[Security Solution] Solution navigation architecture revision#217890
Merged
semd merged 44 commits intoelastic:mainfrom Apr 28, 2025
Merged
[Security Solution] Solution navigation architecture revision#217890semd merged 44 commits intoelastic:mainfrom
semd merged 44 commits intoelastic:mainfrom
Conversation
semd
added
v9.1.0
v8.19.0
backport:skip
semd
changed the title
…gation_tree_architecture' into security/adapt_navigation_tree_architecture
Contributor
Author
|
/ci |
…gation_tree_architecture
tsullivan
reviewed
Apr 15, 2025
Member
|
I recently made it possible in the SharedUX nav component, for footer to appear as intended in the designs: more like a group of sub-nav items rather than individual top-level items. I explain the fixes needed to the nav structures to fix footer issues in my PR: #218156. I would suggest that the footer structure is also updated in this PR. |
…gation_tree_architecture
akowalska622
pushed a commit
to akowalska622/kibana
that referenced
this pull request
May 29, 2025
…c#217890) ## Summary This PR updates and simplifies the general architecture of the Security Solution links, removing unnecessary code. The new architecture leverages the static `navigationTree` files. This approach was discussed and agreed with @tsullivan (Shared-UX team) and introduced in [this PR](elastic#215969). With these changes, the `navigationTree` becomes the SSoT (Single Source of Truth) for the links hierarchy. This is done by registering the Security Solution plugin `deepLinks` using the regular `ApplicationLinks` information, but following the same hierarchy as the `navigationTree`. This ensures consistency across the app and keeps the code DRY. >[!note] These changes only affect the new _Solution navigation_. The _Classic navigation_ remains unchanged and isolated, as it is expected to be deprecated and removed in the near future. ### Architecture change - The "links switchers", which were functions to programmatically change the links hierarchy, have been removed. - The `NavigationLinks` from which we were generating the `navigationTree` programatically have also been dropped. - The SecuritySolution plugin `deepLinks` are now generated using the `ApplicationLinks` for the link configuration (title, path...) and the current `navigationTree` for the hierarchy. #### Previous architecture  #### New architecture  >[!important] The landing pages (Rules, Explore, Assets...) were made inaccessible recently by the shared-ux team ([PR](elastic#210893)) in the new Solution navigation as part of an effort to unify with the rest of solutions. This fact also helped simplify the architecture. >[!tip] We have multiple static `navigationTree` definitions, which are used depending on the serverless product tier. Right now, we have the "default" `navigationTree` used in the _essentials_ and _complete_ tiers, and the "AI" `navigationTree` used in the new _searchAiLake_ tier. This approach ensures consistency for the links' locations across Kibana: the "left navigation", the "breadcrumbs", and the "global search" will always be aligned. ### Screenshots #### ECH navigations | Classic nav | Solution nav | |-|-| |<img width="248" alt="classic" src="https://github.com/user-attachments/assets/bb9e722e-316e-4c04-9978-068c35680382" />|<img width="248" alt="solution_nav" src="https://github.com/user-attachments/assets/a993ce49-b780-4405-b829-4d36023ae627" />| #### Serverless navigations | Regular tiers | AI for SOC | |-|-| |<img width="248" alt="regular_serverless_nav" src="https://github.com/user-attachments/assets/d782bf49-6c76-4414-a807-35245a5e9883" />|<img width="248" alt="ai_nav" src="https://github.com/user-attachments/assets/25d9950d-77c8-4d44-ab53-4b07423713af" />| #### Example of hierarchy for the `Endpoints` page: ##### Classic nav  ##### Solution nav  ### Other changes - `NavLinks` are no longer used by the Solution navigation and have been deprecated. They are only used in the Classic navigation now and will be removed along with it. - `ExternalPageNames` are no longer used and have been removed. - `ApplicationLinks` observables moved to a singleton class. - Link-related hooks have been moved to their own `links_hooks.ts` file. ### Next steps When the Classic navigation is deprecated, we'll be able to: - Define a flat structure of `ApplicationLinks` and remove the concept of `category` in them. - Remove Classic Security navigation components. - Remove all the landing pages and their components in the navigation package. The [docs](https://docs.elastic.dev/security-solution/dev-docs/app-links) will be updated once this is merged. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
semd
added a commit
to semd/kibana
that referenced
this pull request
May 29, 2025
…c#217890) ## Summary This PR updates and simplifies the general architecture of the Security Solution links, removing unnecessary code. The new architecture leverages the static `navigationTree` files. This approach was discussed and agreed with @tsullivan (Shared-UX team) and introduced in [this PR](elastic#215969). With these changes, the `navigationTree` becomes the SSoT (Single Source of Truth) for the links hierarchy. This is done by registering the Security Solution plugin `deepLinks` using the regular `ApplicationLinks` information, but following the same hierarchy as the `navigationTree`. This ensures consistency across the app and keeps the code DRY. >[!note] These changes only affect the new _Solution navigation_. The _Classic navigation_ remains unchanged and isolated, as it is expected to be deprecated and removed in the near future. ### Architecture change - The "links switchers", which were functions to programmatically change the links hierarchy, have been removed. - The `NavigationLinks` from which we were generating the `navigationTree` programatically have also been dropped. - The SecuritySolution plugin `deepLinks` are now generated using the `ApplicationLinks` for the link configuration (title, path...) and the current `navigationTree` for the hierarchy. #### Previous architecture  #### New architecture  >[!important] The landing pages (Rules, Explore, Assets...) were made inaccessible recently by the shared-ux team ([PR](elastic#210893)) in the new Solution navigation as part of an effort to unify with the rest of solutions. This fact also helped simplify the architecture. >[!tip] We have multiple static `navigationTree` definitions, which are used depending on the serverless product tier. Right now, we have the "default" `navigationTree` used in the _essentials_ and _complete_ tiers, and the "AI" `navigationTree` used in the new _searchAiLake_ tier. This approach ensures consistency for the links' locations across Kibana: the "left navigation", the "breadcrumbs", and the "global search" will always be aligned. ### Screenshots #### ECH navigations | Classic nav | Solution nav | |-|-| |<img width="248" alt="classic" src="https://github.com/user-attachments/assets/bb9e722e-316e-4c04-9978-068c35680382" />|<img width="248" alt="solution_nav" src="https://github.com/user-attachments/assets/a993ce49-b780-4405-b829-4d36023ae627" />| #### Serverless navigations | Regular tiers | AI for SOC | |-|-| |<img width="248" alt="regular_serverless_nav" src="https://github.com/user-attachments/assets/d782bf49-6c76-4414-a807-35245a5e9883" />|<img width="248" alt="ai_nav" src="https://github.com/user-attachments/assets/25d9950d-77c8-4d44-ab53-4b07423713af" />| #### Example of hierarchy for the `Endpoints` page: ##### Classic nav  ##### Solution nav  ### Other changes - `NavLinks` are no longer used by the Solution navigation and have been deprecated. They are only used in the Classic navigation now and will be removed along with it. - `ExternalPageNames` are no longer used and have been removed. - `ApplicationLinks` observables moved to a singleton class. - Link-related hooks have been moved to their own `links_hooks.ts` file. ### Next steps When the Classic navigation is deprecated, we'll be able to: - Define a flat structure of `ApplicationLinks` and remove the concept of `category` in them. - Remove Classic Security navigation components. - Remove all the landing pages and their components in the navigation package. The [docs](https://docs.elastic.dev/security-solution/dev-docs/app-links) will be updated once this is merged. --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> (cherry picked from commit c9f2f7c) # Conflicts: # src/platform/packages/shared/deeplinks/security/deep_links.ts # x-pack/platform/plugins/private/translations/translations/fr-FR.json # x-pack/platform/plugins/private/translations/translations/ja-JP.json # x-pack/platform/plugins/private/translations/translations/zh-CN.json # x-pack/solutions/observability/plugins/logs_explorer/.storybook/__mocks__/package_icon.tsx # x-pack/solutions/security/packages/navigation/src/constants.ts # x-pack/solutions/security/packages/navigation/src/i18n_strings.ts # x-pack/solutions/security/packages/navigation/src/navigation_tree/ml_navigation_tree.ts # x-pack/solutions/security/plugins/security_solution/public/app/links/app_links.ts # x-pack/solutions/security/plugins/security_solution/public/app/solution_navigation/categories.ts # x-pack/solutions/security/plugins/security_solution/public/app/solution_navigation/links/sections/assets_links.ts # x-pack/solutions/security/plugins/security_solution/public/app/solution_navigation/links/sections/assets_translations.ts # x-pack/solutions/security/plugins/security_solution/public/app/solution_navigation/links/sections/lazy_icons.tsx # x-pack/solutions/security/plugins/security_solution/public/app/solution_navigation/links/sections/ml_links.ts # x-pack/solutions/security/plugins/security_solution/public/app/solution_navigation/links/sections/ml_translations.ts # x-pack/solutions/security/plugins/security_solution/public/common/components/security_route_page_wrapper/index.test.tsx # x-pack/solutions/security/plugins/security_solution/public/common/components/security_route_page_wrapper/index.tsx # x-pack/solutions/security/plugins/security_solution/public/common/utils/timeline/use_show_timeline.test.tsx # x-pack/solutions/security/plugins/security_solution/public/common/utils/timeline/use_show_timeline_for_path.ts # x-pack/solutions/security/plugins/security_solution/public/configurations/routes.tsx # x-pack/solutions/security/plugins/security_solution/public/detections/pages/alert_summary/index.tsx # x-pack/solutions/security/plugins/security_solution/public/lazy_sub_plugins.tsx # x-pack/solutions/security/plugins/security_solution/tsconfig.json # x-pack/solutions/security/plugins/security_solution_ess/public/navigation/__snapshots__/side_navigation.test.tsx.snap # x-pack/solutions/security/plugins/security_solution_ess/public/navigation/side_navigation.tsx # x-pack/solutions/security/plugins/security_solution_serverless/public/common/lazy_icons.tsx # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/__snapshots__/side_navigation.test.tsx.snap # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/ai_navigation/callout.test.tsx # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/ai_navigation/callout.tsx # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/ai_navigation/icon.tsx # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/ai_navigation/translations.ts # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/index.ts # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/navigation.test.ts # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/security_side_navigation.tsx # x-pack/solutions/security/plugins/security_solution_serverless/public/navigation/side_navigation.ts # x-pack/test/security_solution_cypress/cypress/screens/serverless_security_header.ts
semd
added a commit
that referenced
this pull request
May 30, 2025
…217890) (#221923) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution] Solution navigation architecture revision (#217890)](#217890) <!--- Backport version: 10.0.0 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Sergi Massaneda","email":"sergi.massaneda@elastic.co"},"sourceCommit":{"committedDate":"2025-04-28T16:27:06Z","message":"[Security Solution] Solution navigation architecture revision (#217890)\n\n## Summary\n\nThis PR updates and simplifies the general architecture of the Security\nSolution links, removing unnecessary code.\n\nThe new architecture leverages the static `navigationTree` files. This\napproach was discussed and agreed with @tsullivan (Shared-UX team) and\nintroduced in [this PR](https://github.com/elastic/kibana/pull/215969).\n\nWith these changes, the `navigationTree` becomes the SSoT (Single Source\nof Truth) for the links hierarchy. This is done by registering the\nSecurity Solution plugin `deepLinks` using the regular\n`ApplicationLinks` information, but following the same hierarchy as the\n`navigationTree`. This ensures consistency across the app and keeps the\ncode DRY.\n\n>[!note]\nThese changes only affect the new _Solution navigation_. The _Classic\nnavigation_ remains unchanged and isolated, as it is expected to be\ndeprecated and removed in the near future.