-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] Implement concurrent_searches
and items_per_search
fields diff algorithms
#188061
Comments
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Pinging @elastic/security-solution (Team: SecuritySolution) |
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
@jpdjere Thanks for creating this ticket. One small reminder, please: every ticket in the backlog should have custom fields filled in, because that's what powers all our tabs in the GH project. I moved it to |
@jpdjere is this work still required if we feel these fields should be deprecated? I guess even if they are we'll need to support past versions having it. |
I think this work would be needed no matter what, but what might be a better way forward is to delete the fields from the Right now, I'm not sure we'd need a diff algorithm for it as we will never return the fields in the eyes of the users anyways |
…es` from `upgrade/_review` API endpoint logic (#190440) ## Summary Addresses #188061 Removes the threat match fields `items_per_search` and `concurrent_searches` from the `DiffableRule` type we utilize in the `upgrade/_review` endpoint logic. This omits these fields from the upgrade review workflow as we will never have incoming updates for the fields. ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) --------- Co-authored-by: Elastic Machine <[email protected]>
Closed by #190440 |
Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168
Summary
Implement algorithms for diffing and merging changes in
concurrent_searches
anditems_per_search
fieldsThese two fields require a specialized algorithm because of the following reasons:
/upgrade/_review
endpoint to include the diff calculation for these fields, but they shouldn't show up in the UI, since that would allow the user to customize it via the UI, during the upgrade workflow.ABC
conflict scenario, the value for theconflict
prop for these fields will beNO
. This way we can ensure that these two fields are not displayed in the upgrade workflow UI. The value for themerged_version
should be thecurrent_version
.Context from the Rule Customization RFC:
To do
The text was updated successfully, but these errors were encountered: