Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Support rule snoozing in the Rules table #147735

Closed
banderror opened this issue Dec 18, 2022 · 3 comments
Closed

[Security Solution] Support rule snoozing in the Rules table #147735

banderror opened this issue Dec 18, 2022 · 3 comments
Assignees
@maximpn
Labels
8.8 candidate Feature:Rule Actions Security Solution Detection Rule Actions area Feature:Rule Management Security Solution Detection Rule Management area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@banderror
Copy link
Contributor

Epic: https://github.com/elastic/security-team/issues/5308 (internal)
Depends on: #137430

Summary

#137430 showed that support for rule snoozing could be added to Security Solution using shared components exported from the Alerting Framework. During the code review of this PR, we agreed that the Framework should expose a dedicated HTTP API for bulk fetching the snooze data for multiple rules. We're waiting for the @elastic/response-ops-ram team and @XavierM to finalize this part.

Once this is done and changes on the Framework side are merged, we will take over this work and integrate it into the Rules table.
@banderror banderror added Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Feature:Rule Management Security Solution Detection Rule Management area Team:Detection Rule Management Security Detection Rule Management Team 8.7 candidate labels Dec 18, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@banderror banderror mentioned this issue Dec 18, 2022
Closed
2 tasks
@banderror banderror added the Feature:Rule Actions Security Solution Detection Rule Actions area label Dec 18, 2022
@banderror banderror mentioned this issue Dec 18, 2022
Closed
@maximpn maximpn assigned maximpn and unassigned maximpn Mar 2, 2023
@maximpn maximpn mentioned this issue Mar 10, 2023
Merged
2 tasks
@nastasha-solomon nastasha-solomon mentioned this issue Apr 11, 2023
Closed
7 tasks
maximpn added a commit that referenced this issue Apr 20, 2023
@maximpn
[Security Solution] Support snoozing in rules table (#153083)
0cf7fd1 
**Addresses:** #147735

## Summary

The PR adds an ability to set rule snoozing in the rules management table.

Screen recording:

https://user-images.githubusercontent.com/3775283/229066538-5effc1af-f481-4749-a964-a071c4393c8f.mov

### Checklist

- [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
@maximpn maximpn mentioned this issue Apr 20, 2023
Closed
@banderror
Copy link
Contributor Author

Implemented in #153083

@maximpn maximpn mentioned this issue May 22, 2023
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@maximpn maximpn

Labels
8.8 candidate Feature:Rule Actions Security Solution Detection Rule Actions area Feature:Rule Management Security Solution Detection Rule Management area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@maximpn @banderror @elasticmachine @ARWNightingale