22:20
dplumlee added a commit that referenced this pull request Feb 25, 2021
@dplumlee
[Security Solution][Detection Rules] Update prebuilt rule threats to …
6df8d65 
…match schema (#92281) (#92721)
gmmorris added a commit to gmmorris/kibana that referenced this pull request Feb 25, 2021
@gmmorris
Merge branch 'master' into task-manager/docs-monitoring
226deae 
* master: (38 commits)
  Fixes Cypress flake by adding pipe, click, and should (elastic#92762)
  [Discover] Fix filtering selected sidebar fields (elastic#91828)
  [ML] Fixes positions of calendar arrow buttons in start datafeed modal (elastic#92625)
  [dev/build_ts_refs] check that commit in outDirs matches mergeBase (elastic#92513)
  add dep on `@kbn/config` so it is built first
  [Expressions] [Lens] Add id and copyMetaFrom arg to mapColumn fn + add configurable onError argument to math fn (elastic#90481)
  [Lens] Fix Workspace hidden when using Safari (elastic#92616)
  [Lens] Fixes vertical alignment validation messages (elastic#91878)
  forbid x-elastic-product-origin header in elasticsearch configuration (elastic#92359)
  [Security Solution][Detections] Set default indicator path to reduce friction with new filebeat modules (elastic#92081)
  [ILM][Accessibility] Added A11y test for ILM new policy form. (elastic#92570)
  [Security Solution][Exceptions] - Fixes exceptions builder UI where invalid values can cause overwrites of other values (elastic#90634)
  Automatically generated Api documentation (elastic#86232)
  Increase index pattern select limit to 1000 (elastic#92093)
  [core.logging] Add RewriteAppender for filtering LogMeta. (elastic#91492)
  [Security Solution][Detection Rules] Update prebuilt rule threats to match schema (elastic#92281)
  [Security Solutions][Detection Engine] Fixes bug with not being able to duplicate indicator matches (elastic#92565)
  [Dashboard] Export appropriate references from byValue panels (elastic#91567)
  [Upgrade Assistant] Align code between branches (elastic#91862)
  [Security Solution][Case] Fix alerts push (elastic#91638)
  ...
dplumlee added a commit that referenced this pull request Feb 25, 2021
@dplumlee @kibanamachine
[Security Solution][Detection Rules] Update prebuilt rule threats to …
562c444 
…match schema (#92281) (#92722)

Co-authored-by: Kibana Machine <[email protected]>
@peluja1012 peluja1012 mentioned this pull request Feb 26, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FrankHassanabad FrankHassanabad FrankHassanabad approved these changes

Assignees

@dplumlee dplumlee

Labels
Feature:Detection Rules Security Solution rules and Detection Engine release_note:skip Skip the PR/issue when compiling release notes Team:Detections and Resp Security Detection Response Team v7.12.0 v7.13.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dplumlee @elasticmachine @kibanamachine @FrankHassanabad