[SIEM] Removes prebuilt rules number dependency#65128
Merged
MadameSheema merged 5 commits intoelastic:masterfrom May 5, 2020
Merged
[SIEM] Removes prebuilt rules number dependency#65128MadameSheema merged 5 commits intoelastic:masterfrom
MadameSheema merged 5 commits intoelastic:masterfrom
Conversation
MadameSheema
added
Team:SIEM
v8.0.0
release_note:skip
MadameSheema
requested review from
FrankHassanabad,
randomuserid,
rylnd,
spong and
yctercero
Contributor
|
Pinging @elastic/siem (Team:SIEM) |
rylnd
reviewed
May 4, 2020
Contributor
rylnd
left a comment
rylnd
left a comment
There was a problem hiding this comment.
There are some CI failures so I'm just adding comments, for now.
MadameSheema
force-pushed
the
removes-rules-dependency
branch
from
e9afee0 to
8f8c04f
Compare
MadameSheema
force-pushed
the
removes-rules-dependency
branch
from
8f8c04f to
32cf919
Compare
Contributor
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
spong
approved these changes
May 5, 2020
Member
spong
left a comment
spong
left a comment
There was a problem hiding this comment.
Looks good to me! 👍 Thanks for unraveling these dependencies and helping improve the rule update flow for the @elastic/security-intelligence-analytics folks @MadameSheema! 🙂
MadameSheema
added a commit
to MadameSheema/kibana
that referenced
this pull request
May 5, 2020
* removes prebuilt rules number dependency * fixes type check issue * improves eslint comment * improves constant naming * fixes failures # Conflicts: # x-pack/plugins/siem/cypress/objects/rule.ts
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
May 5, 2020
* master: (133 commits) Cleanup Typescript index pattern field editor / Expression functions for bucket agg (elastic#65254) Removes legacy infra plugin and moves saved objects registration to NP (elastic#64848) Added support for docLinks plugin in Connectors forms and missing save capabilities for modal dialog (elastic#64986) [SIEM] Removes prebuilt rules number dependency (elastic#65128) [Maps] add categorical palettes with 20 and 30 categories (elastic#64701) [CI] Slack alerts - Elasticsearch snapshot failures (elastic#64724) [Uptime] Console errors in case index missing (elastic#65115) [SIEM][CASE] Dynamic fields mapping based on connector (elastic#64412) [test/functional] Tsfy page objects (elastic#64887) [Maps] [Telemetry] Track geo_point and geo_shape index patterns separately (elastic#65195) [Maps] Add global fit to data (elastic#64702) Visualize: Reload on ui state change and fix ui state for tsvb (elastic#63699) [SIEM] [Cases] External service selection per case (elastic#64775) [Uptime] Set ML anomaly look-back to 2w (from 24h) / Add spinner (elastic#65055) [Metrics UI] Remove APM Hard Dependency (elastic#64952) [Ingest] Datastream list: add icons and dashboard links (elastic#65048) disable plugins. they could access ES via SO repository (elastic#65242) Feature fleet enrollment instructions (elastic#65176) [SIEM] Adds 'Configure connector' Cypress test (elastic#64807) [TSVB] Fix std deviation band mode (elastic#64413) ...
spong
added a commit
that referenced
this pull request
May 6, 2020
* removes prebuilt rules number dependency * fixes type check issue * improves eslint comment * improves constant naming * fixes failures # Conflicts: # x-pack/plugins/siem/cypress/objects/rule.ts Co-authored-by: Garrett Spong <spong@users.noreply.github.com> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
MindyRS
added
the
Team: SecuritySolution
Contributor
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
In this PR we are removing the number of prebuilt rules dependency.
Now we are getting the number of expected prebuilt rules from the
rawRulesarray located inx-pack/plugins/siem/server/lib/detection_engine/rules/prepackaged_rules/index.ts. In this way we don't need to updated the test every time that we add or remove a new prebuilt rule.