Open smnschneider opened 1 year ago
Pinging @elastic/security-solution (Team: SecuritySolution)
@smnschneider thanks for the report :)
@peluja1012 can you please help to clarify if is this a real issue or is working as intended by design? Thanks!
Pinging @elastic/security-detections-response (Team:Detections and Resp)
@yctercero Looks like when you save a rule after editing it on the Edit page, the toast shows the previous rule name, not the updated one.
Build Details:
VERSION: 8.10.0 BC7
BUILD: 66350
COMMIT: 824bcbfd9972c61e79ca9def6d43b550c5ff2999
8.10 BC7
and the issue is still occurring.Preconditions:
Steps to Reproduce:
Navigate to Security
-> Rules
-> Detection rules (SIEM) -> Select a rule from the rules table
Note: For 8.9.2
versions and earlier, go to Manage
-> Rules
-> Select a rule from the rules table
Click on the three circles ⚈⚈⚈ next to the rule for Rule Actions and select Duplicate rule
In this case scenario, I selected Elastic Prebuilt rule "Suspicious Process via Direct System Call" Note: Duplicate rule and modifying duplicate rule will work for both Elastic rules and custom rules that are created in the rules table
In the About
section tag under the Name change the rule name. In this case example, I changed my rule name to
"Suspicious Process via Direct System Call Name Test" leaving the [Duplicate] in the name to easily identify the rule
Screenshots:
Screen Recording:
https://github.com/elastic/kibana/assets/35679937/6201460b-dca5-4269-a982-6c82c4d80f30
@MadameSheema @banderror @yctercero FYI Updated Observations
Describe the bug:
When duplicating a detection rule and changing the name e.g. from
Test_Detection_Rule1 [Duplicate]
toTest_Detection_Rule2
the old name is shown in the modal on the bottom right.Kibana/Elasticsearch Stack version:
8.8.2
Steps to reproduce:
Current behavior:
Name of the rule with the addition
[Duplicate]
is shown.Expected behavior:
The jus typed in new name of the detection rule should be shown in the modal.
Screenshots (if relevant):