[Security Solution]Alert reason for Threat Enrichment rule content not formatted properly

[ghost]

Describe the bug Alert reason for Threat Enrichment rule content not formatted properly

Build Details:

Version: 8.6 BC5
Commit:ed40c16ce9999cc47ad55c11bb097d2e443b31a6
Build:58693

Steps

• Setup indicator match Rule with threat enrichment setup
• Generate Alert
• Click on alert fly-out
• Observed that Alert Reason content is not displayed properly and much spacing in it

Screen-Shot

Additional Notes

rules_export.ndjson.zip

Alert JSON

{
  "_index": ".internal.alerts-security.alerts-default-000001",
  "_id": "4892ebf12ae27e1e60189c7d0ec93798fa76288109a13c670ed62dac24125104",
  "_score": 1,
  "fields": {
    "kibana.alert.severity": [
      "medium"
    ],
    "signal.rule.type": [
      "threat_match"
    ],
    "kibana.alert.rule.updated_by": [
      "elastic"
    ],
    "signal.ancestors.depth": [
      0
    ],
    "kibana.alert.ancestors.id": [
      "WYT05YQBxiPbUpSkdRgF"
    ],
    "kibana.alert.rule.description": [
      "Testing"
    ],
    "kibana.alert.rule.producer": [
      "siem"
    ],
    "signal.rule.interval": [
      "10s"
    ],
    "kibana.alert.rule.to": [
      "now"
    ],
    "signal.rule.created_by": [
      "elastic"
    ],
    "kibana.alert.rule.created_by": [
      "elastic"
    ],
    "signal.rule.enabled": [
      "true"
    ],
    "kibana.alert.ancestors.depth": [
      0
    ],
    "signal.rule.id": [
      "eddda160-7528-11ed-854d-07cef98df4ce"
    ],
    "signal.rule.max_signals": [
      100
    ],
    "signal.reason": [
      "event created medium alert Threat Enrichment."
    ],
    "signal.rule.risk_score": [
      47
    ],
    "kibana.alert.risk_score": [
      47
    ],
    "signal.rule.updated_at": [
      "2022-12-06T05:43:39.394Z"
    ],
    "kibana.alert.rule.name": [
      "Threat Enrichment"
    ],
    "signal.status": [
      "open"
    ],
    "event.kind": [
      "signal"
    ],
    "signal.rule.created_at": [
      "2022-12-06T05:43:37.362Z"
    ],
    "kibana.alert.workflow_status": [
      "open"
    ],
    "kibana.alert.rule.uuid": [
      "eddda160-7528-11ed-854d-07cef98df4ce"
    ],
    "kibana.alert.rule.interval": [
      "10s"
    ],
    "kibana.alert.reason": [
      "event created medium alert Threat Enrichment."
    ],
    "kibana.alert.rule.type": [
      "threat_match"
    ],
    "signal.original_time": [
      "2022-12-05T04:19:35.115Z"
    ],
    "signal.ancestors.id": [
      "WYT05YQBxiPbUpSkdRgF"
    ],
    "kibana.alert.rule.immutable": [
      "false"
    ],
    "signal.rule.severity": [
      "medium"
    ],
    "kibana.alert.ancestors.index": [
      "mydata"
    ],
    "signal.rule.from": [
      "now-1800010s"
    ],
    "kibana.alert.depth": [
      1
    ],
    "kibana.alert.rule.enabled": [
      "true"
    ],
    "kibana.alert.rule.version": [
      "1"
    ],
    "kibana.alert.rule.from": [
      "now-1800010s"
    ],
    "kibana.alert.ancestors.type": [
      "event"
    ],
    "kibana.alert.rule.parameters": [
      {
        "description": "Testing",
        "risk_score": 47,
        "severity": "medium",
        "license": "",
        "meta": {
          "from": "500h",
          "kibana_siem_app_url": "https://bc5.kb.europe-west1.gcp.cloud.es.io:9243/app/security"
        },
        "author": [],
        "false_positives": [],
        "from": "now-1800010s",
        "rule_id": "c2b267b2-c100-456d-87fa-7621f9c4bea3",
        "max_signals": 100,
        "risk_score_mapping": [],
        "severity_mapping": [],
        "threat": [],
        "to": "now",
        "references": [],
        "version": 1,
        "exceptions_list": [],
        "immutable": false,
        "related_integrations": [],
        "required_fields": [],
        "setup": "",
        "type": "threat_match",
        "language": "kuery",
        "index": [
          "mydata"
        ],
        "query": "file.hash.md5 : * ",
        "filters": [],
        "threat_filters": [],
        "threat_query": "*:*",
