[Security Solutions][Detections] - Fix bug, last response not showing for disabled rules #81783
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
yctercero
added
Feature:Detection Rules
|
Pinging @elastic/siem (Team:SIEM) |
yctercero
commented
Oct 27, 2020
| @@ -74,7 +75,7 @@ export const transformValidateBulkError = ( | |||
| ruleId: string, | |||
| alert: PartialAlert, | |||
| ruleActions?: RuleActions | null, | |||
| ruleStatus?: unknown | |||
| ruleStatus?: SavedObjectsFindResponse<IRuleStatusSOAttributes> | |||
There was a problem hiding this comment.
This wasn't typed because some areas were passing through ruleStatuses.saved_objects[0] and some were passing ruleStatuses. Added the correct type and adjusted use cases so they all just pass in ruleStatuses since we were already making checks within for the existence of .saved_objects[0] .
There was a problem hiding this comment.
Yeah, I think the pattern from Kibana core/other areas go:
- They don't have types or use any or unknown, so let's use unknown for now/cast.
- Later someone adds templates, types, such as
SavedObjectsFindResponse - Someone else looks at our code and says, "lol, why you using
unknownhere, let me change that"
So thank you very much. This looks better.
|
@elasticmachine merge upstream |
x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/validate.test.ts
Outdated
Show resolved
Hide resolved
| }, | ||
| rule_id: 'rule-1', | ||
| }; | ||
| expect(validatedOrError).toEqual(expected); |
There was a problem hiding this comment.
nit: Through out this test I would recommend just weakening your types to avoid the ts-expect-error (but I do appreciate you using ts-expect-error 👍 like so:
test('it should return error object if "alert" is not expected alert type', () => {
const { alertTypeId, ...ruleAlert } = getResult();
const validatedOrError = transformValidateBulkError('rule-1', ruleAlert);
const expected: BulkError = {
error: {
message: 'Internal error transforming',
status_code: 500,
},
rule_id: 'rule-1',
};
expect(validatedOrError).toEqual(expected);
});Either way works, I mostly use this way to avoid the newer TS errors on deleting things that used to not be there.
FrankHassanabad
approved these changes
Oct 27, 2020
|
@elasticmachine merge upstream |
|
@elasticmachine merge upstream |
💚 Build SucceededMetrics [docs]async chunks size
History
To update your PR or re-run it, just comment with: |
yctercero
added a commit
to yctercero/kibana
that referenced
this pull request
Oct 28, 2020
… for disabled rules (elastic#81783) ## Summary **Bug fix addressed in this PR:** - fixes elastic#63203 - in the backend, we were only fetching status data for enabled rules, changed to fetch status data regardles of whether rule is enabled or disabled
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Oct 28, 2020
…kibana into task-manager/lost-connectivity * 'task-manager/lost-connectivity' of github.com:gmmorris/kibana: skips overview tests (elastic#81877) [Security Solution][Case] Fix connector's labeling (elastic#81824) [Maps] Fix EMS test (elastic#81856) [Security Solutions][Detections] - Fix bug, last response not showing for disabled rules (elastic#81783) skip flaky suite (elastic#81853) Add tsconfig for url_forwarding (elastic#81177) skip flaky suite (elastic#81844) check for server enabled (elastic#81818) [Seurity Solution][Case] Create case plugin client (elastic#81018) [Security Solutions][Detection Engine] Changes wording for threat matches and rules (elastic#81334) [Security Solution] critical pref bug with browser fields reducer
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Oct 29, 2020
…kibana into alerts/convert-to-tm-intervals * 'alerts/convert-to-tm-intervals' of github.com:gmmorris/kibana: (88 commits) fixed jest APM Experiments settings (elastic#81554) [Resolver] Enable resolver test plugin tests (elastic#81339) Add TS project references for inspector (elastic#81792) Add uri decode to es_ui_shared and fix navigation issues with special characters (elastic#80835) [Fleet] Rename ingestManager translations fleet (elastic#81837) [Logs UI] Transmit and render array field values in log entries (elastic#81385) Audit Logging: use the original url (elastic#81282) [User experience] Fix JS error rate (elastic#81512) [UX] Add median/percentile info in titles (elastic#79824) Support export for SO with circular refs (elastic#81582) Get rid of global types (elastic#81739) [APM] Fix precommit script (elastic#81594) skips overview tests (elastic#81877) [Security Solution][Case] Fix connector's labeling (elastic#81824) Added simple test, which only covers successful case when edit happened right after task was complete previous execution [Maps] Fix EMS test (elastic#81856) [Security Solutions][Detections] - Fix bug, last response not showing for disabled rules (elastic#81783) skip flaky suite (elastic#81853) Fixed type checks and unit tests ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Bug fix addressed in this PR:
Example of bug
Example of fix
Checklist