[Security Solution] Test plan for reverting customized prebuilt rules to their base version#219628
Merged
maximpn merged 6 commits intoelastic:mainfrom Jun 26, 2025
Merged
Conversation
Contributor
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Contributor
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
Contributor
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
15 tasks
5755904 to
7d96479
Compare
maximpn
requested changes
Jun 18, 2025
Contributor
maximpn
left a comment
There was a problem hiding this comment.
@dplumlee Thanks for adding a test plan for prebuilt rules customization reverting 🙏
I recently actualized Prebuilt Rules Customization test plans and it makes sense to keep wording consistent. On top of that there are comments regarding test scenarios expliciness and compaction.
| **Automation**: 1 cypress test and 1 unit test per field. | ||
|
|
||
| ```Gherkin | ||
| Given a space with at least one prebuilt rule |
Contributor
There was a problem hiding this comment.
I've made changes to this test plan in #222188. For consistency this and the other test scenarios could be simplified and aligned to look like
Given an installed prebuilt rule
And this prebuilt rule is customized
And this prebuilt rule has an existing base version
When user navigates to that rule's details page
Then the <field_name> field should be marked with a modified rule badgeWhere examples could be moved out and formatted like (in that case prettier is able to auto-format examples)
**Examples:**
`<field_name>` = all customizable rule fields
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
...ion/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_customization.md
Outdated
Show resolved
Hide resolved
Contributor
💚 Build Succeeded
History
cc @dplumlee |
4c6e715 to
8068d38
Compare
Contributor
|
Starting backport for target branches: 8.19 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jun 26, 2025
… to their base version (elastic#219628) ## Summary Test plan for: elastic#215506 and elastic#207172 Adds test cases to cover when writing implementation for the reverting customized prebuilt rules to their base version enhancement (cherry picked from commit f44a765)
Contributor
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Jun 26, 2025
…t rules to their base version (#219628) (#225466) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution] Test plan for reverting customized prebuilt rules to their base version (#219628)](#219628) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Davis Plumlee","email":"56367316+dplumlee@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-06-26T14:04:47Z","message":"[Security Solution] Test plan for reverting customized prebuilt rules to their base version (#219628)\n\n## Summary\n\nTest plan for: #215506 and https://github.com/elastic/kibana/issues/207172\n\nAdds test cases to cover when writing implementation for the reverting customized prebuilt rules to their base version enhancement","sha":"f44a7655d91f6150cd7b014ae312cef1ed6c8073","branchLabelMapping":{"^v9.1.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","test-plan","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.1.0","v8.19.0"],"title":"[Security Solution] Test plan for reverting customized prebuilt rules to their base version","number":219628,"url":"https://github.com/elastic/kibana/pull/219628","mergeCommit":{"message":"[Security Solution] Test plan for reverting customized prebuilt rules to their base version (#219628)\n\n## Summary\n\nTest plan for: #215506 and https://github.com/elastic/kibana/issues/207172\n\nAdds test cases to cover when writing implementation for the reverting customized prebuilt rules to their base version enhancement","sha":"f44a7655d91f6150cd7b014ae312cef1ed6c8073"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/219628","number":219628,"mergeCommit":{"message":"[Security Solution] Test plan for reverting customized prebuilt rules to their base version (#219628)\n\n## Summary\n\nTest plan for: #215506 and https://github.com/elastic/kibana/issues/207172\n\nAdds test cases to cover when writing implementation for the reverting customized prebuilt rules to their base version enhancement","sha":"f44a7655d91f6150cd7b014ae312cef1ed6c8073"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Davis Plumlee <56367316+dplumlee@users.noreply.github.com>
17 tasks
3 tasks
dplumlee
added a commit
that referenced
this pull request
Jul 8, 2025
…rules (#225939) ## Summary Addresses #207172 Follow-up to: #219628 Adds per-field badges to the rule details page so that users can see which fields are modified on their customized prebuilt rules. Clicking on the badges opens a rule diff flyout that displays more extensive information. Also switches the concurrency controls in the flyout to a static view in which data doesn't change when it is stale, we just now display a callout informing the user that the information they're viewing is outdated. ### Screenshots **Modified fields from the Rule Details page**  **Flyout opened when those badges are clicked**  ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jul 8, 2025
…rules (elastic#225939) ## Summary Addresses elastic#207172 Follow-up to: elastic#219628 Adds per-field badges to the rule details page so that users can see which fields are modified on their customized prebuilt rules. Clicking on the badges opens a rule diff flyout that displays more extensive information. Also switches the concurrency controls in the flyout to a static view in which data doesn't change when it is stale, we just now display a callout informing the user that the information they're viewing is outdated. ### Screenshots **Modified fields from the Rule Details page**  **Flyout opened when those badges are clicked**  ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit b261abb)
kertal
pushed a commit
to kertal/kibana
that referenced
this pull request
Jul 25, 2025
…rules (elastic#225939) ## Summary Addresses elastic#207172 Follow-up to: elastic#219628 Adds per-field badges to the rule details page so that users can see which fields are modified on their customized prebuilt rules. Clicking on the badges opens a rule diff flyout that displays more extensive information. Also switches the concurrency controls in the flyout to a static view in which data doesn't change when it is stale, we just now display a callout informing the user that the information they're viewing is outdated. ### Screenshots **Modified fields from the Rule Details page**  **Flyout opened when those badges are clicked**  ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Test plan for: #215506 and #207172
Adds test cases to cover when writing implementation for the reverting customized prebuilt rules to their base version enhancement