        "threat_mapping": [
          {
            "entries": [
              {
                "field": "file.hash.sha256",
                "type": "mapping",
                "value": "threat.indicator.file.hash.sha256"
              }
            ]
          }
        ],
        "threat_language": "kuery",
        "threat_index": [
          "filebeat-*"
        ],
        "threat_indicator_path": "threat.indicator"
      }
    ],
    "signal.rule.version": [
      "1"
    ],
    "kibana.alert.status": [
      "active"
    ],
    "file.hash.md5": [
      "589b201695d8d95783a0c94d7eb5bc1c"
    ],
    "signal.ancestors.index": [
      "mydata"
    ],
    "signal.depth": [
      1
    ],
    "signal.rule.immutable": [
      "false"
    ],
    "kibana.alert.rule.rule_type_id": [
      "siem.indicatorRule"
    ],
    "signal.rule.name": [
      "Threat Enrichment"
    ],
    "signal.rule.rule_id": [
      "c2b267b2-c100-456d-87fa-7621f9c4bea3"
    ],
    "file.hash.sha256": [
      "f8ec6d1e08d9aaa879a95308748ba9262d5d3d09e5418510518a37691afb6dc0"
    ],
    "threat.enrichments": [
      {
        "indicator.file.hash.md5": [
          "589b201695d8d95783a0c94d7eb5bc1c"
        ],
        "matched.index": [
          ".ds-filebeat-8.6.0-2022.12.06-000001"
        ],
        "indicator.file.type": [
          "zip"
        ],
        "indicator.file.hash.tlsh": [
          "T149C423A22CE7E9FAABC83BAA27A456167D711D77E9D3760080F473433515B3C81B06"
        ],
        "feed.name": [
          "[Filebeat] AbuseCH Malware"
        ],
        "indicator.file.hash.ssdeep": [
          "12288:XVqlxWmfJstpS9t4SNHoGCmC6ujjWB6rc3GdiWWjEpP3Y4Xe1:XVaxjfMpS9tnIGVrvMrvqQY"
        ],
        "indicator.file.hash.sha256": [
          "f8ec6d1e08d9aaa879a95308748ba9262d5d3d09e5418510518a37691afb6dc0"
        ],
        "indicator.first_seen": [
          "2022-12-05T18:36:53.000Z"
        ],
        "matched.field": [
          "file.hash.sha256"
        ],
        "indicator.type": [
          "file"
        ],
        "matched.type": [
          "indicator_match_rule"
        ],
        "matched.id": [
          "Je0LB2y4k5Sxm9N0Icp0au9MHyE="
        ],
        "matched.atomic": [
          "f8ec6d1e08d9aaa879a95308748ba9262d5d3d09e5418510518a37691afb6dc0"
        ],
        "indicator.file.size": [
          584699
        ]
      }
    ],
    "kibana.alert.rule.license": [
      ""
    ],
    "kibana.alert.rule.max_signals": [
      100
    ],
    "kibana.alert.rule.updated_at": [
      "2022-12-06T05:43:39.394Z"
    ],
    "signal.rule.description": [
      "Testing"
    ],
    "kibana.alert.rule.risk_score": [
      47
    ],
    "kibana.alert.rule.consumer": [
      "siem"
    ],
    "kibana.alert.rule.indices": [
      "mydata"
    ],
    "kibana.alert.rule.category": [
      "Indicator Match Rule"
    ],
    "kibana.alert.rule.created_at": [
      "2022-12-06T05:43:37.362Z"
    ],
    "@timestamp": [
      "2022-12-06T05:43:44.380Z"
    ],
    "signal.rule.updated_by": [
      "elastic"
    ],
    "signal.rule.to": [
      "now"
    ],
    "kibana.alert.rule.severity": [
      "medium"
    ],
    "kibana.alert.rule.execution.uuid": [
      "aa872e1b-e669-421f-988b-c11f86db2b02"
    ],
    "kibana.alert.uuid": [
      "4892ebf12ae27e1e60189c7d0ec93798fa76288109a13c670ed62dac24125104"
    ],
    "kibana.space_ids": [
      "default"
    ],
    "kibana.alert.rule.meta.kibana_siem_app_url": [
      "https://bc5.kb.europe-west1.gcp.cloud.es.io:9243/app/security"
    ],
    "kibana.version": [
      "8.6.0"
    ],
    "kibana.alert.rule.meta.from": [
      "500h"
    ],
    "signal.rule.license": [
      ""
    ],
    "signal.ancestors.type": [
      "event"
    ],
    "kibana.alert.original_time": [
      "2022-12-05T04:19:35.115Z"
    ],
    "kibana.alert.rule.rule_id": [
      "c2b267b2-c100-456d-87fa-7621f9c4bea3"
    ]
  }
}

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[ghost]

@deepikakeshav-qasource please review

[elasticmachine]

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)