From 0452b4f270af7389f08aae3a8be11ee144826d25 Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Thu, 19 Oct 2023 02:58:30 -0700
Subject: [PATCH 1/9] added threat intel feed support for detector creation

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 cypress/integration/1_detectors.spec.js       |    2 +-
 .../AlertCondition/AlertConditionPanel.tsx    |  212 +-
 .../AlertConditionPanel.test.tsx.snap         |  266 ++-
 .../containers/ConfigureAlerts.tsx            |   18 +-
 .../DetectionRules/DetectionRules.tsx         |    5 +-
 .../DetectorDataSource/DetectorDataSource.tsx |    9 +-
 .../DetectorBasicDetailsForm.tsx              |   10 +-
 .../DetectorSchedule/DetectorSchedule.tsx     |   11 +-
 .../components/DetectorType/DetectorType.tsx  |   25 +-
 .../ThreatIntelligence/ThreatIntelligence.tsx |   38 +
 .../containers/DefineDetector.tsx             |   48 +-
 .../containers/CreateDetector.tsx             |   20 +-
 .../UpdateBasicDetails/UpdateBasicDetails.tsx |   77 +-
 .../UpdateDetectorBasicDetails.test.tsx.snap  | 1915 ++++++++---------
 public/pages/Rules/utils/constants.ts         |    8 +-
 public/store/LogTypeStore.ts                  |    3 +-
 public/utils/constants.ts                     |    1 +
 types/Detector.ts                             |    1 +
 18 files changed, 1371 insertions(+), 1298 deletions(-)
 create mode 100644 public/pages/CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence.tsx

diff --git a/cypress/integration/1_detectors.spec.js b/cypress/integration/1_detectors.spec.js
index 5d4439ecf..08785f525 100644
--- a/cypress/integration/1_detectors.spec.js
+++ b/cypress/integration/1_detectors.spec.js
@@ -37,7 +37,7 @@ const dataSourceLabel = 'Select or input source indexes or index patterns';
 
 const getDataSourceField = () => cy.getFieldByLabel(dataSourceLabel);
 
-const logTypeLabel = 'Select a log type you would like to detect';
+const logTypeLabel = 'Log type';
 
 const getLogTypeField = () => cy.getFieldByLabel(logTypeLabel);
 
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
index 9025bd3e9..95e53e1af 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
@@ -8,6 +8,7 @@ import { RouteComponentProps } from 'react-router-dom';
 import {
   EuiAccordion,
   EuiButton,
+  EuiButtonGroup,
   EuiComboBox,
   EuiComboBoxOptionOption,
   EuiFieldText,
@@ -17,6 +18,7 @@ import {
   EuiSpacer,
   EuiText,
   EuiTextArea,
+  EuiTitle,
 } from '@elastic/eui';
 import { AlertCondition } from '../../../../../../../models/interfaces';
 import {
@@ -50,12 +52,24 @@ interface AlertConditionPanelState {
   nameIsInvalid: boolean;
   previewToggle: boolean;
   selectedNames: EuiComboBoxOptionOption<string>[];
+  selectedDetectionTypeId: string;
 }
 
 export default class AlertConditionPanel extends Component<
   AlertConditionPanelProps,
   AlertConditionPanelState
 > {
+  private detectionTypeGroupBtns = [
+    {
+      id: 'detection-rules',
+      label: 'Detection rules',
+    },
+    {
+      id: 'threat-intelligence',
+      label: 'Threat intelligence',
+    },
+  ];
+
   constructor(props: AlertConditionPanelProps) {
     super(props);
     this.state = {
@@ -63,6 +77,7 @@ export default class AlertConditionPanel extends Component<
       nameIsInvalid: false,
       previewToggle: false,
       selectedNames: [],
+      selectedDetectionTypeId: this.detectionTypeGroupBtns[0].id,
     };
   }
 
@@ -253,6 +268,7 @@ export default class AlertConditionPanel extends Component<
     const {
       alertCondition = getEmptyAlertCondition(),
       allNotificationChannels,
+      detector: { threat_intel_enabled },
       indexNum,
       loadingNotifications,
       refreshNotificationChannels,
@@ -315,97 +331,123 @@ export default class AlertConditionPanel extends Component<
 
     return (
       <div>
-        <EuiAccordion
-          id={`trigger-details-${indexNum}`}
-          paddingSize="l"
-          initialIsOpen={this.props.isEdit}
-          buttonContent={
-            <div data-test-subj="trigger-details-btn">
-              <EuiText size={'s'}>Trigger details and condition</EuiText>
-              <EuiText size="s" color="subdued">
-                {triggerDetailsSubheading}
-              </EuiText>
-            </div>
+        <EuiFormRow
+          label={
+            <EuiText size="s">
+              <p>Trigger name</p>
+            </EuiText>
           }
+          isInvalid={nameFieldTouched && nameIsInvalid}
+          error={getNameErrorMessage(name, nameIsInvalid, nameFieldTouched)}
         >
-          <EuiFormRow
-            label={
-              <EuiText size="s">
-                <p>Trigger name</p>
-              </EuiText>
-            }
-            isInvalid={nameFieldTouched && nameIsInvalid}
-            error={getNameErrorMessage(name, nameIsInvalid, nameFieldTouched)}
-          >
-            <EuiFieldText
-              placeholder={'Enter a name to describe the alert condition'}
-              readOnly={false}
-              value={name}
-              onBlur={this.onNameBlur}
-              onChange={this.onNameChange}
-              required={nameFieldTouched}
-              data-test-subj={`alert-condition-name-${indexNum}`}
-            />
-          </EuiFormRow>
-
-          <EuiSpacer size={'xxl'} />
-          <EuiText size="m" style={{ fontSize: 20 }}>
-            <p>If a detection rule matches</p>
-          </EuiText>
-          <EuiSpacer size={'m'} />
-
-          <EuiFormRow
-            label={
-              <EuiText size="s">
-                <p>Rule names</p>
-              </EuiText>
-            }
-          >
-            <EuiComboBox
-              placeholder={'Any rules'}
-              options={namesOptions}
-              onChange={this.onRuleNamesChange}
-              selectedOptions={selectedNames}
-              data-test-subj={`alert-rulename-combo-box`}
-            />
-          </EuiFormRow>
-          <EuiSpacer size={'m'} />
+          <EuiFieldText
+            placeholder={'Enter a name to describe the alert condition'}
+            readOnly={false}
+            value={name}
+            onBlur={this.onNameBlur}
+            onChange={this.onNameChange}
+            required={nameFieldTouched}
+            data-test-subj={`alert-condition-name-${indexNum}`}
+          />
+        </EuiFormRow>
+        <EuiSpacer size={'l'} />
 
