elastic · kibanamachine · Mar 11, 2025 · Mar 11, 2025
@@ -79,20 +79,15 @@ disabled:
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_enabled/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_enabled/diffable_rule_fields/common_fields/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_enabled/diffable_rule_fields/type_specific_fields/configs/serverless.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_disabled/configs/serverless_complete_tier.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_disabled/configs/serverless_essentials_tier.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_non_customized_prebuilt_rules/feature_enabled/configs/serverless_essentials_tier.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_non_customized_prebuilt_rules/feature_disabled/configs/serverless_feature_flag_disabled.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_customized_prebuilt_rules/feature_enabled/configs/serverless_complete_tier.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_customized_prebuilt_rules/feature_disabled/configs/serverless_essentials_tier.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_customized_prebuilt_rules/feature_disabled/configs/serverless_feature_flag_disabled.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/export_prebuilt_rules/feature_enabled/configs/serverless_essentials_tier.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/export_prebuilt_rules/feature_disabled/configs/serverless_feature_flag_disabled.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/serverless.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/serverless.config.ts

@@ -63,20 +63,15 @@ enabled:
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_enabled/diffable_rule_fields/common_fields/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_enabled/diffable_rule_fields/type_specific_fields/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_disabled/configs/ess_basic_license.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/prebuilt_rule_customization/customization_disabled/configs/ess_trial_license.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/trial_license_complete_tier/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_delete/basic_license_essentials_tier/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/trial_license_complete_tier/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/basic_license_essentials_tier/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/basic_license_essentials_tier/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_non_customized_prebuilt_rules/feature_enabled/configs/ess_basic_license.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_non_customized_prebuilt_rules/feature_disabled/configs/ess_feature_flag_disabled.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_customized_prebuilt_rules/feature_enabled/configs/ess_enterprise_license.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_customized_prebuilt_rules/feature_disabled/configs/ess_basic_license.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/import_customized_prebuilt_rules/feature_disabled/configs/ess_feature_flag_disabled.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/export_prebuilt_rules/feature_enabled/configs/ess_basic_license.config.ts
-  - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_import_export/export_prebuilt_rules/feature_disabled/configs/ess_feature_flag_disabled.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_management/trial_license_complete_tier/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/trial_license_complete_tier/configs/ess.config.ts
   - x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_read/basic_license_essentials_tier/configs/ess.config.ts

@@ -35867,7 +35867,6 @@
     "xpack.securitySolution.detectionEngine.queryPreview.rulePreviewError": "Impossible d'afficher un aperçu de la règle",
     "xpack.securitySolution.detectionEngine.queryPreview.viewDetailsAriaLabel": "Afficher les détails",
     "xpack.securitySolution.detectionEngine.queryPreview.viewDetailsForRowAriaLabel": "Afficher les détails pour l'alerte ou l'événement de la ligne {ariaRowindex}, avec les colonnes {columnValues}",
-    "xpack.securitySolution.detectionEngine.relatedIntegrations.badgeTitle": "intégrations",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.disabledTitle": "Désactivé",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.enabledTitle": "Activé",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.enabledTooltip": "L'intégration est installée et une politique d'intégration avec la configuration requise existe. Assurez-vous que des agents Elastic sont affectés à cette politique pour ingérer des événements compatibles.",

@@ -35728,7 +35728,6 @@
     "xpack.securitySolution.detectionEngine.queryPreview.rulePreviewError": "ルールをプレビューできませんでした",
     "xpack.securitySolution.detectionEngine.queryPreview.viewDetailsAriaLabel": "詳細を表示",
     "xpack.securitySolution.detectionEngine.queryPreview.viewDetailsForRowAriaLabel": "行 {ariaRowindex}、列 {columnValues} のアラートまたはイベントの詳細を表示",
-    "xpack.securitySolution.detectionEngine.relatedIntegrations.badgeTitle": "統合",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.disabledTitle": "無効",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.enabledTitle": "有効",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.enabledTooltip": "統合はインストールされ、必要な構成が行われている統合ポリシーが存在します。Elasticエージェントにこのポリシーが割り当てられていることを確認し、互換性があるイベントを取り込みます。",

