[DOCS] New rule fields for prerequisites: Related Integrations, Required Fields, and Setup #2069
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
joepeeples
added
enhancement
Contributor
Author
|
This feature has been held back from the 8.3.0 release, but keeping the |
joepeeples
changed the title
joepeeples
changed the title
Includes placeholder image syntax, commented out
Includes placeholder image syntax, commented out
This comment was marked as resolved.
This comment was marked as resolved.
joepeeples
added
readyforQA
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
banderror
reviewed
Aug 23, 2022
docs/release-notes/8.3.asciidoc
Outdated
Comment on lines
183
to
184
| * Adds new fields to prebuilt detection rules' schemas: `related_integrations`, `required_fields`, and `setup` ({pull}132409[#132409]). | ||
| * Adds *Related integrations*, *Required fields*, and *Setup guide* sections to the rule details page, to help users identify, install, and configure a rule's prerequisites. Also adds related integrations badge to the rules table ({pull}131475[#131475]). Content for these new sections is delivered in a prebuilt rules update, independent of {stack} release versioning. |
Contributor
There was a problem hiding this comment.
Are we going to update the 8.3 release notes? Am I understanding correctly that we'll do it only if rules with those fields will be released in one of the 8.3.x Out-Of-Band updates for the Prebuilt Detection Rules package?
Contributor
Author
There was a problem hiding this comment.
@banderror Yes, this section will update the 8.3 release notes (the file name is version-specific).
For 8.4 release notes, we have a separate PR that's currently in progress, though it doesn't yet mention the new fields because they're not yet available in the UI. Once I can confirm that, I'll add the same wording from above to those 8.4 notes.
Basically before we merge anything related to the new fields, I'm waiting to confirm that the latest prebuilt rules package has been published and the new fields are available in both 8.3.x and 8.4.0.
nastasha-solomon
approved these changes
Aug 23, 2022
Contributor
nastasha-solomon
left a comment
nastasha-solomon
left a comment
There was a problem hiding this comment.
Just a couple minor edits. LGTM otherwise!
Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com>
banderror
approved these changes
Aug 24, 2022
Contributor
banderror
left a comment
banderror
left a comment
There was a problem hiding this comment.
Looks great, thank you! 👍
benironside
approved these changes
Aug 24, 2022
Contributor
benironside
left a comment
benironside
left a comment
There was a problem hiding this comment.
Looks great, left two minor suggestions
| [role="screenshot"] | ||
| image::images/rules-table-related-integrations.png[Rules table with related integrations popup,75%] | ||
|
|
||
| TIP: You can hide the related integrations badge in the Rules tables. Go to *{kib}* -> *Stack Management* -> *Advanced Settings*, then turn off `securitySolution:showRelatedIntegrations`. |
Contributor
There was a problem hiding this comment.
maybe do "related integrations" with a capital at the beginning, or in code text
Contributor
Author
There was a problem hiding this comment.
I think just "integrations" to match the UI text, and bold because it's a UI label the user clicks, not text they enter.
I'll change this in a separate comment, so I can include the reference to the badge in line 97 above too.
| [[show-related-integrations]] | ||
| == Show/hide related integrations in Rules page tables | ||
|
|
||
| By default, Elastic prebuilt rules in the *Rules* and *Rule Monitoring* tables include a badge showing how many related integrations have been installed. Turn off `securitySolution:showRelatedIntegrations` to hide this in the rules tables (related integrations will still appear on rule details pages). |
Contributor
There was a problem hiding this comment.
maybe link to advanced settings here?
Contributor
Author
There was a problem hiding this comment.
@benironside This text is already on the advanced settings page. Do you mean add a link somewhere else that points TO this section?
joepeeples
commented
Aug 24, 2022
joepeeples
commented
Aug 25, 2022
mergify bot
pushed a commit
that referenced
this pull request
Aug 25, 2022
…red Fields, and Setup (#2069) * Add new section to Advanced Settings * Update page's mini-TOC * Re-adds RNs for 132409 and 131475 * Revise advanced setting description * Create new section for related integrations etc. Includes placeholder image syntax, commented out * Add fields to API response examples * Update release notes * Add new section to What's New Includes placeholder image syntax, commented out * Additional revisions * Complete main documentation Add and update screenshots Revise explanatory text * Update release notes and What's New * Revert changes to whats-new.asciidoc What's new 8.3 will be updated in PR security-docs#2327 * Update per new nav UI * Apply suggestions from Nastasha's review Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> * Apply suggestions from Ben's review * Update docs/release-notes/8.3.asciidoc Co-authored-by: nastasha.solomon <nastasha.solomon@elastic.co> Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit 953f781)
mergify bot
pushed a commit
that referenced
this pull request
Aug 25, 2022
…red Fields, and Setup (#2069) * Add new section to Advanced Settings * Update page's mini-TOC * Re-adds RNs for 132409 and 131475 * Revise advanced setting description * Create new section for related integrations etc. Includes placeholder image syntax, commented out * Add fields to API response examples * Update release notes * Add new section to What's New Includes placeholder image syntax, commented out * Additional revisions * Complete main documentation Add and update screenshots Revise explanatory text * Update release notes and What's New * Revert changes to whats-new.asciidoc What's new 8.3 will be updated in PR security-docs#2327 * Update per new nav UI * Apply suggestions from Nastasha's review Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> * Apply suggestions from Ben's review * Update docs/release-notes/8.3.asciidoc Co-authored-by: nastasha.solomon <nastasha.solomon@elastic.co> Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit 953f781) # Conflicts: # docs/detections/api/rules/rules-api-bulk-actions.asciidoc # docs/detections/images/all-rules.png # docs/detections/images/monitor-table.png
joepeeples
added a commit
that referenced
this pull request
Aug 25, 2022
…red Fields, and Setup (#2069) (#2385) * Add new section to Advanced Settings * Update page's mini-TOC * Re-adds RNs for 132409 and 131475 * Revise advanced setting description * Create new section for related integrations etc. Includes placeholder image syntax, commented out * Add fields to API response examples * Update release notes * Add new section to What's New Includes placeholder image syntax, commented out * Additional revisions * Complete main documentation Add and update screenshots Revise explanatory text * Update release notes and What's New * Revert changes to whats-new.asciidoc What's new 8.3 will be updated in PR security-docs#2327 * Update per new nav UI * Apply suggestions from Nastasha's review Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> * Apply suggestions from Ben's review * Update docs/release-notes/8.3.asciidoc Co-authored-by: nastasha.solomon <nastasha.solomon@elastic.co> Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit 953f781) Co-authored-by: Joe Peeples <joe.peeples@elastic.co>
joepeeples
added a commit
that referenced
this pull request
Aug 25, 2022
… Required Fields, and Setup (backport #2069) (#2386) * [DOCS] New rule fields for prerequisites: Related Integrations, Required Fields, and Setup (#2069) * Add new section to Advanced Settings * Update page's mini-TOC * Re-adds RNs for 132409 and 131475 * Revise advanced setting description * Create new section for related integrations etc. Includes placeholder image syntax, commented out * Add fields to API response examples * Update release notes * Add new section to What's New Includes placeholder image syntax, commented out * Additional revisions * Complete main documentation Add and update screenshots Revise explanatory text * Update release notes and What's New * Revert changes to whats-new.asciidoc What's new 8.3 will be updated in PR security-docs#2327 * Update per new nav UI * Apply suggestions from Nastasha's review Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> * Apply suggestions from Ben's review * Update docs/release-notes/8.3.asciidoc Co-authored-by: nastasha.solomon <nastasha.solomon@elastic.co> Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit 953f781) # Conflicts: # docs/detections/api/rules/rules-api-bulk-actions.asciidoc # docs/detections/images/all-rules.png # docs/detections/images/monitor-table.png * Remove dry run example from 8.4 Hopefully this resolves merge conflict Co-authored-by: Joe Peeples <joe.peeples@elastic.co>
7 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Addresses #2015.
Previews:
Joe's Li'l Checklist
main, where What's New is being worked on for 8.4. I created PR [DOCS] Prebuilt rules prerequisites: Add new section to What's New in 8.3 #2327 to update 8.3 directly.