\n\n### Architecture change\n\n- The \"links switchers\", which were functions to programmatically change\nthe links hierarchy, have been removed.\n- The `NavigationLinks` from which we were generating the\n`navigationTree` programatically have also been dropped.\n- The SecuritySolution plugin `deepLinks` are now generated using the\n`ApplicationLinks` for the link configuration (title, path...) and the\ncurrent `navigationTree` for the hierarchy.\n\n#### Previous architecture\n\n\n#### New architecture\n\n\n>[!important]\nThe landing pages (Rules, Explore, Assets...) were made inaccessible\nrecently by the shared-ux team\n([PR](#210893)) in the new\nSolution navigation as part of an effort to unify with the rest of\nsolutions. This fact also helped simplify the architecture.\n\n>[!tip]\nWe have multiple static `navigationTree` definitions, which are used\ndepending on the serverless product tier. Right now, we have the\n\"default\" `navigationTree` used in the _essentials_ and _complete_\ntiers, and the \"AI\" `navigationTree` used in the new _searchAiLake_\ntier.\n\nThis approach ensures consistency for the links' locations across\nKibana: the \"left navigation\", the \"breadcrumbs\", and the \"global\nsearch\" will always be aligned.\n\n### Screenshots\n\n#### ECH navigations\n\n| Classic nav | Solution nav |\n|-|-|\n|<img width=\"248\" alt=\"classic\"\nsrc=\"https://github.com/user-attachments/assets/bb9e722e-316e-4c04-9978-068c35680382\"\n/>|<img width=\"248\" alt=\"solution_nav\"\nsrc=\"https://github.com/user-attachments/assets/a993ce49-b780-4405-b829-4d36023ae627\"\n/>|\n\n\n#### Serverless navigations\n\n| Regular tiers | AI for SOC |\n|-|-|\n|<img width=\"248\" alt=\"regular_serverless_nav\"\nsrc=\"https://github.com/user-attachments/assets/d782bf49-6c76-4414-a807-35245a5e9883\"\n/>|<img width=\"248\" alt=\"ai_nav\"\nsrc=\"https://github.com/user-attachments/assets/25d9950d-77c8-4d44-ab53-4b07423713af\"\n/>|\n\n#### Example of hierarchy for the `Endpoints` page:\n\n##### Classic nav\n\n\n\n##### Solution nav\n\n\n\n### Other changes\n\n- `NavLinks` are no longer used by the Solution navigation and have been\ndeprecated. They are only used in the Classic navigation now and will be\nremoved along with it.\n- `ExternalPageNames` are no longer used and have been removed.\n- `ApplicationLinks` observables moved to a singleton class.\n- Link-related hooks have been moved to their own `links_hooks.ts` file.\n\n### Next steps\n\nWhen the Classic navigation is deprecated, we'll be able to:\n\n- Define a flat structure of `ApplicationLinks` and remove the concept\nof `category` in them.\n- Remove Classic Security navigation components.\n- Remove all the landing pages and their components in the navigation\npackage.\n\n\nThe\n[docs](https://docs.elastic.dev/security-solution/dev-docs/app-links)\nwill be updated once this is merged.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"c9f2f7cd815a6e473aa704027e7783547072c477","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","backport:skip","Team: SecuritySolution","ci:cloud-deploy","ci:cloud-persist-deployment","ci:project-deploy-security","ci:project-persist-deployment","v9.1.0"],"title":"[Security Solution] Solution navigation architecture revision","number":217890,"url":"https://github.com/elastic/kibana/pull/217890","mergeCommit":{"message":"[Security Solution] Solution navigation architecture revision (#217890)\n\n## Summary\n\nThis PR updates and simplifies the general architecture of the Security\nSolution links, removing unnecessary code.\n\nThe new architecture leverages the static `navigationTree` files. This\napproach was discussed and agreed with @tsullivan (Shared-UX team) and\nintroduced in [this PR](https://github.com/elastic/kibana/pull/215969).\n\nWith these changes, the `navigationTree` becomes the SSoT (Single Source\nof Truth) for the links hierarchy. This is done by registering the\nSecurity Solution plugin `deepLinks` using the regular\n`ApplicationLinks` information, but following the same hierarchy as the\n`navigationTree`. This ensures consistency across the app and keeps the\ncode DRY.\n\n>[!note]\nThese changes only affect the new _Solution navigation_. The _Classic\nnavigation_ remains unchanged and isolated, as it is expected to be\ndeprecated and removed in the near future.\n\n### Architecture change\n\n- The \"links switchers\", which were functions to programmatically change\nthe links hierarchy, have been removed.\n- The `NavigationLinks` from which we were generating the\n`navigationTree` programatically have also been dropped.\n- The SecuritySolution plugin `deepLinks` are now generated using the\n`ApplicationLinks` for the link configuration (title, path...) and the\ncurrent `navigationTree` for the hierarchy.\n\n#### Previous architecture\n\n\n#### New architecture\n\n\n>[!important]\nThe landing pages (Rules, Explore, Assets...) were made inaccessible\nrecently by the shared-ux team\n([PR](#210893)) in the new\nSolution navigation as part of an effort to unify with the rest of\nsolutions. This fact also helped simplify the architecture.\n\n>[!tip]\nWe have multiple static `navigationTree` definitions, which are used\ndepending on the serverless product tier. Right now, we have the\n\"default\" `navigationTree` used in the _essentials_ and _complete_\ntiers, and the \"AI\" `navigationTree` used in the new _searchAiLake_\ntier.\n\nThis approach ensures consistency for the links' locations across\nKibana: the \"left navigation\", the \"breadcrumbs\", and the \"global\nsearch\" will always be aligned.\n\n### Screenshots\n\n#### ECH navigations\n\n| Classic nav | Solution nav |\n|-|-|\n|<img width=\"248\" alt=\"classic\"\nsrc=\"https://github.com/user-attachments/assets/bb9e722e-316e-4c04-9978-068c35680382\"\n/>|<img width=\"248\" alt=\"solution_nav\"\nsrc=\"https://github.com/user-attachments/assets/a993ce49-b780-4405-b829-4d36023ae627\"\n/>|\n\n\n#### Serverless navigations\n\n| Regular tiers | AI for SOC |\n|-|-|\n|<img width=\"248\" alt=\"regular_serverless_nav\"\nsrc=\"https://github.com/user-attachments/assets/d782bf49-6c76-4414-a807-35245a5e9883\"\n/>|<img width=\"248\" alt=\"ai_nav\"\nsrc=\"https://github.com/user-attachments/assets/25d9950d-77c8-4d44-ab53-4b07423713af\"\n/>|\n\n#### Example of hierarchy for the `Endpoints` page:\n\n##### Classic nav\n\n\n\n##### Solution nav\n\n\n\n### Other changes\n\n- `NavLinks` are no longer used by the Solution navigation and have been\ndeprecated. They are only used in the Classic navigation now and will be\nremoved along with it.