[Security Solution] Changes coverage overview subtechnique display to base off active filters #170988
Conversation
dplumlee
added
release_note:skip
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
@elasticmachine merge upstream |
banderror
added
bug
|
@elasticmachine merge upstream |
1 similar comment
|
@elasticmachine merge upstream |
| ...getMockCoverageOverviewMitreTechnique(), | ||
| subtechniques: [ | ||
| getMockCoverageOverviewMitreSubTechnique(), | ||
| { ...getMockCoverageOverviewMitreSubTechnique(), id: 'test-id' }, |
There was a problem hiding this comment.
I think these tests need some refactoring later. The functions that create mocks are not parameterized and return implicit data. This means that we set the frontend-side CoverageOverview model in these tests implicitly, while the assertions are explicit. It's hard to read such tests because you always need to jump to the mock functions implementation and compare it with the assertions. Also, it makes the tests setup too rigid and we're probably missing a few tests cases because of that. For example, the mock data makes the same rule both enabled and disabled at the same time, which is 1) incorrect and 2) we need to test more than one rule mapped to the same technique through 2 or more tactics, and also test different combinations of these rules being enabled and disabled.
I'm not suggesting to address this in this PR, but this is something to work on later when we get back to working on the next milestone for the Coverage epic.
..._solution/public/detection_engine/rule_management_ui/pages/coverage_overview/helpers.test.ts
Outdated
Show resolved
Hide resolved
...urity_solution/public/detection_engine/rule_management_ui/pages/coverage_overview/helpers.ts
Outdated
Show resolved
Hide resolved
dplumlee
force-pushed
the
coverage-overview-subtechnique-filter
branch
from
45f4584 to
05b4fbc
Compare
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Module Count
Async chunks
History
To update your PR or re-run it, just comment with: cc @dplumlee |
… base off active filters (elastic#170988) (cherry picked from commit 87ec144)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
…play to base off active filters (elastic#170988) (elastic#171230) # Backport This will backport the following commits from `main` to `8.11`: - [[Security Solution] Changes coverage overview subtechnique display to base off active filters (elastic#170988)](elastic#170988) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Davis Plumlee","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-11-14T19:04:09Z","message":"[Security Solution] Changes coverage overview subtechnique display to base off active filters (elastic#170988)","sha":"87ec1440dcc1d25938795925237ca5194ee6551e","branchLabelMapping":{"^v8.12.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","impact:medium","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Management","Team:Detection Rule Management","v8.12.0","v8.11.2"],"number":170988,"url":"https://github.com/elastic/kibana/pull/170988","mergeCommit":{"message":"[Security Solution] Changes coverage overview subtechnique display to base off active filters (elastic#170988)","sha":"87ec1440dcc1d25938795925237ca5194ee6551e"}},"sourceBranch":"main","suggestedTargetBranches":["8.11"],"targetPullRequestStates":[{"branch":"main","label":"v8.12.0","labelRegex":"^v8.12.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/170988","number":170988,"mergeCommit":{"message":"[Security Solution] Changes coverage overview subtechnique display to base off active filters (elastic#170988)","sha":"87ec1440dcc1d25938795925237ca5194ee6551e"}},{"branch":"8.11","label":"v8.11.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Davis Plumlee <[email protected]>
|
Hi @dplumlee we have validated this issue and found the issue to be fixed on 8.11.2 ✔️ . Now rule details are showing as per the current page filter set. Build details: Observations:
test.mp4
only_disabled.mp4
both.mp4Hence we are adding "QA:Validated" tag to it. thanks !! |
ghost
added
the
Fixes: #170945
Summary
Changes our sub-technique display logic to no longer just represent the enabled rules, but all rules that fall under the current page filters - similar to our tile coloring logic.
Screenshots
When only enabled filter is active
When enabled and disabled filters are active
Checklist
Delete any items that are not applicable to this PR.
For maintainers