Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution][Detections] Adds dry_run for bulk edit and UX handle for bulk edit of ML rule index #134664

Merged
merged 68 commits into from
Jul 18, 2022
Merged

[Security Solution][Detections] Adds dry_run for bulk edit and UX handle for bulk edit of ML rule index #134664

merged 68 commits into from
Jul 18, 2022

Conversation

vitaliidm
Copy link
Contributor

@vitaliidm vitaliidm commented Jun 17, 2022
edited
Loading

Summary

Addresses:

Implemented

  • Adds new search query parameter dry_run to _bulk_action API, that allows simulate bulk action without actually updating rules. More details in the ticket
  • Changes the way, modal window is displaying before applying bulk edit action(index patterns, timeline, tags).
    Before displaying modal window, dry_run bulk action request will be send to get information how many rules can be edited. Based on this result, modal window displays how many rules can be edited and how many can't(with displaying error of validation). Users then can proceed to edit rules, that haven't failed during dry run.
    Validation errors include at this point
    • immutable rules
    • index pattern action on ML rule
    • default error message handle, that displays error message, with which rule failed

Before

Error displayed when user tried to apply index pattern action to ML rule

Screen.Recording.2022-06-23.at.16.53.10.mov

Screenshot 2022-06-23 at 16 55 52

After

Modal window is displayed with message that index pattern action can't be applied to ML rule

dry_run_1.mov

Screenshot 2022-06-21 at 13 34 27

Follow-ups:

Once merged, create PR for Security Solution API documentation

Checklist

Delete any items that are not applicable to this PR.

Release note

  • adds dry run mode for /detection_engine/rules/_bulk_action API
  • displays warning modal when user will try to apply index pattern bulk edit action to Machine Learning rule

@vitaliidm vitaliidm self-assigned this Jun 21, 2022
@vitaliidm vitaliidm added Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Feature:Rule Management Security Solution Detection Rule Management area Team:Detection Rule Management Security Detection Rule Management Team v8.4.0 release_note:feature Makes this part of the condensed release notes labels Jun 21, 2022
@vitaliidm vitaliidm removed the request for review from xcrzx July 12, 2022 17:10
@elastic elastic deleted a comment from kibana-ci Jul 13, 2022
@vitaliidm vitaliidm requested a review from xcrzx July 13, 2022 11:32
YulNaumenko
YulNaumenko approved these changes Jul 14, 2022
View reviewed changes
Copy link
Contributor

@YulNaumenko YulNaumenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@vitaliidm vitaliidm enabled auto-merge (squash) July 18, 2022 10:57
@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] Security Solution Tests #2 / EQL rules Detection rules, EQL Creates and enables a new EQL rule
  • [job] [logs] Security Solution Tests #4 / Open timeline Open timeline modal should display timeline info - pinned event count

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 3154 3157 +3

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 5.2MB 5.2MB +3.3KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 253.4KB 253.6KB +208.0B
Unknown metric groups

ESLint disabled in files

id before after diff
securitySolution 75 74 -1

Total ESLint disabled count

id before after diff
securitySolution 515 514 -1

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @vitaliidm

@vitaliidm vitaliidm merged commit bfa1968 into elastic:main Jul 18, 2022
@vitaliidm vitaliidm deleted the security-solution/bulk-edit-dry-run branch July 18, 2022 12:20
@vitaliidm vitaliidm mentioned this pull request Jul 18, 2022
Closed
@joepeeples joepeeples mentioned this pull request Jul 19, 2022
Closed
@vitaliidm vitaliidm mentioned this pull request Jul 20, 2022
Merged
vitaliidm added a commit to elastic/security-docs that referenced this pull request Aug 2, 2022
@vitaliidm
[Security Solution][Detections]Adds dry_run mode description to _bulk…
14f75a2 
…_action API (#2210)

Adds dry_run mode description to _bulk_action API

Preview [here](https://security-docs_2210.docs-preview.app.elstc.co/guide/en/security/master/bulk-actions-rules-api.html). 

- issue elastic/kibana#125512
- PR elastic/kibana#134664
mergify bot pushed a commit to elastic/security-docs that referenced this pull request Aug 2, 2022
@vitaliidm @mergify
[Security Solution][Detections]Adds dry_run mode description to _bulk…
8e2990a 
…_action API (#2210)

Adds dry_run mode description to _bulk_action API

Preview [here](https://security-docs_2210.docs-preview.app.elstc.co/guide/en/security/master/bulk-actions-rules-api.html).

- issue elastic/kibana#125512
- PR elastic/kibana#134664

(cherry picked from commit 14f75a2)
vitaliidm added a commit to elastic/security-docs that referenced this pull request Aug 2, 2022
@mergify @vitaliidm
[Security Solution][Detections]Adds dry_run mode description to _bulk…
4789089 
…_action API (#2210) (#2239)

Adds dry_run mode description to _bulk_action API

Preview [here](https://security-docs_2210.docs-preview.app.elstc.co/guide/en/security/master/bulk-actions-rules-api.html).

- issue elastic/kibana#125512
- PR elastic/kibana#134664

(cherry picked from commit 14f75a2)

Co-authored-by: Vitalii Dmyterko <92328789+vitaliidm@users.noreply.github.com>
@banderror banderror mentioned this pull request Aug 23, 2022
Merged
@vitaliidm vitaliidm mentioned this pull request Apr 25, 2023
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ashokaditya ashokaditya ashokaditya approved these changes

@YulNaumenko YulNaumenko YulNaumenko approved these changes

@xcrzx xcrzx Awaiting requested review from xcrzx

Assignees

@vitaliidm vitaliidm

Labels
backport:skip This commit does not require backporting Feature:Rule Management Security Solution Detection Rule Management area release_note:feature Makes this part of the condensed release notes Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.4.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@vitaliidm @elasticmachine @kibana-ci @ashokaditya @xcrzx @YulNaumenko @kibanamachine