[Security Solutions][Detection Engine] Changes wording for threat matches and rules

x-pack/plugins/security_solution/public/common/components/threat_match/translations.ts

@@ -13,7 +13,7 @@ export const FIELD = i18n.translate('xpack.securitySolution.threatMatch.fieldDes
 export const THREAT_FIELD = i18n.translate(
   'xpack.securitySolution.threatMatch.threatFieldDescription',
   {
-    defaultMessage: 'Threat index field',
+    defaultMessage: 'Indicator index field',
   }
 );
 

x-pack/plugins/security_solution/public/detections/components/rules/description_step/helpers.test.tsx

@@ -437,7 +437,7 @@ describe('helpers', () => {
     it('returns a humanized description for a threat_match type', () => {
       const [result]: ListItems[] = buildRuleTypeDescription('Test label', 'threat_match');
 
-      expect(result.description).toEqual('Threat Match');
+      expect(result.description).toEqual('Indicator Match');
     });
   });
 });

x-pack/plugins/security_solution/public/detections/components/rules/description_step/translations.tsx

@@ -65,7 +65,7 @@ export const THRESHOLD_TYPE_DESCRIPTION = i18n.translate(
 export const THREAT_MATCH_TYPE_DESCRIPTION = i18n.translate(
   'xpack.securitySolution.detectionEngine.createRule.threatMatchRuleTypeDescription',
   {
-    defaultMessage: 'Threat Match',
+    defaultMessage: 'Indicator Match',
   }
 );
 

x-pack/plugins/security_solution/public/detections/components/rules/select_rule_type/translations.ts

@@ -66,13 +66,14 @@ export const THRESHOLD_TYPE_DESCRIPTION = i18n.translate(
 export const THREAT_MATCH_TYPE_TITLE = i18n.translate(
   'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.threatMatchTitle',
   {
-    defaultMessage: 'Threat Match',
+    defaultMessage: 'Indicator Match',
   }
 );
 
 export const THREAT_MATCH_TYPE_DESCRIPTION = i18n.translate(
   'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.threatMatchDescription',
   {
-    defaultMessage: 'Upload value lists to write rules around a list of known bad attributes',
+    defaultMessage:
+      'Use indicators from intelligence sources to detect matching events and alerts.',
   }
 );

x-pack/plugins/security_solution/public/detections/components/rules/step_define_rule/schema.tsx

@@ -235,7 +235,7 @@ export const schema: FormSchema<DefineStepRule> = {
     label: i18n.translate(
       'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThreatIndexPatternsLabel',
       {
-        defaultMessage: 'Threat index patterns',
+        defaultMessage: 'Indicator Index Patterns',
       }
     ),
     helpText: <EuiText size="xs">{THREAT_MATCH_INDEX_HELPER_TEXT}</EuiText>,
@@ -265,7 +265,7 @@ export const schema: FormSchema<DefineStepRule> = {
     label: i18n.translate(
       'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThreatMappingLabel',
       {
-        defaultMessage: 'Threat Mapping',
+        defaultMessage: 'Indicator Mapping',
       }
     ),
     validations: [
@@ -301,7 +301,7 @@ export const schema: FormSchema<DefineStepRule> = {
     label: i18n.translate(
       'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThreatQueryBarLabel',
       {
-        defaultMessage: 'Threat index query',
+        defaultMessage: 'Indicator Index Query',
       }
     ),
     validations: [

x-pack/plugins/security_solution/server/lib/detection_engine/scripts/rules/queries/query_with_threat_mapping.json

@@ -1,5 +1,5 @@
 {
-  "name": "Query with a threat mapping",
+  "name": "Query with a indicator mapping",
   "description": "Query with a threat mapping",
   "rule_id": "threat-mapping",
   "risk_score": 1,