Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Alerting][Connectors] Import rules and connectors #94152

Closed
ymao1 opened this issue Mar 9, 2021 · 6 comments · Fixed by #99857
Closed

[Alerting][Connectors] Import rules and connectors #94152

ymao1 opened this issue Mar 9, 2021 · 6 comments · Fixed by #99857
Assignees
@YulNaumenko
Labels
Feature:Actions Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)

Comments

@ymao1
Copy link
Contributor

ymao1 commented Mar 9, 2021
edited
Loading

This issue covers the import portion of importing/exporting rules and connectors. We want to be able to import rules and connectors from the saved object management page.

Refer to this PR for details about setting warnings within the onImport hook

1. Import rules

Add an onImport hook that sets a warning on the import flyout when rules are imported. This should reset the executionStatus to pending and update the updatedAt field to the current time.

2. Import connectors

Add an onImport hook that sets a warning on the import flyout when connectors are imported

### 3. Audit log entry for imports
Based on this comment and the ensuring discussion, we should be generating alerting/action specific audit log entries on import so the imports don't just show up as generic saved object actions.

Removed #3 based on this discussion in the export PR
@ymao1 ymao1 mentioned this issue Mar 9, 2021
Open
8 tasks
@ymao1 ymao1 added Feature:Actions Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) labels Mar 9, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

@ymao1 ymao1 added the blocked label Mar 9, 2021
@ymao1
Copy link
Contributor Author

ymao1 commented Mar 9, 2021

Blocked by #94106

@dhurley14 dhurley14 mentioned this issue Mar 22, 2021
Open
@ymao1
Copy link
Contributor Author

ymao1 commented Apr 26, 2021

PR for #94106 is open so removing blocked label since you can branch off the PR

@ymao1 ymao1 removed the blocked label Apr 26, 2021
@ymao1
Copy link
Contributor Author

ymao1 commented May 5, 2021

From this comment, it would be nice to add something to the import warning if imported connectors have a higher license level than current Kibana uses.

@ymao1 ymao1 mentioned this issue May 5, 2021
Merged
2 tasks
@YulNaumenko
Copy link
Contributor

Importing the connectors with the higher license than the current user have, could be OK if we add the warning message after the import, but for the rules it can cause some noise, which is probably OK too.

@YulNaumenko YulNaumenko self-assigned this May 10, 2021
@ymao1
Copy link
Contributor Author

ymao1 commented May 10, 2021

Based on this comment, we should check for the existence of security rules (producer: siem) on import and skip importing those rules, with a message about it.

@YulNaumenko YulNaumenko mentioned this issue May 11, 2021
Merged
2 tasks
@kobelb kobelb added the needs-team Issues missing a team label label Jan 31, 2022
@botelastic botelastic bot removed the needs-team Issues missing a team label label Jan 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@YulNaumenko YulNaumenko

Labels
Feature:Actions Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Alerting] Enabling import of rules and connectors YulNaumenko/kibana
4 participants
@kobelb @ymao1 @elasticmachine @YulNaumenko