\n- `ExternalPageNames` are no longer used and have been removed.\n- `ApplicationLinks` observables moved to a singleton class.\n- Link-related hooks have been moved to their own `links_hooks.ts` file.\n\n### Next steps\n\nWhen the Classic navigation is deprecated, we'll be able to:\n\n- Define a flat structure of `ApplicationLinks` and remove the concept\nof `category` in them.\n- Remove Classic Security navigation components.\n- Remove all the landing pages and their components in the navigation\npackage.\n\n\nThe\n[docs](https://docs.elastic.dev/security-solution/dev-docs/app-links)\nwill be updated once this is merged.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"c9f2f7cd815a6e473aa704027e7783547072c477"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/217890","number":217890,"mergeCommit":{"message":"[Security Solution] Solution navigation architecture revision (#217890)\n\n## Summary\n\nThis PR updates and simplifies the general architecture of the Security\nSolution links, removing unnecessary code.\n\nThe new architecture leverages the static `navigationTree` files. This\napproach was discussed and agreed with @tsullivan (Shared-UX team) and\nintroduced in [this PR](https://github.com/elastic/kibana/pull/215969).\n\nWith these changes, the `navigationTree` becomes the SSoT (Single Source\nof Truth) for the links hierarchy. This is done by registering the\nSecurity Solution plugin `deepLinks` using the regular\n`ApplicationLinks` information, but following the same hierarchy as the\n`navigationTree`. This ensures consistency across the app and keeps the\ncode DRY.\n\n>[!note]\nThese changes only affect the new _Solution navigation_. The _Classic\nnavigation_ remains unchanged and isolated, as it is expected to be\ndeprecated and removed in the near future.\n\n### Architecture change\n\n- The \"links switchers\", which were functions to programmatically change\nthe links hierarchy, have been removed.\n- The `NavigationLinks` from which we were generating the\n`navigationTree` programatically have also been dropped.\n- The SecuritySolution plugin `deepLinks` are now generated using the\n`ApplicationLinks` for the link configuration (title, path...) and the\ncurrent `navigationTree` for the hierarchy.\n\n#### Previous architecture\n\n\n#### New architecture\n\n\n>[!important]\nThe landing pages (Rules, Explore, Assets...) were made inaccessible\nrecently by the shared-ux team\n([PR](#210893)) in the new\nSolution navigation as part of an effort to unify with the rest of\nsolutions. This fact also helped simplify the architecture.\n\n>[!tip]\nWe have multiple static `navigationTree` definitions, which are used\ndepending on the serverless product tier. Right now, we have the\n\"default\" `navigationTree` used in the _essentials_ and _complete_\ntiers, and the \"AI\" `navigationTree` used in the new _searchAiLake_\ntier.\n\nThis approach ensures consistency for the links' locations across\nKibana: the \"left navigation\", the \"breadcrumbs\", and the \"global\nsearch\" will always be aligned.\n\n### Screenshots\n\n#### ECH navigations\n\n| Classic nav | Solution nav |\n|-|-|\n|<img width=\"248\" alt=\"classic\"\nsrc=\"https://github.com/user-attachments/assets/bb9e722e-316e-4c04-9978-068c35680382\"\n/>|<img width=\"248\" alt=\"solution_nav\"\nsrc=\"https://github.com/user-attachments/assets/a993ce49-b780-4405-b829-4d36023ae627\"\n/>|\n\n\n#### Serverless navigations\n\n| Regular tiers | AI for SOC |\n|-|-|\n|<img width=\"248\" alt=\"regular_serverless_nav\"\nsrc=\"https://github.com/user-attachments/assets/d782bf49-6c76-4414-a807-35245a5e9883\"\n/>|<img width=\"248\" alt=\"ai_nav\"\nsrc=\"https://github.com/user-attachments/assets/25d9950d-77c8-4d44-ab53-4b07423713af\"\n/>|\n\n#### Example of hierarchy for the `Endpoints` page:\n\n##### Classic nav\n\n\n\n##### Solution nav\n\n\n\n### Other changes\n\n- `NavLinks` are no longer used by the Solution navigation and have been\ndeprecated. They are only used in the Classic navigation now and will be\nremoved along with it.\n- `ExternalPageNames` are no longer used and have been removed.\n- `ApplicationLinks` observables moved to a singleton class.\n- Link-related hooks have been moved to their own `links_hooks.ts` file.\n\n### Next steps\n\nWhen the Classic navigation is deprecated, we'll be able to:\n\n- Define a flat structure of `ApplicationLinks` and remove the concept\nof `category` in them.\n- Remove Classic Security navigation components.\n- Remove all the landing pages and their components in the navigation\npackage.\n\n\nThe\n[docs](https://docs.elastic.dev/security-solution/dev-docs/app-links)\nwill be updated once this is merged.\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>\nCo-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>","sha":"c9f2f7cd815a6e473aa704027e7783547072c477"}}]}] BACKPORT--> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Tomasz Ciecierski <tomasz.ciecierski@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
3 tasks
1 task
kqualters-elastic
added a commit
that referenced
this pull request
Aug 25, 2025
…232558) ## Summary Related issue: #232557 This pr fixes an issue where deprecated pages that are not registered with the global navigation and search, as the now deprecated app/security/detections/* routes are, but did have custom redirect logic with react router components, stopped working as a result of a recent change #217890 that prevented any of this logic from running if the route was not registered globally, "useLinkInfo" is the hook below that checks this. Alert actions use an older url, app/security/detections/rules/id/{ruleId}, and redirect at the application level to the new url app/security/rules/id/{ruleId} and so this pr explicitly excludes the old route from this check, because we should also continue to not show a detections result in the global search bar that just redirects to the alerts page. Open to doing this in another way if we want, but this seemed the most direct and lowest friction way to make this core functionality work again. Before:  After:  ### Checklist - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Aug 25, 2025
