Skip Development Rules from Security Docs

[shashank-elastic]

Pull Request

Issue link(s): https://github.com/elastic/detection-rules/issues/4008

Summary - What I changed

• Added a skip criteria for Development rules in rule summary and rule reference.

• The following rules are in development mode that need removal from security docs which was handled in separate docs PR

  • Python Script Execution via Command Line
  • Microsoft 365 Mass download by a single user
  • Microsoft 365 Impossible travel activity
  • Windows User Account Creation
  • WPAD Service Exploit

Branch	PR
8.12	https://github.com/elastic/security-docs/pull/5828
8.13	https://github.com/elastic/security-docs/pull/5826
8.14	https://github.com/elastic/security-docs/pull/5825
8.15	https://github.com/elastic/security-docs/pull/5824

How To Test

• We tested it on a tag that will generate fresh docs for example previous version was 8.14.6 and next version was 8.15.1
• Doc PR was raised to check the build and doc simulation - https://github.com/elastic/security-docs/pull/5831/
• The PR was checked to verify that the below rule files were not generated
  • microsoft-365-impossible-travel-activity.asciidoc
  • microsoft-365-mass-download-by-a-single-user.asciidoc
  • python-script-execution-via-command-line.asciidoc
  • wpad-service-exploit.asciidoc
  • windows-user-account-creation.asciidoc[]
• While development debug statements were added to ensure the rules are skipped
  Debug Details

python -m detection_rules dev build-integration-docs 8.15.1 --pre 8.14.6 --post 8.15.1 -d ../security-docs \
    --update-message "Test" --force
Loaded config file: /Users/shashankks/elastic_workspace/detection-rules/.detection-rules-cfg.json

█▀▀▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄   ▄      █▀▀▄ ▄  ▄ ▄   ▄▄▄ ▄▄▄
█  █ █▄▄  █  █▄▄ █    █   █  █ █ █▀▄ █      █▄▄▀ █  █ █   █▄▄ █▄▄
█▄▄▀ █▄▄  █  █▄▄ █▄▄  █  ▄█▄ █▄█ █ ▀▄█      █ ▀▄ █▄▄█ █▄▄ █▄▄ ▄▄█

From github.com:elastic/detection-rules
 * tag                   integration-v8.14.6 -> FETCH_HEAD
From github.com:elastic/detection-rules
 * tag                   integration-v8.15.1 -> FETCH_HEAD
Skipping development rule Microsoft 365 Impossible travel activity for rule reference
Skipping development rule Microsoft 365 Mass download by a single user for rule reference
Skipping development rule Python Script Execution via Command Line for rule reference
Skipping development rule WPAD Service Exploit for rule reference
Skipping development rule Windows User Account Creation for rule reference
Generated documents saved to: ../security-docs/docs/detections/prebuilt-rules/downloadable-packages/8-15-1
- 72 updated rules
- 14 new rules
- 1 deprecated rules
(.venv) 
detection-rules on  issue-4008 [$!?] is 📦 v0.1.0 via 🐍 v3.12.5 (.venv) on ☁️  shashank.suryanarayana@elastic.co took 2m28s 
❯ 

• Mock Build was completed for the private branch
  • the failure is unrelated to the change, we have cut a branch from main and built an example for 8.15 and trying to merge to main.
  • So cross reference links are broken.

    Checklist

• [x] Added a label for the type of pr: bug, enhancement, schema, Rule: New, Rule: Deprecation, Rule: Tuning, Hunt: New, or Hunt: Tuning so guidelines can be generated
• [x] Added the meta:rapid-merge label if planning to merge within 24 hours
• [ ] Secret and sensitive material has been managed correctly
• [ ] Automated testing was updated or added to match the most common scenarios
• [ ] Documentation and comments were added for features that require explanation

Contributor checklist

• Have you signed the contributor license agreement?
• Have you followed the contributor guidelines?

[protectionsmachine]

Bug - Guidelines

These guidelines serve as a reminder set of considerations when addressing a bug in the code.

Documentation and Context

• [ ] Provide detailed documentation (description, screenshots, reproducing the bug, etc.) of the bug if not already documented in an issue.
• [ ] Include additional context or details about the problem.
• [ ] Ensure the fix includes necessary updates to the release documentation and versioning.

Code Standards and Practices

• [ ] Code follows established design patterns within the repo and avoids duplication.
• [ ] Code changes do not introduce new warnings or errors.
• [ ] Variables and functions are well-named and descriptive.
• [ ] Any unnecessary / commented-out code is removed.
• [ ] Ensure that the code is modular and reusable where applicable.
• [ ] Check for proper exception handling and messaging.

Testing

• [ ] New unit tests have been added to cover the bug fix or edge cases.
• [ ] Existing unit tests have been updated to reflect the changes.
• [ ] Provide evidence of testing and detecting the bug fix (e.g., test logs, screenshots).
• [ ] Validate that any rules affected by the bug are correctly updated.
• [ ] Ensure that performance is not negatively impacted by the changes.
• [ ] Verify that any release artifacts are properly generated and tested.

Additional Checks

• [ ] Ensure that the bug fix does not break existing functionality.
• [ ] Review the bug fix with a peer or team member for additional insights.
• [ ] Verify that the bug fix works across all relevant environments (e.g., different OS versions).
• [ ] Confirm that all dependencies are up-to-date and compatible with the changes.