[Security Solution] Implement prebuilt rules export test plan#224611
Merged
maximpn merged 1 commit intoelastic:mainfrom Jul 4, 2025
Merged
[Security Solution] Implement prebuilt rules export test plan#224611maximpn merged 1 commit intoelastic:mainfrom
maximpn merged 1 commit intoelastic:mainfrom
Conversation
b787efd to
f6cdc52
Compare
Contributor
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Contributor
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Contributor
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
18 tasks
xcrzx
reviewed
Jul 1, 2025
...tions_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts
Outdated
Show resolved
Hide resolved
.../cypress/e2e/detection_response/rule_management/rule_actions/import_export/export_rule.cy.ts
Outdated
Show resolved
Hide resolved
...ess/cypress/e2e/detection_response/rule_management/prebuilt_rules/export_prebuilt_rule.cy.ts
Outdated
Show resolved
Hide resolved
...ess/cypress/e2e/detection_response/rule_management/prebuilt_rules/export_prebuilt_rule.cy.ts
Outdated
Show resolved
Hide resolved
...ess/cypress/e2e/detection_response/rule_management/prebuilt_rules/export_prebuilt_rule.cy.ts
Show resolved
Hide resolved
...ess/cypress/e2e/detection_response/rule_management/prebuilt_rules/export_prebuilt_rule.cy.ts
Outdated
Show resolved
Hide resolved
...tions_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts
Outdated
Show resolved
Hide resolved
...tions_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts
Outdated
Show resolved
Hide resolved
...tions_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts
Outdated
Show resolved
Hide resolved
...tions_response/rules_management/prebuilt_rules/common/import_export/export_prebuilt_rules.ts
Outdated
Show resolved
Hide resolved
a86dea3 to
4da2d9b
Compare
Contributor
Author
|
Hey @xcrzx, Thanks for your review 🙏 I've addressed your comments. I answered in #224611 (comment) regarding significantly shrinking the number of tests. Could you have a look? |
fbcccb2 to
3757b7f
Compare
xcrzx
approved these changes
Jul 3, 2025
Contributor
xcrzx
left a comment
There was a problem hiding this comment.
Thanks for addressing my feedback, Maxim. Went through the changes once again, all seems good 👍
3757b7f to
9f91eb4
Compare
Contributor
💚 Build Succeeded
Metrics [docs]
History
cc @maximpn |
Contributor
|
Starting backport for target branches: 8.18, 8.19, 9.0, 9.1 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jul 4, 2025
…c#224611) **Addresses:** elastic#202079 **Relates to:** elastic#222796 ## Summary This PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md). Existing tests were adjusted and extended to match the test plan. ## Caveats The test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow. As the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR. (cherry picked from commit 6120cae)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jul 4, 2025
…c#224611) **Addresses:** elastic#202079 **Relates to:** elastic#222796 ## Summary This PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md). Existing tests were adjusted and extended to match the test plan. ## Caveats The test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow. As the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR. (cherry picked from commit 6120cae)
Contributor
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
maximpn
added a commit
to maximpn/kibana
that referenced
this pull request
Jul 4, 2025
…c#224611) **Addresses:** elastic#202079 **Relates to:** elastic#222796 ## Summary This PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md). Existing tests were adjusted and extended to match the test plan. ## Caveats The test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow. As the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR. (cherry picked from commit 6120cae) # Conflicts: # x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md # x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/configs/ess_air_gapped.config.ts # x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/common/index.ts # x-pack/test/security_solution_api_integration/test_suites/detections_response/rules_management/prebuilt_rules/customization_enabled/index.ts
kibanamachine
added a commit
that referenced
this pull request
Jul 4, 2025
…224611) (#226663) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] Implement prebuilt rules export test plan (#224611)](#224611) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-04T20:09:17Z","message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["test","release_note:skip","impact:high","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.1.0","v8.19.0","v9.2.0","v8.18.4","v9.0.4"],"title":"[Security Solution] Implement prebuilt rules export test plan","number":224611,"url":"https://github.com/elastic/kibana/pull/224611","mergeCommit":{"message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19","8.18","9.0"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224611","number":224611,"mergeCommit":{"message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9"}},{"branch":"8.18","label":"v8.18.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
kibanamachine
added a commit
that referenced
this pull request
Jul 4, 2025
…224611) (#226662) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution] Implement prebuilt rules export test plan (#224611)](#224611) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-04T20:09:17Z","message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["test","release_note:skip","impact:high","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.1.0","v8.19.0","v9.2.0","v8.18.4","v9.0.4"],"title":"[Security Solution] Implement prebuilt rules export test plan","number":224611,"url":"https://github.com/elastic/kibana/pull/224611","mergeCommit":{"message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.19","8.18","9.0"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224611","number":224611,"mergeCommit":{"message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9"}},{"branch":"8.18","label":"v8.18.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Maxim Palenov <maxim.palenov@elastic.co>
maximpn
added a commit
to maximpn/kibana
that referenced
this pull request
Jul 5, 2025
…c#224611) **Addresses:** elastic#202079 **Relates to:** elastic#222796 ## Summary This PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md). Existing tests were adjusted and extended to match the test plan. ## Caveats The test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow. As the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR. (cherry picked from commit 6120cae) # Conflicts: # x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md
maximpn
added a commit
to maximpn/kibana
that referenced
this pull request
Jul 5, 2025
…c#224611) **Addresses:** elastic#202079 **Relates to:** elastic#222796 ## Summary This PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md). Existing tests were adjusted and extended to match the test plan. ## Caveats The test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow. As the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR. (cherry picked from commit 6120cae) # Conflicts: # x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
adcoelho
pushed a commit
to adcoelho/kibana
that referenced
this pull request
Jul 7, 2025
…c#224611) **Addresses:** elastic#202079 **Relates to:** elastic#222796 ## Summary This PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md). Existing tests were adjusted and extended to match the test plan. ## Caveats The test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow. As the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.
maximpn
added a commit
that referenced
this pull request
Jul 7, 2025
…224611) (#226666) # Backport This will backport the following commits from `main` to `9.0`: - [[Security Solution] Implement prebuilt rules export test plan (#224611)](#224611) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-04T20:09:17Z","message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["test","release_note:skip","impact:high","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.1.0","v8.19.0","v9.2.0","v8.18.4","v9.0.4"],"title":"[Security Solution] Implement prebuilt rules export test plan","number":224611,"url":"https://github.com/elastic/kibana/pull/224611","mergeCommit":{"message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9"}},"sourceBranch":"main","suggestedTargetBranches":["8.18","9.0"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/226663","number":226663,"state":"OPEN"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/226662","number":226662,"state":"OPEN"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224611","number":224611,"mergeCommit":{"message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9"}},{"branch":"8.18","label":"v8.18.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
maximpn
added a commit
that referenced
this pull request
Jul 7, 2025
…224611) (#226679) # Backport This will backport the following commits from `main` to `8.18`: - [[Security Solution] Implement prebuilt rules export test plan (#224611)](#224611) <!--- Backport version: 10.0.0 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Maxim Palenov","email":"maxim.palenov@elastic.co"},"sourceCommit":{"committedDate":"2025-07-04T20:09:17Z","message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["test","release_note:skip","impact:high","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.1.0","v8.19.0","v9.2.0","v8.18.4","v9.0.4"],"title":"[Security Solution] Implement prebuilt rules export test plan","number":224611,"url":"https://github.com/elastic/kibana/pull/224611","mergeCommit":{"message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9"}},"sourceBranch":"main","suggestedTargetBranches":["8.18"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/226663","number":226663,"state":"MERGED","mergeCommit":{"sha":"516fe9074008e37beee8fa21d6114bb847067fa2","message":"[9.1] [Security Solution] Implement prebuilt rules export test plan (#224611) (#226663)\n\n# Backport\n\nThis will backport the following commits from `main` to `9.1`:\n- [[Security Solution] Implement prebuilt rules export test plan\n(#224611)](https://github.com/elastic/kibana/pull/224611)\n\n\n\n### Questions ?\nPlease refer to the [Backport tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/226662","number":226662,"state":"MERGED","mergeCommit":{"sha":"3ce9be35489395df0b9321b6a644ea5b827d98cc","message":"[8.19] [Security Solution] Implement prebuilt rules export test plan (#224611) (#226662)\n\n# Backport\n\nThis will backport the following commits from `main` to `8.19`:\n- [[Security Solution] Implement prebuilt rules export test plan\n(#224611)](https://github.com/elastic/kibana/pull/224611)\n\n\n\n### Questions ?\nPlease refer to the [Backport tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\nCo-authored-by: Maxim Palenov <maxim.palenov@elastic.co>"}},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/224611","number":224611,"mergeCommit":{"message":"[Security Solution] Implement prebuilt rules export test plan (#224611)\n\n**Addresses:** https://github.com/elastic/kibana/issues/202079\n**Relates to:** https://github.com/elastic/kibana/pull/222796\n\n## Summary\n\nThis PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md).\n\nExisting tests were adjusted and extended to match the test plan.\n\n## Caveats\n\nThe test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.\n\nAs the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.","sha":"6120caeabf167dec507e0843913b1dc944beebd9"}},{"branch":"8.18","label":"v8.18.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.4","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/226666","number":226666,"state":"OPEN"}]}] BACKPORT-->
kertal
pushed a commit
to kertal/kibana
that referenced
this pull request
Jul 25, 2025
…c#224611) **Addresses:** elastic#202079 **Relates to:** elastic#222796 ## Summary This PR implements Prebuilt Rules export [test plan](https://github.com/elastic/kibana/blob/main/x-pack/solutions/security/plugins/security_solution/docs/testing/test_plans/detection_response/prebuilt_rules/prebuilt_rule_export.md). Existing tests were adjusted and extended to match the test plan. ## Caveats The test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like `deleteAllRules()` fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow. As the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Addresses: #202079
Relates to: #222796
Summary
This PR implements Prebuilt Rules export test plan.
Existing tests were adjusted and extended to match the test plan.
Caveats
The test plan describes a scenario to verify prebuilt rules export fails for 10K+ rules but this scenario is tricky to implement. Due to ES limitations on filtering more than 10K the majority of utility functions like
deleteAllRules()fail. The proper implementation requires proper setup and cleanup to make sure the test doesn't block the testing workflow.As the result of the mentioned complexities implementation of the test scenario for 10K+ rules is skipped in this PR.