Skip to content

[8.19] [Security Solution] Display which fields are customized for prebuilt rules (#225939)#227121

Merged
dplumlee merged 1 commit intoelastic:8.19from
dplumlee:backport/8.19/pr-225939
Jul 8, 2025
Merged

[8.19] [Security Solution] Display which fields are customized for prebuilt rules (#225939)#227121
dplumlee merged 1 commit intoelastic:8.19from
dplumlee:backport/8.19/pr-225939

Conversation

@dplumlee
Copy link
Copy Markdown
Contributor

@dplumlee dplumlee commented Jul 8, 2025

Backport

This will backport the following commits from main to 8.19:

Questions ?

Please refer to the Backport tool documentation

@dplumlee
[Security Solution] Display which fields are customized for prebuilt …
537e750 
…rules (elastic#225939)

## Summary

Addresses elastic#207172

Follow-up to: elastic#219628

Adds per-field badges to the rule details page so that users can see
which fields are modified on their customized prebuilt rules. Clicking
on the badges opens a rule diff flyout that displays more extensive
information.

Also switches the concurrency controls in the flyout to a static view in
which data doesn't change when it is stale, we just now display a
callout informing the user that the information they're viewing is
outdated.

### Screenshots

**Modified fields from the Rule Details page**
![Screenshot 2025-07-02 at 5 38
43 PM](https://github.com/user-attachments/assets/ae1d2865-f3bd-4d5b-a109-213f78ea194c)

**Flyout opened when those badges are clicked**
![Screenshot 2025-07-02 at 1 33
26 PM](https://github.com/user-attachments/assets/793371ae-7a7d-4b39-8889-d16bd7dff9ba)

### Checklist

Check the PR satisfies following conditions.

Reviewers should verify this PR satisfies this list as well.

- [x] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [x] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios

(cherry picked from commit b261abb)

# Conflicts:
#	x-pack/solutions/security/plugins/security_solution/public/detection_engine/rule_details_ui/pages/rule_details/index.tsx
@dplumlee dplumlee requested a review from kibanamachine as a code owner July 8, 2025 18:23
@dplumlee dplumlee added the backport This PR is a backport of another PR label Jul 8, 2025
@dplumlee dplumlee enabled auto-merge (squash) July 8, 2025 18:23
@dplumlee dplumlee mentioned this pull request Jul 8, 2025
Merged
3 tasks
@dplumlee dplumlee merged commit 6f31eea into elastic:8.19 Jul 8, 2025
11 checks passed
@dplumlee dplumlee deleted the backport/8.19/pr-225939 branch July 8, 2025 20:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marshallmain marshallmain marshallmain approved these changes

@kibanamachine kibanamachine Awaiting requested review from kibanamachine kibanamachine is a code owner

Assignees

No one assigned

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dplumlee @marshallmain