Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SIEM][Detection Rules] Add 7.9 rules #71332

Merged
merged 10 commits into from
Jul 13, 2020
Merged

[SIEM][Detection Rules] Add 7.9 rules #71332

merged 10 commits into from
Jul 13, 2020

Conversation

rw-access
Copy link
Contributor

Summary

Add rules from detection-rules

Checklist

N/A

For maintainers

@rw-access rw-access added the Feature:Detection Rules Security Solution rules and Detection Engine label Jul 9, 2020
@rw-access rw-access requested a review from a team as a code owner July 9, 2020 21:53
@brokensound77
Copy link
Contributor

Versioning looks solid for all of the rules 👍

@rw-access rw-access added release_note:skip Skip the PR/issue when compiling release notes v7.9.0 v8.0.0 labels Jul 9, 2020
@rw-access rw-access mentioned this pull request Jul 9, 2020
Merged
brokensound77
brokensound77 approved these changes Jul 9, 2020
View reviewed changes
Copy link
Contributor

@brokensound77 brokensound77 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Versioning, autogenerated files, and renames all seem to have worked nicely.

LGTM once it passes 👍

@spong spong mentioned this pull request Jul 9, 2020
Closed
@elastic elastic deleted a comment from kibanamachine Jul 9, 2020
spong
spong approved these changes Jul 9, 2020
View reviewed changes
Copy link
Member

@spong spong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Was able to verify successful POST of the Elastic Endpoint and External Alerts rules without issue. Skimmed the other changes and those look good as well. Thanks @rw-access! 🙂

@rw-access
Copy link
Contributor Author

@elasticmachine merge upstream

@elastic elastic deleted a comment from kibanamachine Jul 11, 2020
@spong
Copy link
Member

spong commented Jul 11, 2020

@rw-access @brokensound77 -- needed to run node scripts/notice from kibana root to regenerate the NOTICE.txt. I missed this as part of elastic/detection-rules#32 as I was thinking it happened during the build, but looks like it needs to be done manually after updating any notice.ts (similar to i18n behavior). I'll defer to you for where this command fits in with your existing rules workflow, but would it be fine to add as part of the generation of this PR?

@spong
Copy link
Member

spong commented Jul 11, 2020

@elasticmachine merge upstream

@spong
Copy link
Member

spong commented Jul 13, 2020

Twas a twofer:

  1. My repo had the below cached and outdated target references, so just needed to delete those and regen. Something to be cautious of when automating. 🙂
 info Found @notice comment in src/plugins/console/target/public/0.plugin.js
 info Found @notice comment in src/plugins/es_ui_shared/target/public/esUiShared.plugin.js
 info Found @notice comment in x-pack/plugins/maps/target/public/1.plugin.js
 info Found @notice comment in x-pack/plugins/siem/target/public/27.plugin.js
  1. Flakey Failing test: Kibana Embedded in iframe... 🎲🎲

@rw-access
Copy link
Contributor Author

@elasticmachine merge upstream

@rw-access rw-access mentioned this pull request Jul 13, 2020
Closed
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Build metrics

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@rw-access rw-access merged commit 85d4253 into elastic:master Jul 13, 2020
@rw-access rw-access deleted the rules/7.9 branch July 13, 2020 20:44
@rw-access rw-access mentioned this pull request Jul 13, 2020
Merged
rw-access added a commit that referenced this pull request Jul 13, 2020
@rw-access
[SIEM][Detection Rules] Add 7.9 rules (#71332) (#71547)
275cf60
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brokensound77 brokensound77 brokensound77 approved these changes

@spong spong spong approved these changes

@FrankHassanabad FrankHassanabad Awaiting requested review from FrankHassanabad

Assignees
No one assigned
Labels
Feature:Detection Rules Security Solution rules and Detection Engine release_note:skip Skip the PR/issue when compiling release notes v7.9.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@rw-access @brokensound77 @spong @kibanamachine @elasticmachine