@@ -35192,7 +35192,6 @@
     "xpack.securitySolution.detectionEngine.queryPreview.rulePreviewError": "无法预览规则",
     "xpack.securitySolution.detectionEngine.queryPreview.viewDetailsAriaLabel": "查看详情",
     "xpack.securitySolution.detectionEngine.queryPreview.viewDetailsForRowAriaLabel": "查看第 {ariaRowindex} 行的告警或事件的详细信息，其中列为 {columnValues}",
-    "xpack.securitySolution.detectionEngine.relatedIntegrations.badgeTitle": "集成",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.disabledTitle": "已禁用",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.enabledTitle": "已启用",
     "xpack.securitySolution.detectionEngine.relatedIntegrations.enabledTooltip": "集成已安装，并且存在具有所需配置的集成策略。确保 Elastic 代理已分配此策略以采集兼容的事件。",

@@ -5,12 +5,6 @@
  * 2.0.
  */
 
-export enum PrebuiltRulesCustomizationDisabledReason {
-  License = 'License',
-  FeatureFlag = 'FeatureFlag',
-}
-
 export interface PrebuiltRulesCustomizationStatus {
   isRulesCustomizationEnabled: boolean;
-  customizationDisabledReason?: PrebuiltRulesCustomizationDisabledReason;
 }
@@ -179,17 +179,6 @@ export const allowedExperimentalValues = Object.freeze({
    */
   jamfDataInAnalyzerEnabled: true,
 
-  /**
-   * Enables an ability to customize Elastic prebuilt rules.
-   *
-   * Ticket: https://github.com/elastic/kibana/issues/174168
-   * Owners: https://github.com/orgs/elastic/teams/security-detection-rule-management
-   * Added: on Jun 24, 2024 in https://github.com/elastic/kibana/pull/186823
-   * Turned: TBD
-   * Expires: TBD
-   */
-  prebuiltRulesCustomizationEnabled: false,
-
   /**
    * Makes Elastic Defend integration's Malware On-Write Scan option available to edit.
    */

@@ -73,7 +73,6 @@ import { useRuleForms, useRuleIndexPattern } from '../form';
 import { useEsqlIndex, useEsqlQueryForAboutStep } from '../../hooks';
 import { CustomHeaderPageMemo } from '..';
 import { usePrebuiltRulesCustomizationStatus } from '../../../rule_management/logic/prebuilt_rules/use_prebuilt_rules_customization_status';
-import { PrebuiltRulesCustomizationDisabledReason } from '../../../../../common/detection_engine/prebuilt_rules/prebuilt_rule_customization_status';
 import { ALERT_SUPPRESSION_FIELDS_FIELD_NAME } from '../../../rule_creation/components/alert_suppression_edit';
 import { usePrebuiltRuleCustomizationUpsellingMessage } from '../../../rule_management/logic/prebuilt_rules/use_prebuilt_rule_customization_upselling_message';
 import { useRuleUpdateCallout } from '../../../rule_management/hooks/use_rule_update_callout';
@@ -94,8 +93,7 @@ const EditRulePageComponent: FC<{ rule: RuleResponse }> = ({ rule }) => {
   const { application, triggersActionsUi } = useKibana().services;
   const { navigateToApp } = application;
 
-  const { isRulesCustomizationEnabled, customizationDisabledReason } =
-    usePrebuiltRulesCustomizationStatus();
+  const { isRulesCustomizationEnabled } = usePrebuiltRulesCustomizationStatus();
   const canEditRule = isRulesCustomizationEnabled || !rule.immutable;
 
   const prebuiltCustomizationUpsellingMessage = usePrebuiltRuleCustomizationUpsellingMessage(
@@ -219,7 +217,7 @@ const EditRulePageComponent: FC<{ rule: RuleResponse }> = ({ rule }) => {
   });
 
   const customizationDisabledTooltip =
-    !canEditRule && customizationDisabledReason === PrebuiltRulesCustomizationDisabledReason.License
+    !canEditRule && !isRulesCustomizationEnabled
       ? prebuiltCustomizationUpsellingMessage
       : undefined;
 

@@ -9,8 +9,6 @@ import { EuiBadge } from '@elastic/eui';
 import React from 'react';
 import type { RuleResponse } from '../../../../../common/api/detection_engine';
 import { isCustomizedPrebuiltRule } from '../../../../../common/api/detection_engine';
-import { PrebuiltRulesCustomizationDisabledReason } from '../../../../../common/detection_engine/prebuilt_rules/prebuilt_rule_customization_status';
-import { usePrebuiltRulesCustomizationStatus } from '../../logic/prebuilt_rules/use_prebuilt_rules_customization_status';
 import * as i18n from './translations';
 
 interface CustomizedPrebuiltRuleBadgeProps {
@@ -20,16 +18,6 @@ interface CustomizedPrebuiltRuleBadgeProps {
 export const CustomizedPrebuiltRuleBadge: React.FC<CustomizedPrebuiltRuleBadgeProps> = ({
   rule,
 }) => {
-  const { isRulesCustomizationEnabled, customizationDisabledReason } =
-    usePrebuiltRulesCustomizationStatus();
-
-  if (
-    !isRulesCustomizationEnabled &&
-    customizationDisabledReason === PrebuiltRulesCustomizationDisabledReason.FeatureFlag
-  ) {
-    return null;
-  }
-
   if (rule === null || !isCustomizedPrebuiltRule(rule)) {
     return null;
   }

@@ -58,11 +58,7 @@ function createKibanaServicesMock(overrides?: Partial<CoreStart>) {
 function createMockStore() {
   const store = configureStore({
     reducer: {
-      app: () => ({
-        enableExperimental: {
-          prebuiltRulesCustomizationEnabled: true,
-        },
-      }),
+      app: jest.fn(),
     },
   });
 

@@ -10,7 +10,6 @@ import { EuiButton, EuiToolTip } from '@elastic/eui';
 import type { ReviewPrebuiltRuleUpgradeFilter } from '../../../../common/api/detection_engine/prebuilt_rules/common/review_prebuilt_rules_upgrade_filter';
 import { FieldUpgradeStateEnum, type RuleUpgradeState } from '../model/prebuilt_rule_upgrade';
 import { PerFieldRuleDiffTab } from '../components/rule_details/per_field_rule_diff_tab';
-import { PrebuiltRulesCustomizationDisabledReason } from '../../../../common/detection_engine/prebuilt_rules/prebuilt_rule_customization_status';
 import { useIsUpgradingSecurityPackages } from '../logic/use_upgrade_security_packages';
 import { usePrebuiltRulesCustomizationStatus } from '../logic/prebuilt_rules/use_prebuilt_rules_customization_status';
 import { usePerformUpgradeRules } from '../logic/prebuilt_rules/use_perform_rule_upgrade';
@@ -65,8 +64,7 @@ export function usePrebuiltRulesUpgrade({
   filter,
   onUpgrade,
 }: UsePrebuiltRulesUpgradeParams) {
-  const { isRulesCustomizationEnabled, customizationDisabledReason } =
-    usePrebuiltRulesCustomizationStatus();
+  const { isRulesCustomizationEnabled } = usePrebuiltRulesCustomizationStatus();
   const isUpgradingSecurityPackages = useIsUpgradingSecurityPackages();
   const [loadingRules, setLoadingRules] = useState<RuleSignatureId[]>([]);
 