…lastic#232558) ## Summary Related issue: elastic#232557 This pr fixes an issue where deprecated pages that are not registered with the global navigation and search, as the now deprecated app/security/detections/* routes are, but did have custom redirect logic with react router components, stopped working as a result of a recent change elastic#217890 that prevented any of this logic from running if the route was not registered globally, "useLinkInfo" is the hook below that checks this. Alert actions use an older url, app/security/detections/rules/id/{ruleId}, and redirect at the application level to the new url app/security/rules/id/{ruleId} and so this pr explicitly excludes the old route from this check, because we should also continue to not show a detections result in the global search bar that just redirects to the alerts page. Open to doing this in another way if we want, but this seemed the most direct and lowest friction way to make this core functionality work again. Before:  After:  ### Checklist - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit c4d6fba)
kibanamachine
added a commit
that referenced
this pull request
Aug 25, 2025
…rects (#232558) (#232748) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] [Alerts] Fix deprecated pageNames with redirects (#232558)](#232558) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Kevin Qualters","email":"56408403+kqualters-elastic@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-08-25T09:05:19Z","message":"[Security Solution] [Alerts] Fix deprecated pageNames with redirects (#232558)\n\n## Summary\n\nRelated issue: https://github.com/elastic/kibana/issues/232557\n\nThis pr fixes an issue where deprecated pages that are not registered\nwith the global navigation and search, as the now deprecated\napp/security/detections/* routes are, but did have custom redirect logic\nwith react router components, stopped working as a result of a recent\nchange #217890 that prevented any\nof this logic from running if the route was not registered globally,\n\"useLinkInfo\" is the hook below that checks this. Alert actions use an\nolder url, app/security/detections/rules/id/{ruleId}, and redirect at\nthe application level to the new url app/security/rules/id/{ruleId} and\nso this pr explicitly excludes the old route from this check, because we\nshould also continue to not show a detections result in the global\nsearch bar that just redirects to the alerts page. Open to doing this in\nanother way if we want, but this seemed the most direct and lowest\nfriction way to make this core functionality work again.\n\nBefore:\n\n\n\n\nAfter:\n\n\n\n\n### Checklist\n\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"c4d6fbace44838293a553e9ac40ba0db9db8cc15","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","backport:version","v9.2.0","v9.1.3","v8.19.3","v9.0.6"],"title":"[Security Solution] [Alerts] Fix deprecated pageNames with redirects","number":232558,"url":"https://github.com/elastic/kibana/pull/232558","mergeCommit":{"message":"[Security Solution] [Alerts] Fix deprecated pageNames with redirects (#232558)\n\n## Summary\n\nRelated issue: https://github.com/elastic/kibana/issues/232557\n\nThis pr fixes an issue where deprecated pages that are not registered\nwith the global navigation and search, as the now deprecated\napp/security/detections/* routes are, but did have custom redirect logic\nwith react router components, stopped working as a result of a recent\nchange #217890 that prevented any\nof this logic from running if the route was not registered globally,\n\"useLinkInfo\" is the hook below that checks this. Alert actions use an\nolder url, app/security/detections/rules/id/{ruleId}, and redirect at\nthe application level to the new url app/security/rules/id/{ruleId} and\nso this pr explicitly excludes the old route from this check, because we\nshould also continue to not show a detections result in the global\nsearch bar that just redirects to the alerts page. Open to doing this in\nanother way if we want, but this seemed the most direct and lowest\nfriction way to make this core functionality work again.\n\nBefore:\n\n\n\n\nAfter:\n\n\n\n\n### Checklist\n\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"c4d6fbace44838293a553e9ac40ba0db9db8cc15"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19","9.0"],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/232558","number":232558,"mergeCommit":{"message":"[Security Solution] [Alerts] Fix deprecated pageNames with redirects (#232558)\n\n## Summary\n\nRelated issue: https://github.com/elastic/kibana/issues/232557\n\nThis pr fixes an issue where deprecated pages that are not registered\nwith the global navigation and search, as the now deprecated\napp/security/detections/* routes are, but did have custom redirect logic\nwith react router components, stopped working as a result of a recent\nchange #217890 that prevented any\nof this logic from running if the route was not registered globally,\n\"useLinkInfo\" is the hook below that checks this. Alert actions use an\nolder url, app/security/detections/rules/id/{ruleId}, and redirect at\nthe application level to the new url app/security/rules/id/{ruleId} and\nso this pr explicitly excludes the old route from this check, because we\nshould also continue to not show a detections result in the global\nsearch bar that just redirects to the alerts page. Open to doing this in\nanother way if we want, but this seemed the most direct and lowest\nfriction way to make this core functionality work again.\n\nBefore:\n\n\n\n\nAfter:\n\n\n\n\n### Checklist\n\n- [ ] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"c4d6fbace44838293a553e9ac40ba0db9db8cc15"}},{"branch":"9.1","label":"v9.1.3","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.3","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.6","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Kevin Qualters <56408403+kqualters-elastic@users.noreply.github.com>
qn895
pushed a commit
to qn895/kibana
that referenced
this pull request
Aug 26, 2025
…lastic#232558) ## Summary Related issue: elastic#232557 This pr fixes an issue where deprecated pages that are not registered with the global navigation and search, as the now deprecated app/security/detections/* routes are, but did have custom redirect logic with react router components, stopped working as a result of a recent change elastic#217890 that prevented any of this logic from running if the route was not registered globally, "useLinkInfo" is the hook below that checks this. Alert actions use an older url, app/security/detections/rules/id/{ruleId}, and redirect at the application level to the new url app/security/rules/id/{ruleId} and so this pr explicitly excludes the old route from this check, because we should also continue to not show a detections result in the global search bar that just redirects to the alerts page. Open to doing this in another way if we want, but this seemed the most direct and lowest friction way to make this core functionality work again. Before:  After:  ### Checklist - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
