Skip to content

[8.19] [Security Solution][Detection Engine] adds simplified bulk edit for alert suppression (#223090)#224595

Merged
vitaliidm merged 8 commits intoelastic:8.19from
vitaliidm:backport/8.19/pr-223090
Jun 20, 2025
Merged

[8.19] [Security Solution][Detection Engine] adds simplified bulk edit for alert suppression (#223090)#224595
vitaliidm merged 8 commits intoelastic:8.19from
vitaliidm:backport/8.19/pr-223090

Conversation

@vitaliidm
Copy link
Contributor

@vitaliidm vitaliidm commented Jun 19, 2025

Backport

This will backport the following commits from main to 8.19:

Questions ?

Please refer to the Backport tool documentation

@vitaliidm
[Security Solution][Detection Engine] adds simplified bulk edit for a…
d0e4ce5 
…lert suppression (elastic#223090)

## Summary

- addresses elastic/security-team#9190
(issue's description does not contain details, for product requirements
refer to
elastic/security-team#9190 (comment))
- adds simplified bulk editing, when user can only overwrite or remove
alert suppression for multiple rules

### DEMO

https://github.com/user-attachments/assets/88dc2953-e3fa-44c3-b896-ff533c66553f

### Feature flag

```yml
xpack.securitySolution.enableExperimental:
  - bulkEditAlertSuppressionEnabled
```

### Flaky test runner

FTR -
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8360
Cypress -
https://buildkite.com/elastic/kibana-flaky-test-suite-runner/builds/8361

### Docs issue

elastic/docs-content#1719

### Test plan

elastic/security-team#12813

---------

Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
(cherry picked from commit 40dccf5)

# Conflicts:
#	oas_docs/output/kibana.serverless.yaml
#	oas_docs/output/kibana.yaml
#	x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.gen.ts
#	x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.schema.yaml
#	x-pack/solutions/security/plugins/security_solution/common/api/detection_engine/rule_management/bulk_actions/bulk_actions_route.test.ts
#	x-pack/solutions/security/plugins/security_solution/docs/openapi/ess/security_solution_detections_api_2023_10_31.bundled.schema.yaml
#	x-pack/solutions/security/plugins/security_solution/docs/openapi/serverless/security_solution_detections_api_2023_10_31.bundled.schema.yaml
#	x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/routes/__mocks__/request_responses.ts
#	x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/rule_management/api/rules/bulk_actions/route.ts
#	x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/rule_bulk_actions/trial_license_complete_tier/perform_bulk_action_dry_run.ts
@vitaliidm vitaliidm added the backport This PR is a backport of another PR label Jun 19, 2025
@vitaliidm vitaliidm requested a review from kibanamachine as a code owner June 19, 2025 14:58
@vitaliidm vitaliidm enabled auto-merge (squash) June 19, 2025 14:58
@vitaliidm vitaliidm mentioned this pull request Jun 19, 2025
Merged
maximpn
maximpn approved these changes Jun 20, 2025
View reviewed changes
Copy link
Contributor

@maximpn maximpn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving the backport after approving the original PR. Tested it on 8.19 and works identical to the original PR.

@vitaliidm vitaliidm merged commit 179d672 into elastic:8.19 Jun 20, 2025
8 checks passed
@elasticmachine
Copy link
Contributor

elasticmachine commented Jun 20, 2025

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #10 / Stateful Observability - Deployment-agnostic API integration tests Observability Alerting Synthetics Alerting SyntheticsCustomStatusRule NumberOfChecks - Location threshold > 1 - ungrouped - 2 down locations should be down again

Metrics [docs]

Module Count

Fewer modules leads to a faster build time

id before after diff
securitySolution 7497 7500 +3

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 9.4MB 9.4MB +9.9KB

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id before after diff
securitySolution 85.2KB 85.4KB +212.0B

History

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maximpn maximpn maximpn approved these changes

@kibanamachine kibanamachine Awaiting requested review from kibanamachine kibanamachine is a code owner

Assignees

No one assigned

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@vitaliidm @elasticmachine @maximpn @kibanamachine