@@ -285,10 +283,7 @@ export function usePrebuiltRulesUpgrade({
         ruleUpgradeState.current_rule.rule_source.is_customized;
 
       let headerCallout = null;
-      if (
-        hasCustomizations &&
-        customizationDisabledReason === PrebuiltRulesCustomizationDisabledReason.License
-      ) {
+      if (hasCustomizations && !isRulesCustomizationEnabled) {
         headerCallout = <CustomizationDisabledCallout />;
       } else if (hasRuleTypeChange && isRulesCustomizationEnabled) {
         headerCallout = <RuleTypeChangeCallout hasCustomizations={hasCustomizations} />;
@@ -339,12 +334,7 @@ export function usePrebuiltRulesUpgrade({
 
       return [updatesTab, jsonViewTab];
     },
-    [
-      rulesUpgradeState,
-      customizationDisabledReason,
-      isRulesCustomizationEnabled,
-      setRuleFieldResolvedValue,
-    ]
+    [rulesUpgradeState, isRulesCustomizationEnabled, setRuleFieldResolvedValue]
   );
   const { rulePreviewFlyout, openRulePreview } = useRulePreviewFlyout({
     rules: ruleUpgradeStates.map(({ target_rule: targetRule }) => targetRule),

@@ -6,7 +6,6 @@
  */
 
 import type { UpsellingMessageId } from '@kbn/security-solution-upselling/service';
-import { useIsExperimentalFeatureEnabled } from '../../../../common/hooks/use_experimental_features';
 import { useUpsellingMessage } from '../../../../common/hooks/use_upselling';
 
 /**
@@ -17,9 +16,5 @@ import { useUpsellingMessage } from '../../../../common/hooks/use_upselling';
 export const usePrebuiltRuleCustomizationUpsellingMessage = (messageId: UpsellingMessageId) => {
   // Upselling message is returned when the license level is insufficient,
   // otherwise it's undefined
-  const upsellingMessage = useUpsellingMessage(messageId);
-
-  // We show the upselling message only if the feature flag is enabled
-  const isFeatureFlagEnabled = useIsExperimentalFeatureEnabled('prebuiltRulesCustomizationEnabled');
-  return isFeatureFlagEnabled ? upsellingMessage : undefined;
+  return useUpsellingMessage(messageId);
 };
@@ -6,8 +6,6 @@
  */
 
 import type { PrebuiltRulesCustomizationStatus } from '../../../../../common/detection_engine/prebuilt_rules/prebuilt_rule_customization_status';
-import { PrebuiltRulesCustomizationDisabledReason } from '../../../../../common/detection_engine/prebuilt_rules/prebuilt_rule_customization_status';
-import { useIsExperimentalFeatureEnabled } from '../../../../common/hooks/use_experimental_features';
 import { usePrebuiltRuleCustomizationUpsellingMessage } from './use_prebuilt_rule_customization_upselling_message';
 
 /**
@@ -17,23 +15,13 @@ import { usePrebuiltRuleCustomizationUpsellingMessage } from './use_prebuilt_rul
  * enabled and returns the reason why it's disabled if it's the case.
  */
 export const usePrebuiltRulesCustomizationStatus = (): PrebuiltRulesCustomizationStatus => {
-  const isFeatureFlagEnabled = useIsExperimentalFeatureEnabled('prebuiltRulesCustomizationEnabled');
   // Upselling message is returned when the license level is insufficient,
   // otherwise it's undefined
   const upsellingMessage = usePrebuiltRuleCustomizationUpsellingMessage(
     'prebuilt_rule_customization'
   );
 
-  const isRulesCustomizationEnabled = isFeatureFlagEnabled && !upsellingMessage;
-  let customizationDisabledReason;
-  if (!isRulesCustomizationEnabled) {
-    customizationDisabledReason = !isFeatureFlagEnabled
-      ? PrebuiltRulesCustomizationDisabledReason.FeatureFlag
-      : PrebuiltRulesCustomizationDisabledReason.License;
-  }
-
   return {
-    isRulesCustomizationEnabled,
-    customizationDisabledReason,
+    isRulesCustomizationEnabled: !upsellingMessage,
   };
 };