KodeRad
pushed a commit
to KodeRad/kibana
that referenced
this pull request
Aug 28, 2025
…lastic#232558) ## Summary Related issue: elastic#232557 This pr fixes an issue where deprecated pages that are not registered with the global navigation and search, as the now deprecated app/security/detections/* routes are, but did have custom redirect logic with react router components, stopped working as a result of a recent change elastic#217890 that prevented any of this logic from running if the route was not registered globally, "useLinkInfo" is the hook below that checks this. Alert actions use an older url, app/security/detections/rules/id/{ruleId}, and redirect at the application level to the new url app/security/rules/id/{ruleId} and so this pr explicitly excludes the old route from this check, because we should also continue to not show a detections result in the global search bar that just redirects to the alerts page. Open to doing this in another way if we want, but this seemed the most direct and lowest friction way to make this core functionality work again. Before:  After:  ### Checklist - [ ] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
Merged
4 tasks
banderror
added a commit
that referenced
this pull request
Sep 26, 2025
…rules to rule actions (#236067) **Partially addresses:** #232557 ## Summary This PR fixes the value of the `results_link` variable we pass at the end of a detection rule execution to its rule actions via the `context` object. This variable then can be used from actions via `{{context.results_link}}` template placeholder. We used to construct the `results_link` like this: `<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`. Which used to be the correct URL to the Rule Details page. However, the URL structure of detections pages had been changed a long time ago, and now we have this: `<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL redirects from `/app/security/detections/rules/id/<rule-id>` to `/app/security/detections/rules/id/<rule-id>`, but they were broken by #217890. Some of them have been fixed since then, so now the redirects work as expected in some versions of Kibana, and in some of them they are still broken. See #232557 (comment) for details. This PR adjusts the `results_link` according to the up to date URL structure. ## Release Notes Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - No need for that as the only affected tests are unit tests - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels.
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Sep 26, 2025
…rules to rule actions (elastic#236067) **Partially addresses:** elastic#232557 ## Summary This PR fixes the value of the `results_link` variable we pass at the end of a detection rule execution to its rule actions via the `context` object. This variable then can be used from actions via `{{context.results_link}}` template placeholder. We used to construct the `results_link` like this: `<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`. Which used to be the correct URL to the Rule Details page. However, the URL structure of detections pages had been changed a long time ago, and now we have this: `<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL redirects from `/app/security/detections/rules/id/<rule-id>` to `/app/security/detections/rules/id/<rule-id>`, but they were broken by elastic#217890. Some of them have been fixed since then, so now the redirects work as expected in some versions of Kibana, and in some of them they are still broken. See elastic#232557 (comment) for details. This PR adjusts the `results_link` according to the up to date URL structure. ## Release Notes Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - No need for that as the only affected tests are unit tests - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels. (cherry picked from commit bb6c8c1)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Sep 26, 2025
…rules to rule actions (elastic#236067) **Partially addresses:** elastic#232557 ## Summary This PR fixes the value of the `results_link` variable we pass at the end of a detection rule execution to its rule actions via the `context` object. This variable then can be used from actions via `{{context.results_link}}` template placeholder. We used to construct the `results_link` like this: `<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`. Which used to be the correct URL to the Rule Details page. However, the URL structure of detections pages had been changed a long time ago, and now we have this: `<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL redirects from `/app/security/detections/rules/id/<rule-id>` to `/app/security/detections/rules/id/<rule-id>`, but they were broken by elastic#217890. Some of them have been fixed since then, so now the redirects work as expected in some versions of Kibana, and in some of them they are still broken. See elastic#232557 (comment) for details. This PR adjusts the `results_link` according to the up to date URL structure. ## Release Notes Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - No need for that as the only affected tests are unit tests - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels. (cherry picked from commit bb6c8c1)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Sep 26, 2025
…rules to rule actions (elastic#236067) **Partially addresses:** elastic#232557 ## Summary This PR fixes the value of the `results_link` variable we pass at the end of a detection rule execution to its rule actions via the `context` object. This variable then can be used from actions via `{{context.results_link}}` template placeholder. We used to construct the `results_link` like this: `<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`. Which used to be the correct URL to the Rule Details page. However, the URL structure of detections pages had been changed a long time ago, and now we have this: `<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL redirects from `/app/security/detections/rules/id/<rule-id>` to `/app/security/detections/rules/id/<rule-id>`, but they were broken by elastic#217890. Some of them have been fixed since then, so now the redirects work as expected in some versions of Kibana, and in some of them they are still broken. See elastic#232557 (comment) for details. This PR adjusts the `results_link` according to the up to date URL structure. ## Release Notes Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - No need for that as the only affected tests are unit tests - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels. (cherry picked from commit bb6c8c1)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Sep 26, 2025
