Skip to content

[Security Solution][Exceptions] - Update rule.exceptions_list to include exception list list_id #73349

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Jul 29, 2020
Merged

[Security Solution][Exceptions] - Update rule.exceptions_list to include exception list list_id #73349

merged 13 commits into from
Jul 29, 2020

Conversation

@yctercero
Copy link
Contributor

@yctercero yctercero commented Jul 27, 2020
edited
Loading

Summary

This PR addresses the following:

  • Adds list_id to rule.exceptions_list - this is needed in a number of features
  • Updated getExceptions in x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts to use the latest exception item find endpoint that accepts an array of lists (previously was looping through lists and conducting a find for each)
  • Updated prepackaged rule that makes reference to global endpoint list to include list_id
  • Updates formatAboutStepData in x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts to include exception list list_id

Checklist

For maintainers

  • This was checked for breaking API changes and was labeled appropriately
    • This is a breaking change, however, it is breaking for functionality not yet in prod

@yctercero yctercero requested review from a team as code owners July 27, 2020 20:28
@yctercero yctercero self-assigned this Jul 27, 2020
@elasticmachine
Copy link
Contributor

elasticmachine commented Jul 27, 2020

Pinging @elastic/siem (Team:SIEM)

peluja1012
peluja1012 approved these changes Jul 27, 2020
View reviewed changes
Copy link
Contributor

@peluja1012 peluja1012 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@yctercero
Copy link
Contributor Author

yctercero commented Jul 28, 2020

@elasticmachine merge upstream

@yctercero
Copy link
Contributor Author

yctercero commented Jul 28, 2020

@elasticmachine merge upstream

@yctercero
Copy link
Contributor Author

yctercero commented Jul 28, 2020

@elasticmachine merge upstream

@yctercero
Copy link
Contributor Author

yctercero commented Jul 28, 2020

@elasticmachine merge upstream

@yctercero
Copy link
Contributor Author

yctercero commented Jul 28, 2020

@elasticmachine merge upstream

@yctercero
Copy link
Contributor Author

yctercero commented Jul 28, 2020

@elasticmachine merge upstream

@yctercero
Copy link
Contributor Author

yctercero commented Jul 29, 2020

@elasticmachine merge upstream

@elasticmachine
Copy link
Contributor

elasticmachine commented Jul 29, 2020

merge conflict between base and head

@yctercero
Copy link
Contributor Author

yctercero commented Jul 29, 2020

Ran the failing cypress test locally and it's passing. Just hoping that this next one goes green 🤞

@kibanamachine
Copy link
Contributor

kibanamachine commented Jul 29, 2020

💚 Build Succeeded

Build metrics

async chunks size

id value diff baseline
securitySolution 7.3MB +113.0B 7.3MB

page load bundle size

id value diff baseline
securitySolution 870.0KB +111.0B 869.9KB

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@yctercero yctercero merged commit e645732 into elastic:master Jul 29, 2020
@yctercero yctercero mentioned this pull request Jul 29, 2020
Merged
yctercero added a commit to yctercero/kibana that referenced this pull request Jul 29, 2020
@yctercero
[Security Solution][Exceptions] - Update rule.exceptions_list to incl…
6eae975 
…ude exception list list_id (elastic#73349)

## Summary

This PR addresses the following:
- Adds `list_id` to `rule.exceptions_list` - this is needed in a number of features
- Updated `getExceptions` in `x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts` to use the latest exception item find endpoint that accepts an array of lists (previously was looping through lists and conducting a `find` for each)
- Updated prepackaged rule that makes reference to global endpoint list to include `list_id`
- Updates `formatAboutStepData` in `x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts` to include exception list `list_id`
yctercero added a commit to yctercero/kibana that referenced this pull request Jul 29, 2020
@yctercero
[Security Solution][Exceptions] - Update rule.exceptions_list to incl…
5c9b87d 
…ude exception list list_id (elastic#73349)

## Summary

This PR addresses the following:
- Adds `list_id` to `rule.exceptions_list` - this is needed in a number of features
- Updated `getExceptions` in `x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts` to use the latest exception item find endpoint that accepts an array of lists (previously was looping through lists and conducting a `find` for each)
- Updated prepackaged rule that makes reference to global endpoint list to include `list_id`
- Updates `formatAboutStepData` in `x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts` to include exception list `list_id`
@yctercero yctercero mentioned this pull request Jul 29, 2020
Merged
spong pushed a commit that referenced this pull request Jul 29, 2020
@yctercero
[Security Solution][Exceptions] - Update rule.exceptions_list to incl…
96885f4 
…ude exception list list_id (#73349) (#73617)

## Summary

This PR addresses the following:
- Adds `list_id` to `rule.exceptions_list` - this is needed in a number of features
- Updated `getExceptions` in `x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts` to use the latest exception item find endpoint that accepts an array of lists (previously was looping through lists and conducting a `find` for each)
- Updated prepackaged rule that makes reference to global endpoint list to include `list_id`
- Updates `formatAboutStepData` in `x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts` to include exception list `list_id`
spong pushed a commit that referenced this pull request Jul 29, 2020
@yctercero
[Security Solution][Exceptions] - Update rule.exceptions_list to incl…
5e51c4b 
…ude exception list list_id (#73349) (#73616)

## Summary

This PR addresses the following:
- Adds `list_id` to `rule.exceptions_list` - this is needed in a number of features
- Updated `getExceptions` in `x-pack/plugins/security_solution/server/lib/detection_engine/signals/utils.ts` to use the latest exception item find endpoint that accepts an array of lists (previously was looping through lists and conducting a `find` for each)
- Updated prepackaged rule that makes reference to global endpoint list to include `list_id`
- Updates `formatAboutStepData` in `x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts` to include exception list `list_id`
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jul 29, 2020
@gmmorris
Merge branch 'master' into task-manager/fix-flaky-test
8764243 
* master: (126 commits)
  [ML] Disabling ML if license feature is disabled (elastic#73187)
  [ML] Fixing old _xpack style es endpoint paths (elastic#73667)
  [DOCS] [Lens] 7.9 docs refresh (elastic#72301)
  [ML] DF Analytics results: ensure `View` link is only enabled when job has successfully completed (elastic#73539)
  Set timeRange to default to trigger the error message (elastic#73629)
  [ML] Functional tests - stabilize DFA navigation and index pattern handling (elastic#73660)
  [ILM] Add links to "Snapshot and Restore" from ILM "wait for snapshot policy" (elastic#72473)
  [kbn-storybook] Update Storybook to 5.3.19 (elastic#73320)
  [Metrics UI] Fix hasData call to ensure it has data not just indices (elastic#72969)
  [Uptime] Use `service.name` to link from Uptime -> APM where available (elastic#73618)
  allow others to update `URL.revokeObjectURL` property if needed (elastic#73639)
  regen docs (elastic#73650)
  [Visualize] Fix inspector download filename issue when saving in-place (elastic#72605)
  [Data] Query Input String manager (elastic#72093)
  [Security Solutions] Add tooltips (elastic#73436)
  Do not render descriptionless actions within an EuiCard (elastic#73611)
  [Security Solution][Detections] Value Lists Modal supports multiple exports (elastic#73532)
  [Security Solution][Resolver] Handle disabled process collection (elastic#73592)
  [Security_Solution][Bug] Fix user name/domain to ECS structure (elastic#73530)
  [Security Solution][Exceptions] - Update rule.exceptions_list to include exception list list_id (elastic#73349)
  ...
@yctercero yctercero deleted the exceptions_rule branch October 14, 2020 12:00
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

elasticmachine commented Sep 23, 2021

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@peluja1012 peluja1012 peluja1012 approved these changes

+2 more reviewers

@madirey madirey madirey approved these changes

@rw-access rw-access rw-access approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@yctercero yctercero

Labels

release_note:enhancement Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.9.0 v7.10.0 v8.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@yctercero @elasticmachine @kibanamachine @madirey @peluja1012 @rw-access @MindyRS