elastic / kibana

Your window into the Elastic Stack
https://www.elastic.co/products/kibana
Other
20k stars 8.24k forks source link

[Security Solution] Users can't upgrade rules without customizations when rule type changed #202967

Closed maximpn closed 4 hours ago

maximpn commented 1 day ago

Summary

Users can't upgrade Elastic rules without customizations but with rule type change rule update preview flyout.

Steps to reproduce:

  1. Setup the environment as described below
  2. Open Okta User Sessions Started from Different Geolocations rule in rule update preview flyout
  3. Notice Rule type change warning message
  4. Try to upgrade the rule by clicking Update rule button in table row or by bulk upgrading

Expected behavior: The rule gets upgraded

Actual behavior: Rule is upgradable only from the rule update preview flyout

Screenshots (if relevant):

Image

Image

Setup the environment

elasticmachine commented 1 day ago

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

elasticmachine commented 1 day ago

Pinging @elastic/security-solution (Team: SecuritySolution)

elasticmachine commented 1 day ago

Pinging @elastic/security-detections-response (Team:Detections and Resp)

banderror commented 4 hours ago

@maximpn I think this is expected, intentional behavior at this stage. It's not a high-impact bug.

When discussing with @approksiu and @xcrzx what would be the simplest and easiest to implement MVP solution, we came up with https://github.com/elastic/kibana/issues/180395. We should revisit and improve this UI as part of Milestone 4, here's a new ticket for that:

I'm gonna close this one. Feel free to reopen if anyone disagrees.