…rules to rule actions (elastic#236067) **Partially addresses:** elastic#232557 ## Summary This PR fixes the value of the `results_link` variable we pass at the end of a detection rule execution to its rule actions via the `context` object. This variable then can be used from actions via `{{context.results_link}}` template placeholder. We used to construct the `results_link` like this: `<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`. Which used to be the correct URL to the Rule Details page. However, the URL structure of detections pages had been changed a long time ago, and now we have this: `<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL redirects from `/app/security/detections/rules/id/<rule-id>` to `/app/security/detections/rules/id/<rule-id>`, but they were broken by elastic#217890. Some of them have been fixed since then, so now the redirects work as expected in some versions of Kibana, and in some of them they are still broken. See elastic#232557 (comment) for details. This PR adjusts the `results_link` according to the up to date URL structure. ## Release Notes Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - No need for that as the only affected tests are unit tests - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels. (cherry picked from commit bb6c8c1)
kibanamachine
added a commit
that referenced
this pull request
Sep 26, 2025
…ction rules to rule actions (#236067) (#236533) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)](#236067) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"georgii.gorbachev@elastic.co"},"sourceCommit":{"committedDate":"2025-09-26T03:25:22Z","message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Actions","Team:Detection Rule Management","sdh-linked","Feature:Rule Details","Team:Detection Engine","backport:version","v9.2.0","v8.18.8","v8.19.5","v9.0.8","v9.1.5"],"title":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions","number":236067,"url":"https://github.com/elastic/kibana/pull/236067","mergeCommit":{"message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6"}},"sourceBranch":"main","suggestedTargetBranches":["8.18","8.19","9.0","9.1"],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/236067","number":236067,"mergeCommit":{"message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6"}},{"branch":"8.18","label":"v8.18.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
kibanamachine
added a commit
that referenced
this pull request
Sep 26, 2025
…ection rules to rule actions (#236067) (#236530) # Backport This will backport the following commits from `main` to `8.18`: - [[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)](#236067) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"georgii.gorbachev@elastic.co"},"sourceCommit":{"committedDate":"2025-09-26T03:25:22Z","message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Actions","Team:Detection Rule Management","sdh-linked","Feature:Rule Details","Team:Detection Engine","backport:version","v9.2.0","v8.18.8","v8.19.5","v9.0.8","v9.1.5"],"title":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions","number":236067,"url":"https://github.com/elastic/kibana/pull/236067","mergeCommit":{"message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6"}},"sourceBranch":"main","suggestedTargetBranches":["8.18","8.19","9.0","9.1"],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/236067","number":236067,"mergeCommit":{"message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6"}},{"branch":"8.18","label":"v8.18.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
kibanamachine
added a commit
that referenced
this pull request
Sep 26, 2025
…ection rules to rule actions (#236067) (#236531) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)](#236067) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"georgii.gorbachev@elastic.co"},"sourceCommit":{"committedDate":"2025-09-26T03:25:22Z","message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Actions","Team:Detection Rule Management","sdh-linked","Feature:Rule Details","Team:Detection Engine","backport:version","v9.2.0","v8.18.8","v8.19.5","v9.0.8","v9.1.5"],"title":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions","number":236067,"url":"https://github.com/elastic/kibana/pull/236067","mergeCommit":{"message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6"}},"sourceBranch":"main","suggestedTargetBranches":["8.18","8.19","9.0","9.1"],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/236067","number":236067,"mergeCommit":{"message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6"}},{"branch":"8.18","label":"v8.18.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
VladimirFilonov
pushed a commit
to VladimirFilonov/kibana
that referenced
this pull request
Sep 26, 2025
…rules to rule actions (elastic#236067) **Partially addresses:** elastic#232557 ## Summary This PR fixes the value of the `results_link` variable we pass at the end of a detection rule execution to its rule actions via the `context` object. This variable then can be used from actions via `{{context.results_link}}` template placeholder. We used to construct the `results_link` like this: `<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`. Which used to be the correct URL to the Rule Details page. However, the URL structure of detections pages had been changed a long time ago, and now we have this: `<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL redirects from `/app/security/detections/rules/id/<rule-id>` to `/app/security/detections/rules/id/<rule-id>`, but they were broken by elastic#217890. Some of them have been fixed since then, so now the redirects work as expected in some versions of Kibana, and in some of them they are still broken. See elastic#232557 (comment) for details. This PR adjusts the `results_link` according to the up to date URL structure. ## Release Notes Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - No need for that as the only affected tests are unit tests - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels.
kibanamachine
added a commit
that referenced
this pull request
Sep 26, 2025
…ction rules to rule actions (#236067) (#236532) # Backport This will backport the following commits from `main` to `9.0`: - [[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)](#236067) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Georgii Gorbachev","email":"georgii.gorbachev@elastic.co"},"sourceCommit":{"committedDate":"2025-09-26T03:25:22Z","message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:fix","Team:Detections and Resp","Team: SecuritySolution","Feature:Rule Actions","Team:Detection Rule Management","sdh-linked","Feature:Rule Details","Team:Detection Engine","backport:version","v9.2.0","v8.18.8","v8.19.5","v9.0.8","v9.1.5"],"title":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions","number":236067,"url":"https://github.com/elastic/kibana/pull/236067","mergeCommit":{"message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6"}},"sourceBranch":"main","suggestedTargetBranches":["8.18","8.19","9.0","9.1"],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/236067","number":236067,"mergeCommit":{"message":"[Security Solution] Fix `context.results_link` passed from detection rules to rule actions (#236067)\n\n**Partially addresses:** https://github.com/elastic/kibana/issues/232557\n\n## Summary\n\nThis PR fixes the value of the `results_link` variable we pass at the\nend of a detection rule execution to its rule actions via the `context`\nobject. This variable then can be used from actions via\n`{{context.results_link}}` template placeholder.\n\nWe used to construct the `results_link` like this:\n`<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`.\nWhich used to be the correct URL to the Rule Details page.\n\nHowever, the URL structure of detections pages had been changed a long\ntime ago, and now we have this:\n`<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL\nredirects from `/app/security/detections/rules/id/<rule-id>` to\n`/app/security/detections/rules/id/<rule-id>`, but they were broken by\nhttps://github.com//pull/217890. Some of them have been\nfixed since then, so now the redirects work as expected in some versions\nof Kibana, and in some of them they are still broken. See\nhttps://github.com//issues/232557#issuecomment-3320470840\nfor details.\n\nThis PR adjusts the `results_link` according to the up to date URL\nstructure.\n\n## Release Notes\n\nFixes the URL passed to detection rule actions via the\n`{{context.results_link}}` placeholder.\n\n### Checklist\n\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios\n- [ ] [Flaky Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was\nused on any tests changed\n - No need for that as the only affected tests are unit tests\n- [x] The PR description includes the appropriate Release Notes section,\nand the correct `release_note:*` label is applied per the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n- [x] Review the [backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand apply applicable `backport:*` labels.","sha":"bb6c8c10f82a71439dad4ba6ce59b41698e021f6"}},{"branch":"8.18","label":"v8.18.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
niros1
pushed a commit
that referenced
this pull request
Sep 30, 2025
…rules to rule actions (#236067) **Partially addresses:** #232557 ## Summary This PR fixes the value of the `results_link` variable we pass at the end of a detection rule execution to its rule actions via the `context` object. This variable then can be used from actions via `{{context.results_link}}` template placeholder. We used to construct the `results_link` like this: `<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`. Which used to be the correct URL to the Rule Details page. However, the URL structure of detections pages had been changed a long time ago, and now we have this: `<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL redirects from `/app/security/detections/rules/id/<rule-id>` to `/app/security/detections/rules/id/<rule-id>`, but they were broken by #217890. Some of them have been fixed since then, so now the redirects work as expected in some versions of Kibana, and in some of them they are still broken. See #232557 (comment) for details. This PR adjusts the `results_link` according to the up to date URL structure. ## Release Notes Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - No need for that as the only affected tests are unit tests - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels.
rylnd
pushed a commit
to rylnd/kibana
that referenced
this pull request
Oct 17, 2025
…rules to rule actions (elastic#236067) **Partially addresses:** elastic#232557 ## Summary This PR fixes the value of the `results_link` variable we pass at the end of a detection rule execution to its rule actions via the `context` object. This variable then can be used from actions via `{{context.results_link}}` template placeholder. We used to construct the `results_link` like this: `<base-url>/app/security/detections/rules/id/<rule-id>?timerange=<...>`. Which used to be the correct URL to the Rule Details page. However, the URL structure of detections pages had been changed a long time ago, and now we have this: `<base-url>/app/security/detections/rules/id/<rule-id>`. We had URL redirects from `/app/security/detections/rules/id/<rule-id>` to `/app/security/detections/rules/id/<rule-id>`, but they were broken by elastic#217890. Some of them have been fixed since then, so now the redirects work as expected in some versions of Kibana, and in some of them they are still broken. See elastic#232557 (comment) for details. This PR adjusts the `results_link` according to the up to date URL structure. ## Release Notes Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder. ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [ ] [Flaky Test Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was used on any tests changed - No need for that as the only affected tests are unit tests - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
9 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR updates and simplifies the general architecture of the Security Solution links, removing unnecessary code.
The new architecture leverages the static
navigationTreefiles. This approach was discussed and agreed with @tsullivan (Shared-UX team) and introduced in this PR.With these changes, the
navigationTreebecomes the SSoT (Single Source of Truth) for the links hierarchy. This is done by registering the Security Solution plugindeepLinksusing the regularApplicationLinksinformation, but following the same hierarchy as thenavigationTree. This ensures consistency across the app and keeps the code DRY.Note
These changes only affect the new Solution navigation. The Classic navigation remains unchanged and isolated, as it is expected to be deprecated and removed in the near future.
Architecture change
NavigationLinksfrom which we were generating thenavigationTreeprogramatically have also been dropped.deepLinksare now generated using theApplicationLinksfor the link configuration (title, path...) and the currentnavigationTreefor the hierarchy.Previous architecture
New architecture
Important
The landing pages (Rules, Explore, Assets...) were made inaccessible recently by the shared-ux team (PR) in the new Solution navigation as part of an effort to unify with the rest of solutions. This fact also helped simplify the architecture.
Tip
We have multiple static
navigationTreedefinitions, which are used depending on the serverless product tier. Right now, we have the "default"navigationTreeused in the essentials and complete tiers, and the "AI"navigationTreeused in the new searchAiLake tier.This approach ensures consistency for the links' locations across Kibana: the "left navigation", the "breadcrumbs", and the "global search" will always be aligned.
Screenshots
ECH navigations
Serverless navigations
Example of hierarchy for the
Endpointspage:Classic nav
Solution nav
Other changes
NavLinksare no longer used by the Solution navigation and have been deprecated. They are only used in the Classic navigation now and will be removed along with it.ExternalPageNamesare no longer used and have been removed.ApplicationLinksobservables moved to a singleton class.links_hooks.tsfile.Next steps
When the Classic navigation is deprecated, we'll be able to:
ApplicationLinksand remove the concept ofcategoryin them.The docs will be updated once this is merged.