[Security Solution][Exceptions][Bug] - Error when importing rules with exception lists that don't exist in space #75182
Labels
bug
Fixes for quality problems that affect the customer experience
Feature:Detection Rules
Anything related to Security Solution's Detection Rules
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
v7.9.1
Kibana version: 7.9
Describe the bug:
When importing rules that include references to exception lists that are either 1) deleted or 2) do not exist in imported space, user is unable to add or view exceptions of imported rule.
Rule itself imports successfully.
Steps to reproduce:
Expected behavior:
This is a case of both a missing feature and an existing bug. There is not yet a great way to export exception lists (feature), but if user tries to import a rule with reference to an exception list that does not exist (bug), we should alert the user with an error to allow them to rectify.
Screenshots (if relevant):
Workaround:
Workaround right now is to export rule --> delete the reference to exception list -> import rule --> add back reference via API or manually re-input exceptions.
The text was updated successfully, but these errors were encountered: