Skip to content

Commit

Permalink
[Security Solution] Add history_window_start and new_terms_fields
Browse files Browse the repository at this point in the history
… editable fields (#200304)

**Partially addresses: #171520

## Summary
**Changes in this PR**:
- `history_window_start` and `new_terms_fields` are now editable in the
Rule Upgrade flyout
- Extracted fields into separate components that are easier to reuse
(`NewTermsFieldsEdit` and `HistoryWindowStartEdit`)

<img width="1392" alt="Scherm­afbeelding 2024-11-15 om 15 51 04"
src="https://github.com/user-attachments/assets/d00b7b3d-7c01-4041-b940-390660a069a9">

### Testing
- Ensure the `prebuiltRulesCustomizationEnabled` feature flag is
enabled.
- To simulate the availability of prebuilt rule upgrades, downgrade a
currently installed prebuilt rule using the `PATCH
api/detection_engine/rules` API.
   - Set `version: 1` in the request body to downgrade it to version 1.
- Modify other rule fields in the request body as needed to test the
changes.
  • Loading branch information
nikitaindik authored Dec 18, 2024
1 parent cd3c5b6 commit 639143a
Show file tree
Hide file tree
Showing 37 changed files with 908 additions and 262 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -7261,6 +7261,14 @@
"securitySolutionPackages.alertSuppressionRuleDetails.upsell": "La suppression d'alertes est configurée mais elle ne sera pas appliquée en raison d'une licence insuffisante",
"securitySolutionPackages.alertSuppressionRuleForm.upsell": "La suppression d'alertes est activée avec la licence {requiredLicense} ou supérieure",
"securitySolutionPackages.beta.label": "Bêta",
"securitySolutionPackages.csp.cspEvaluationBadge.failLabel": "Échec",
"securitySolutionPackages.csp.cspEvaluationBadge.naLabel": "S. O.",
"securitySolutionPackages.csp.cspEvaluationBadge.passLabel": "Réussite",
"securitySolutionPackages.csp.findings.findingsErrorToast.searchFailedTitle": "Échec de la recherche",
"securitySolutionPackages.csp.navigation.dashboardNavItemLabel": "Niveau de sécurité du cloud",
"securitySolutionPackages.csp.navigation.findingsNavItemLabel": "Résultats",
"securitySolutionPackages.csp.navigation.rulesNavItemLabel": "Règles",
"securitySolutionPackages.csp.navigation.vulnerabilityDashboardNavItemLabel": "Gestion des vulnérabilités natives du cloud",
"securitySolutionPackages.dataTable.ariaLabel": "Alertes",
"securitySolutionPackages.dataTable.columnHeaders.flyout.pane.removeColumnButtonLabel": "Supprimer la colonne",
"securitySolutionPackages.dataTable.eventRenderedView.eventSummary.column": "Résumé des événements",
Expand Down Expand Up @@ -7590,6 +7598,7 @@
"share.urlService.redirect.RedirectManager.missingParamLocator": "ID du localisateur non spécifié. Spécifiez le paramètre de recherche \"l\" dans l'URL ; ce devrait être un ID de localisateur existant.",
"share.urlService.redirect.RedirectManager.missingParamParams": "Paramètres du localisateur non spécifiés. Spécifiez le paramètre de recherche \"p\" dans l'URL ; ce devrait être un objet sérialisé JSON des paramètres du localisateur.",
"share.urlService.redirect.RedirectManager.missingParamVersion": "Version des paramètres du localisateur non spécifiée. Spécifiez le paramètre de recherche \"v\" dans l'URL ; ce devrait être la version de Kibana au moment de la génération des paramètres du localisateur.",
"sharedPlatformPackages.csp.common.utils.helpers.unknownError": "Erreur inconnue",
"sharedUXPackages.buttonToolbar.buttons.addFromLibrary.libraryButtonLabel": "Ajouter depuis la bibliothèque",
"sharedUXPackages.buttonToolbar.toolbar.errorToolbarText": "Il y a plus de 120 boutons supplémentaires. Nous vous invitons à limiter le nombre de boutons.",
"sharedUXPackages.card.noData.description": "Utilisez Elastic Agent pour collecter de manière simple et unifiée les données de vos machines.",
Expand Down Expand Up @@ -14597,7 +14606,6 @@
"xpack.csp.cnvmDashboardTable.section.topVulnerableResources.column.vulnerabilities": "Vulnérabilités",
"xpack.csp.cnvmDashboardTable.section.topVulnerableResources.column.vulnerabilityCount": "Vulnérabilités",
"xpack.csp.common.component.multiSelectFilter.searchWord": "Recherche",
"sharedPlatformPackages.csp.common.utils.helpers.unknownError": "Erreur inconnue",
"xpack.csp.compactFormattedNumber.naTitle": "S. O.",
"xpack.csp.complianceScoreBar.tooltipTitle": "{failed} échecs et {passed} réussites de résultats",
"xpack.csp.complianceScoreChart.counterButtonLink.failedFindingsTooltip": "Échec des résultats",
Expand All @@ -14612,9 +14620,6 @@
"xpack.csp.createPackagePolicy.customAssetsTab.rulesViewLabel": "Afficher les règles CSP",
"xpack.csp.createPackagePolicy.customAssetsTab.vulnerabilityDashboardViewLabel": "Afficher le tableau de bord CNVM",
"xpack.csp.createPackagePolicy.customAssetsTab.vulnerabilityFindingsViewLabel": "Afficher les résultats des vulnérabilités",
"securitySolutionPackages.csp.cspEvaluationBadge.failLabel": "Échec",
"securitySolutionPackages.csp.cspEvaluationBadge.naLabel": "S. O.",
"securitySolutionPackages.csp.cspEvaluationBadge.passLabel": "Réussite",
"xpack.csp.cspIntegration.gcpCloudCredentials.cloudFormationSupportedMessage": "La fonctionnalité Lancer Cloud Shell pour obtenir les informations d'identification de façon automatisée n’est pas pris en charge dans la version d'intégration actuelle. Veuillez effectuer une mise à niveau vers la dernière version pour activer Lancer Cloud Shell pour les informations d'identification automatisées.",
"xpack.csp.cspmIntegration.awsOption.benchmarkTitle": "CIS AWS",
"xpack.csp.cspmIntegration.awsOption.nameTitle": "AWS",
Expand Down Expand Up @@ -14698,7 +14703,6 @@
"xpack.csp.findings.distributionBar.totalPassedLabel": "Réussite des résultats",
"xpack.csp.findings.errorCallout.pageSearchErrorTitle": "Une erreur s’est produite lors de la récupération des résultats de recherche.",
"xpack.csp.findings.errorCallout.showErrorButtonLabel": "Afficher le message d'erreur",
"securitySolutionPackages.csp.findings.findingsErrorToast.searchFailedTitle": "Échec de la recherche",
"xpack.csp.findings.findingsFlyout.calloutTitle": "Certains champs ne sont pas fournis par {vendor}",
"xpack.csp.findings.findingsFlyout.flyoutDescriptionList.resourceId": "ID ressource",
"xpack.csp.findings.findingsFlyout.flyoutDescriptionList.resourceName": "Nom de ressource",
Expand Down Expand Up @@ -14868,10 +14872,6 @@
"xpack.csp.kspmIntegration.integration.shortNameTitle": "KSPM",
"xpack.csp.kspmIntegration.vanillaOption.benchmarkTitle": "CIS Kubernetes",
"xpack.csp.kspmIntegration.vanillaOption.nameTitle": "Autogéré",
"securitySolutionPackages.csp.navigation.dashboardNavItemLabel": "Niveau de sécurité du cloud",
"securitySolutionPackages.csp.navigation.findingsNavItemLabel": "Résultats",
"securitySolutionPackages.csp.navigation.rulesNavItemLabel": "Règles",
"securitySolutionPackages.csp.navigation.vulnerabilityDashboardNavItemLabel": "Gestion des vulnérabilités natives du cloud",
"xpack.csp.noFindingsStates.indexing.indexingButtonTitle": "Évaluation du niveau en cours",
"xpack.csp.noFindingsStates.indexing.indexingDescription": "En attente de la collecte et de l'indexation des données. Revenez plus tard pour voir vos résultats",
"xpack.csp.noFindingsStates.indexTimeout.indexTimeoutDescription": "La collecte des résultats prend plus de temps que prévu. {docs}.",
Expand Down Expand Up @@ -37703,7 +37703,6 @@
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.multiSelectFields.placeholderText": "Sélectionner un champ",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.newTermsField.placeholderText": "Sélectionner un champ",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.newTermsFieldsLabel": "Champs",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.newTermsFieldsMin": "Au moins un champ est requis.",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.referencesUrlInvalidError": "Le format de l’URL n’est pas valide.",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.resetDefaultIndicesButton": "Réinitialiser sur les modèles d'indexation par défaut",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.rulePreviewTitle": "Aperçu de la règle",
Expand Down Expand Up @@ -39008,7 +39007,6 @@
"xpack.securitySolution.detectionEngine.userUnauthenticatedMsgBody": "Vous ne disposez pas des autorisations requises pour visualiser le moteur de détection. Pour une aide supplémentaire, contactez votre administrateur.",
"xpack.securitySolution.detectionEngine.userUnauthenticatedTitle": "Autorisations de moteur de détection requises",
"xpack.securitySolution.detectionEngine.validations.stepDefineRule.historyWindowSize.errMin": "La taille de la fenêtre d'historique doit être supérieure à 0.",
"xpack.securitySolution.detectionEngine.validations.stepDefineRule.newTermsFieldsMax": "Le nombre de champs doit être de 3 au maximum.",
"xpack.securitySolution.detectionEngine.validations.thresholdCardinalityFieldFieldData.thresholdCardinalityFieldNotSuppliedMessage": "Un champ Cardinalité est requis.",
"xpack.securitySolution.detectionEngine.validations.thresholdCardinalityValueFieldData.numberGreaterThanOrEqualOneErrorMessage": "La valeur doit être supérieure ou égale à un.",
"xpack.securitySolution.detectionEngine.validations.thresholdFieldFieldData.arrayLengthGreaterThanMaxErrorMessage": "Le nombre de champs doit être de 3 au maximum.",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7139,6 +7139,14 @@
"securitySolutionPackages.alertSuppressionRuleDetails.upsell": "アラート非表示が構成されていますが、ライセンス不足のため適用されません",
"securitySolutionPackages.alertSuppressionRuleForm.upsell": "アラートの非表示は、{requiredLicense}ライセンス以上で有効です",
"securitySolutionPackages.beta.label": "ベータ",
"securitySolutionPackages.csp.cspEvaluationBadge.failLabel": "失敗",
"securitySolutionPackages.csp.cspEvaluationBadge.naLabel": "N/A",
"securitySolutionPackages.csp.cspEvaluationBadge.passLabel": "合格",
"securitySolutionPackages.csp.findings.findingsErrorToast.searchFailedTitle": "検索失敗",
"securitySolutionPackages.csp.navigation.dashboardNavItemLabel": "クラウドセキュリティ態勢",
"securitySolutionPackages.csp.navigation.findingsNavItemLabel": "調査結果",
"securitySolutionPackages.csp.navigation.rulesNavItemLabel": "ルール",
"securitySolutionPackages.csp.navigation.vulnerabilityDashboardNavItemLabel": "Cloud Native Vulnerability Management",
"securitySolutionPackages.dataTable.ariaLabel": "アラート",
"securitySolutionPackages.dataTable.columnHeaders.flyout.pane.removeColumnButtonLabel": "列を削除",
"securitySolutionPackages.dataTable.eventRenderedView.eventSummary.column": "イベント概要",
Expand Down Expand Up @@ -7467,6 +7475,7 @@
"share.urlService.redirect.RedirectManager.missingParamLocator": "ロケーターIDが指定されていません。URLで「l」検索パラメーターを指定します。これは既存のロケーターIDにしてください。",
"share.urlService.redirect.RedirectManager.missingParamParams": "ロケーターパラメーターが指定されていません。URLで「p」検索パラメーターを指定します。これはロケーターパラメーターのJSONシリアル化オブジェクトにしてください。",
"share.urlService.redirect.RedirectManager.missingParamVersion": "ロケーターパラメーターバージョンが指定されていません。URLで「v」検索パラメーターを指定します。これはロケーターパラメーターが生成されたときのKibanaのリリースバージョンです。",
"sharedPlatformPackages.csp.common.utils.helpers.unknownError": "不明なエラー",
"sharedUXPackages.buttonToolbar.buttons.addFromLibrary.libraryButtonLabel": "ライブラリから追加",
"sharedUXPackages.buttonToolbar.toolbar.errorToolbarText": "120以上のボタンがあります。ボタンの数を制限することを検討してください。",
"sharedUXPackages.card.noData.description": "Elasticエージェントを使用すると、シンプルで統一された方法でコンピューターからデータを収集するできます。",
Expand Down Expand Up @@ -14464,7 +14473,6 @@
"xpack.csp.cnvmDashboardTable.section.topVulnerableResources.column.vulnerabilities": "脆弱性",
"xpack.csp.cnvmDashboardTable.section.topVulnerableResources.column.vulnerabilityCount": "脆弱性",
"xpack.csp.common.component.multiSelectFilter.searchWord": "検索",
"sharedPlatformPackages.csp.common.utils.helpers.unknownError": "不明なエラー",
"xpack.csp.compactFormattedNumber.naTitle": "N/A",
"xpack.csp.complianceScoreBar.tooltipTitle": "{failed}が失敗し、{passed}が調査結果に合格しました",
"xpack.csp.complianceScoreChart.counterButtonLink.failedFindingsTooltip": "失敗した調査結果",
Expand All @@ -14479,9 +14487,6 @@
"xpack.csp.createPackagePolicy.customAssetsTab.rulesViewLabel": "CSPルールを表示",
"xpack.csp.createPackagePolicy.customAssetsTab.vulnerabilityDashboardViewLabel": "CNVMダッシュボードを表示",
"xpack.csp.createPackagePolicy.customAssetsTab.vulnerabilityFindingsViewLabel": "脆弱性の調査結果を表示",
"securitySolutionPackages.csp.cspEvaluationBadge.failLabel": "失敗",
"securitySolutionPackages.csp.cspEvaluationBadge.naLabel": "N/A",
"securitySolutionPackages.csp.cspEvaluationBadge.passLabel": "合格",
"xpack.csp.cspIntegration.gcpCloudCredentials.cloudFormationSupportedMessage": "Launch Cloud ShellLaunch Cloud Formation for Automated Credentialsは、現在の統合バージョンではサポートされていません。Launch Cloud Shell for Automated Credentialsを有効化するには、最新バージョンにアップグレードしてください。",
"xpack.csp.cspmIntegration.awsOption.benchmarkTitle": "CIS AWS",
"xpack.csp.cspmIntegration.awsOption.nameTitle": "AWS",
Expand Down Expand Up @@ -14564,7 +14569,6 @@
"xpack.csp.findings.distributionBar.totalPassedLabel": "合格した調査結果",
"xpack.csp.findings.errorCallout.pageSearchErrorTitle": "検索結果の取得中にエラーが発生しました",
"xpack.csp.findings.errorCallout.showErrorButtonLabel": "エラーメッセージを表示",
"securitySolutionPackages.csp.findings.findingsErrorToast.searchFailedTitle": "検索失敗",
"xpack.csp.findings.findingsFlyout.calloutTitle": "一部のフィールドは{vendor}によって提供されていません",
"xpack.csp.findings.findingsFlyout.flyoutDescriptionList.resourceId": "リソースID",
"xpack.csp.findings.findingsFlyout.flyoutDescriptionList.resourceName": "リソース名",
Expand Down Expand Up @@ -14733,10 +14737,6 @@
"xpack.csp.kspmIntegration.integration.shortNameTitle": "KSPM",
"xpack.csp.kspmIntegration.vanillaOption.benchmarkTitle": "CIS Kubernetes",
"xpack.csp.kspmIntegration.vanillaOption.nameTitle": "自己管理",
"securitySolutionPackages.csp.navigation.dashboardNavItemLabel": "クラウドセキュリティ態勢",
"securitySolutionPackages.csp.navigation.findingsNavItemLabel": "調査結果",
"securitySolutionPackages.csp.navigation.rulesNavItemLabel": "ルール",
"securitySolutionPackages.csp.navigation.vulnerabilityDashboardNavItemLabel": "Cloud Native Vulnerability Management",
"xpack.csp.noFindingsStates.indexing.indexingButtonTitle": "態勢評価中",
"xpack.csp.noFindingsStates.indexing.indexingDescription": "データの収集とインデックス作成を待機しています。結果を表示するには、しばらくたってから確認してください",
"xpack.csp.noFindingsStates.indexTimeout.indexTimeoutDescription": "調査結果の収集に想定よりも時間がかかっています。{docs}。",
Expand Down Expand Up @@ -37561,7 +37561,6 @@
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.multiSelectFields.placeholderText": "フィールドを選択",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.newTermsField.placeholderText": "フィールドを選択",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.newTermsFieldsLabel": "フィールド",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.newTermsFieldsMin": "1つ以上のフィールドが必要です。",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.referencesUrlInvalidError": "URLの形式が無効です",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.resetDefaultIndicesButton": "デフォルトインデックスパターンにリセット",
"xpack.securitySolution.detectionEngine.createRule.stepDefineRule.rulePreviewTitle": "ルールプレビュー",
Expand Down Expand Up @@ -38865,7 +38864,6 @@
"xpack.securitySolution.detectionEngine.userUnauthenticatedMsgBody": "検出エンジンを表示するための必要なアクセス権がありません。ヘルプについては、管理者にお問い合わせください。",
"xpack.securitySolution.detectionEngine.userUnauthenticatedTitle": "検出エンジンアクセス権が必要です",
"xpack.securitySolution.detectionEngine.validations.stepDefineRule.historyWindowSize.errMin": "履歴ウィンドウサイズは0よりも大きい値でなければなりません。",
"xpack.securitySolution.detectionEngine.validations.stepDefineRule.newTermsFieldsMax": "フィールド数は3以下でなければなりません。",
"xpack.securitySolution.detectionEngine.validations.thresholdCardinalityFieldFieldData.thresholdCardinalityFieldNotSuppliedMessage": "カーディナリティフィールドは必須です。",
"xpack.securitySolution.detectionEngine.validations.thresholdCardinalityValueFieldData.numberGreaterThanOrEqualOneErrorMessage": "値は 1 以上でなければなりません。",
"xpack.securitySolution.detectionEngine.validations.thresholdFieldFieldData.arrayLengthGreaterThanMaxErrorMessage": "フィールド数は3以下でなければなりません。",
Expand Down
Loading

0 comments on commit 639143a

Please sign in to comment.