Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DOCS] Document the new UI for installing and upgrading prebuilt detection rules #3496

Closed
Tracked by #174167
banderror opened this issue Jun 27, 2023 · 2 comments · Fixed by #3552
Closed
Tracked by #174167

[DOCS] Document the new UI for installing and upgrading prebuilt detection rules #3496

banderror opened this issue Jun 27, 2023 · 2 comments · Fixed by #3552
Assignees
Labels
Effort: Large Issues that require significant planning, research, writing, and testing Feature: Prebuilt rules Feature: Rules Priority: High Issues that are time-sensitive and/or are of high customer importance Team: Detections/Response Detections and Response Team: Docs v8.9.0

Comments

@banderror
Copy link
Contributor

banderror commented Jun 27, 2023

Epic: https://github.com/elastic/security-team/issues/1974 (internal)
New workflow implementation PR: elastic/kibana#158450

Summary

In 8.9.0, we have replaced our previous prebuilt rule installation and upgrade workflow.

  • Previously, it was only possible to upgrade all installed prebuilt rules and install all new prebuilt rules at once. It was not possible to see what a new detection rules package version contains.
  • Now, users can:
    • See what new rules they can install (at this point, we show only the rule name and a few other fields in the table).
    • Choose which rules to install. They can install them all at once (as before), one by one, or bulk install selected rules.
    • See what installed rules can be upgraded.
    • Choose which rules to upgrade. They can upgrade them all at once (as before), one by one, or bulk upgrade selected rules.

On the Rule Management page, there's now a new table that shows rules that can be upgraded. Also, we added a separate page from which users can install new prebuilt rules.

Videos

The new rule installation workflow:

New.Rule.Installation.Workflow.mp4

The new rule upgrade workflow:

New.Role.Upgrade.Workflow.mp4
@joepeeples
Copy link
Contributor

joepeeples commented Jun 27, 2023

@banderror @xcrzx We previously opened #3147 for this, which @banderror pointed out refers to features not yet available (customizing prebuilt rules). We'll save that issue for later, and use this issue for the work going into 8.9. Also, I added a few labels for docs team tracking.

@joepeeples joepeeples self-assigned this Jun 27, 2023
@joepeeples joepeeples added Priority: High Issues that are time-sensitive and/or are of high customer importance Effort: Large Issues that require significant planning, research, writing, and testing labels Jun 27, 2023
@joepeeples
Copy link
Contributor

This affects a couple of screenshots on Manage detection rules and Monitor and troubleshoot rule executions (maybe others?). Originally, I was going to update these images as part of this PR, but @nastasha-solomon and I discussed and they'll be part of #3486 instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Effort: Large Issues that require significant planning, research, writing, and testing Feature: Prebuilt rules Feature: Rules Priority: High Issues that are time-sensitive and/or are of high customer importance Team: Detections/Response Detections and Response Team: Docs v8.9.0
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants