[Security Solution] [Response Ops] ecsRowData in alerts table improperly formatted #159276
Labels
bug
Fixes for quality problems that affect the customer experience
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
Team:Threat Hunting:Investigations
Security Solution Investigations Team
Kibana version:
8.8+
ecsRowData passed to each row and ultimately to the onClick handler that runs when a user selects "Investigate in Timeline" from an alert row has the kibana.alert.rule.exception_list property formatted very strangely when there is 1 entry in the list, it's an Object who's keys are arrays of 1 string. This makes the code https://github.com/elastic/kibana/blob/051ac85c07bd883550236e6ebca763ef64801507/x-pack/plugins/security_solution/public/detections/components/alerts_table/timeline_actions/use_investigate_in_timeline.tsx#LL72C48-L72C48 here that was working for most of 8.0 no longer function correctly. I'm not sure if the format of the exception list being passed is correct and this code needs to be updated to account for it, or if there's a bug in the logic in
kibana/x-pack/plugins/triggers_actions_ui/public/application/sections/alerts_table/hooks/use_fetch_alerts.tsx
Line 222 in 051ac85
The text was updated successfully, but these errors were encountered: