[9.1] [Security Solution] Display which fields are customized for prebuilt rules (#225939)#227092
Merged
kibanamachine merged 1 commit intoelastic:9.1from Jul 8, 2025
Merged
Conversation
…rules (elastic#225939) ## Summary Addresses elastic#207172 Follow-up to: elastic#219628 Adds per-field badges to the rule details page so that users can see which fields are modified on their customized prebuilt rules. Clicking on the badges opens a rule diff flyout that displays more extensive information. Also switches the concurrency controls in the flyout to a static view in which data doesn't change when it is stale, we just now display a callout informing the user that the information they're viewing is outdated. ### Screenshots **Modified fields from the Rule Details page**  **Flyout opened when those badges are clicked**  ### Checklist Check the PR satisfies following conditions. Reviewers should verify this PR satisfies this list as well. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit b261abb)
3 tasks
dplumlee
added a commit
that referenced
this pull request
Jul 8, 2025
…ebuilt rules (#225939) (#227121) # Backport This will backport the following commits from `main` to `8.19`: - [[Security Solution] Display which fields are customized for prebuilt rules (#225939)](#225939) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Davis Plumlee","email":"56367316+dplumlee@users.noreply.github.com"},"sourceCommit":{"committedDate":"2025-07-08T15:53:08Z","message":"[Security Solution] Display which fields are customized for prebuilt rules (#225939)\n\n## Summary\n\nAddresses https://github.com/elastic/kibana/issues/207172\n\nFollow-up to: https://github.com/elastic/kibana/pull/219628\n\nAdds per-field badges to the rule details page so that users can see\nwhich fields are modified on their customized prebuilt rules. Clicking\non the badges opens a rule diff flyout that displays more extensive\ninformation.\n\nAlso switches the concurrency controls in the flyout to a static view in\nwhich data doesn't change when it is stale, we just now display a\ncallout informing the user that the information they're viewing is\noutdated.\n\n### Screenshots\n\n**Modified fields from the Rule Details page**\n\n\n**Flyout opened when those badges are clicked**\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"b261abbe52d70ccb562e9abf5f695251cc851142","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:enhancement","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.1.0","v8.19.0","v9.2.0"],"title":"[Security Solution] Display which fields are customized for prebuilt rules","number":225939,"url":"https://github.com/elastic/kibana/pull/225939","mergeCommit":{"message":"[Security Solution] Display which fields are customized for prebuilt rules (#225939)\n\n## Summary\n\nAddresses https://github.com/elastic/kibana/issues/207172\n\nFollow-up to: https://github.com/elastic/kibana/pull/219628\n\nAdds per-field badges to the rule details page so that users can see\nwhich fields are modified on their customized prebuilt rules. Clicking\non the badges opens a rule diff flyout that displays more extensive\ninformation.\n\nAlso switches the concurrency controls in the flyout to a static view in\nwhich data doesn't change when it is stale, we just now display a\ncallout informing the user that the information they're viewing is\noutdated.\n\n### Screenshots\n\n**Modified fields from the Rule Details page**\n\n\n**Flyout opened when those badges are clicked**\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"b261abbe52d70ccb562e9abf5f695251cc851142"}},"sourceBranch":"main","suggestedTargetBranches":["8.19"],"targetPullRequestStates":[{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/227092","number":227092,"state":"MERGED","mergeCommit":{"sha":"4ab00ebff2ddb2355feee8ea8b955f53d83348b0","message":"[9.1] [Security Solution] Display which fields are customized for prebuilt rules (#225939) (#227092)\n\n# Backport\n\nThis will backport the following commits from `main` to `9.1`:\n- [[Security Solution] Display which fields are customized for prebuilt\nrules (#225939)](https://github.com/elastic/kibana/pull/225939)\n\n\n\n### Questions ?\nPlease refer to the [Backport tool\ndocumentation](https://github.com/sorenlouv/backport)\n\n\n\nCo-authored-by: Davis Plumlee <56367316+dplumlee@users.noreply.github.com>"}},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/225939","number":225939,"mergeCommit":{"message":"[Security Solution] Display which fields are customized for prebuilt rules (#225939)\n\n## Summary\n\nAddresses https://github.com/elastic/kibana/issues/207172\n\nFollow-up to: https://github.com/elastic/kibana/pull/219628\n\nAdds per-field badges to the rule details page so that users can see\nwhich fields are modified on their customized prebuilt rules. Clicking\non the badges opens a rule diff flyout that displays more extensive\ninformation.\n\nAlso switches the concurrency controls in the flyout to a static view in\nwhich data doesn't change when it is stale, we just now display a\ncallout informing the user that the information they're viewing is\noutdated.\n\n### Screenshots\n\n**Modified fields from the Rule Details page**\n\n\n**Flyout opened when those badges are clicked**\n\n\n\n### Checklist\n\nCheck the PR satisfies following conditions. \n\nReviewers should verify this PR satisfies this list as well.\n\n- [x] Any text added follows [EUI's writing\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\nsentence case text and includes [i18n\nsupport](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)\n- [ ]\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\nwas added for features that require explanation or tutorials\n- [x] [Unit or functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere updated or added to match the most common scenarios","sha":"b261abbe52d70ccb562e9abf5f695251cc851142"}}]}] BACKPORT-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport
This will backport the following commits from
mainto9.1:Questions ?
Please refer to the Backport tool documentation