[Security Solution][Detections] Disable exceptions for Threshold and ML rules #72137
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is very similar to isMlRule, which is already used extensively and lives at this level.
The fullWidth and isDisabled props were not used; what we want is disabled.
This removes the AdvancedSettingsAccordion in favor of a plain EuiAccordion with buttonContent, as that seems to be all that's needed here.
These rule types do not currently support exceptions.
Unused import
💚 Build SucceededBuild metricsasync chunks size
History
To update your PR or re-run it, just comment with: |
|
Pinging @elastic/siem (Team:SIEM) |
rylnd
added a commit
to rylnd/kibana
that referenced
this pull request
Jul 17, 2020
…ML rules (elastic#72137) * Move isThresholdRule predicate into our common folder This is very similar to isMlRule, which is already used extensively and lives at this level. * Disable endpoint association checkbox for ML and Threshold rules The fullWidth and isDisabled props were not used; what we want is disabled. * Fix react warning about nesting buttons This removes the AdvancedSettingsAccordion in favor of a plain EuiAccordion with buttonContent, as that seems to be all that's needed here. * Disable Exceptions tab on Details for ML or Threshold rules These rule types do not currently support exceptions. * Fix type error Unused import
rylnd
added a commit
to rylnd/kibana
that referenced
this pull request
Jul 17, 2020
…ML rules (elastic#72137) * Move isThresholdRule predicate into our common folder This is very similar to isMlRule, which is already used extensively and lives at this level. * Disable endpoint association checkbox for ML and Threshold rules The fullWidth and isDisabled props were not used; what we want is disabled. * Fix react warning about nesting buttons This removes the AdvancedSettingsAccordion in favor of a plain EuiAccordion with buttonContent, as that seems to be all that's needed here. * Disable Exceptions tab on Details for ML or Threshold rules These rule types do not currently support exceptions. * Fix type error Unused import
rylnd
added a commit
that referenced
this pull request
Jul 17, 2020
…ML rules (#72137) (#72218) * Move isThresholdRule predicate into our common folder This is very similar to isMlRule, which is already used extensively and lives at this level. * Disable endpoint association checkbox for ML and Threshold rules The fullWidth and isDisabled props were not used; what we want is disabled. * Fix react warning about nesting buttons This removes the AdvancedSettingsAccordion in favor of a plain EuiAccordion with buttonContent, as that seems to be all that's needed here. * Disable Exceptions tab on Details for ML or Threshold rules These rule types do not currently support exceptions. * Fix type error Unused import
rylnd
added a commit
that referenced
this pull request
Jul 17, 2020
…ML rules (#72137) (#72217) * Move isThresholdRule predicate into our common folder This is very similar to isMlRule, which is already used extensively and lives at this level. * Disable endpoint association checkbox for ML and Threshold rules The fullWidth and isDisabled props were not used; what we want is disabled. * Fix react warning about nesting buttons This removes the AdvancedSettingsAccordion in favor of a plain EuiAccordion with buttonContent, as that seems to be all that's needed here. * Disable Exceptions tab on Details for ML or Threshold rules These rule types do not currently support exceptions. * Fix type error Unused import
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Jul 17, 2020
* master: (214 commits) replacing hard coded links for ela.st (elastic#72240) skip flaky suite (elastic#60865) chore(NA): teardown dynamic dll plugin (elastic#72096) Register navLink actions for declared applications (elastic#72109) Fix value for process.hash.sha256 draggable (elastic#72142) Call setupIngest before fleet_install tests (elastic#72214) [Security Solution][Detections] Better toast errors (elastic#72205) skip flaky suite (elastic#64696) [Security Solution][Detections] Disable exceptions for Threshold and ML rules (elastic#72137) [Security Solution][Detections,Lists] Miscellaneous post-FF fixes (elastic#71990) [baseline/capture] use high-memory nodes with ramDisks (elastic#71894) skip flaky suite (elastic#77207) [Maps] Fix issue preventing TMS from rendering correctly (elastic#71946) using test_user with minimum privs (elastic#71988) Fixed Webhook connector doesn't retain added HTTP header settings (elastic#71924) [Ingest Manager] Do not show enrolling and unenrolling agents as online in agent counters (elastic#71921) [Maps] fix 'New Map' from getting added to recently accessed (elastic#72125) [Visualizations] Pass 'aggs' parameter to custom request handlers (elastic#71423) [Monitoring] Out of the box alert tweaks (elastic#71942) [ML] Fix datafeed start time is incorrect when the job has trailing empty buckets (elastic#71976) ...
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Jul 17, 2020
* master: (55 commits) updates 'External alerts' tab text (elastic#72237) [Security Solution][Case] Fix connector's dropdown with conflicting requests (elastic#72037) replacing hard coded links for ela.st (elastic#72240) skip flaky suite (elastic#60865) chore(NA): teardown dynamic dll plugin (elastic#72096) Register navLink actions for declared applications (elastic#72109) Fix value for process.hash.sha256 draggable (elastic#72142) Call setupIngest before fleet_install tests (elastic#72214) [Security Solution][Detections] Better toast errors (elastic#72205) skip flaky suite (elastic#64696) [Security Solution][Detections] Disable exceptions for Threshold and ML rules (elastic#72137) [Security Solution][Detections,Lists] Miscellaneous post-FF fixes (elastic#71990) [baseline/capture] use high-memory nodes with ramDisks (elastic#71894) skip flaky suite (elastic#77207) [Maps] Fix issue preventing TMS from rendering correctly (elastic#71946) using test_user with minimum privs (elastic#71988) Fixed Webhook connector doesn't retain added HTTP header settings (elastic#71924) [Ingest Manager] Do not show enrolling and unenrolling agents as online in agent counters (elastic#71921) [Maps] fix 'New Map' from getting added to recently accessed (elastic#72125) [Visualizations] Pass 'aggs' parameter to custom request handlers (elastic#71423) ...
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Jul 17, 2020
…feature-privileges * alerting/consumer-based-rbac: (56 commits) take into account which features available in the active space updates 'External alerts' tab text (elastic#72237) [Security Solution][Case] Fix connector's dropdown with conflicting requests (elastic#72037) replacing hard coded links for ela.st (elastic#72240) skip flaky suite (elastic#60865) chore(NA): teardown dynamic dll plugin (elastic#72096) Register navLink actions for declared applications (elastic#72109) Fix value for process.hash.sha256 draggable (elastic#72142) Call setupIngest before fleet_install tests (elastic#72214) [Security Solution][Detections] Better toast errors (elastic#72205) skip flaky suite (elastic#64696) [Security Solution][Detections] Disable exceptions for Threshold and ML rules (elastic#72137) [Security Solution][Detections,Lists] Miscellaneous post-FF fixes (elastic#71990) [baseline/capture] use high-memory nodes with ramDisks (elastic#71894) skip flaky suite (elastic#77207) [Maps] Fix issue preventing TMS from rendering correctly (elastic#71946) using test_user with minimum privs (elastic#71988) Fixed Webhook connector doesn't retain added HTTP header settings (elastic#71924) [Ingest Manager] Do not show enrolling and unenrolling agents as online in agent counters (elastic#71921) [Maps] fix 'New Map' from getting added to recently accessed (elastic#72125) ...
MindyRS
added
the
Team: SecuritySolution
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This restricts the UI; I believe the backend still needs similar guards.
On Rule Creation and Rule Update, the 'Associate to Global Endpoint Exceptions List' checkbox is disabled
On Rule Details, the Endpoints tab is disabled
Notes:
Checklist
Delete any items that are not applicable to this PR.
For maintainers