[Security Solution] Elastic Security APIs › Detections API Import rules › Inconsistent status codes

BugOrFeature commented 7 months ago

Describe the bug: There is a mismatch in the HTTP Response code in the kibana UI and the http response when uploading an invalid rule (which is missing a rule_id) using the: POST <kibana host>:<port>/api/detection_engine/rules/_import endpoint.

This is an issue because i'm using a custom pipeline to manage the rules. In the logging of my pipeline everything looked fine, due to getting a 200 response, however this status code is incorrect.

Kibana/Elasticsearch Stack version: v8.11.2

Elastic Endpoint version: v8.11.2

Original install method (e.g. download page, yum, from source, etc.): Managed

Functional Area (e.g. Endpoint management, timelines, resolver, etc.): Kibana -> Security -> Rules -> import rules

Steps to reproduce:

Upload a rule with a missing rule_id using the import rules button.
The UI displays a 400, indicating an error
The backend returns a 200, indicating a succes.

Current behavior: HTTP status code 200

Expected behavior: HTTP status code 400

Screenshots (if relevant): status code mismatch

elasticmachine commented 7 months ago

Pinging @elastic/security-solution (Team: SecuritySolution)

elasticmachine commented 6 months ago

Pinging @elastic/security-detections-response (Team:Detections and Resp)

elasticmachine commented 6 months ago

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

elastic / kibana

[Security Solution] Elastic Security APIs › Detections API Import rules › Inconsistent status codes #180038