-          <EuiFormRow
-            label={
-              <EuiText size="s">
-                <p>Rule Severities</p>
-              </EuiText>
-            }
-          >
-            <EuiComboBox
-              placeholder={'Any severities'}
-              options={ruleSeverityOptions}
-              onChange={this.onRuleSeverityChange}
-              noSuggestions={false}
-              selectedOptions={createSelectedOptions(ruleSeverityLevels)}
-              data-test-subj={`alert-severity-combo-box`}
+        <EuiFormRow label="Detection type">
+          {threat_intel_enabled ? (
+            <EuiButtonGroup
+              legend="Detection type button group"
+              options={this.detectionTypeGroupBtns}
+              idSelected={this.state.selectedDetectionTypeId}
+              onChange={(id: string) => {
+                this.setState({ selectedDetectionTypeId: id });
+              }}
+              isFullWidth
             />
-          </EuiFormRow>
-          <EuiSpacer size={'m'} />
-
-          <EuiFormRow
-            label={
-              <EuiText size="s">
-                <p>Tags</p>
-              </EuiText>
+          ) : (
+            <EuiText>
+              <p>Detection rules</p>
+            </EuiText>
+          )}
+        </EuiFormRow>
+        <EuiSpacer size={'l'} />
+        {threat_intel_enabled && this.state.selectedDetectionTypeId === 'threat-intelligence' ? (
+          <>
+            <EuiTitle size="xs">
+              <h4>Trigger condition</h4>
+            </EuiTitle>
+            <EuiText>
+              <p>
+                An alert will be generated when any match is found by the threat intelligence feed.
+              </p>
+            </EuiText>
+          </>
+        ) : (
+          <EuiAccordion
+            id={`trigger-details-${indexNum}`}
+            paddingSize="l"
+            initialIsOpen={this.props.isEdit}
+            buttonContent={
+              <div data-test-subj="trigger-details-btn">
+                <EuiText size={'s'}>Trigger condition</EuiText>
+                <EuiText size="s" color="subdued">
+                  {triggerDetailsSubheading}
+                </EuiText>
+              </div>
             }
           >
-            <EuiComboBox
-              placeholder={'Any tags'}
-              options={tagsOptions}
-              onChange={this.onTagsChange}
-              onCreateOption={this.onCreateTag}
-              selectedOptions={createSelectedOptions(tags)}
-              data-test-subj={'alert-tags-combo-box'}
-            />
-          </EuiFormRow>
-        </EuiAccordion>
+            <EuiFormRow
+              label={
+                <EuiText size="s">
+                  <p>Rule names</p>
+                </EuiText>
+              }
+            >
+              <EuiComboBox
+                placeholder={'Any rules'}
+                options={namesOptions}
+                onChange={this.onRuleNamesChange}
+                selectedOptions={selectedNames}
+                data-test-subj={`alert-rulename-combo-box`}
+              />
+            </EuiFormRow>
+            <EuiSpacer size={'m'} />
+
+            <EuiFormRow
+              label={
+                <EuiText size="s">
+                  <p>Rule Severities</p>
+                </EuiText>
+              }
+            >
+              <EuiComboBox
+                placeholder={'Any severities'}
+                options={ruleSeverityOptions}
+                onChange={this.onRuleSeverityChange}
+                noSuggestions={false}
+                selectedOptions={createSelectedOptions(ruleSeverityLevels)}
+                data-test-subj={`alert-severity-combo-box`}
+              />
+            </EuiFormRow>
+            <EuiSpacer size={'m'} />
+
+            <EuiFormRow
+              label={
+                <EuiText size="s">
+                  <p>Tags</p>
+                </EuiText>
+              }
+            >
+              <EuiComboBox
+                placeholder={'Any tags'}
+                options={tagsOptions}
+                onChange={this.onTagsChange}
+                onCreateOption={this.onCreateTag}
+                selectedOptions={createSelectedOptions(tags)}
+                data-test-subj={'alert-tags-combo-box'}
+              />
+            </EuiFormRow>
+          </EuiAccordion>
+        )}
 
         <EuiSpacer size={'l'} />
 
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
index c0a13a9ee..4a4c09074 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
@@ -6,6 +6,81 @@ Object {
   "baseElement": <body>
     <div>
       <div>
+        <div
+          class="euiFormRow"
+          id="some_html_id-row"
+        >
+          <div
+            class="euiFormRow__labelWrapper"
+          >
+            <label
+              aria-invalid="false"
+              class="euiFormLabel euiFormRow__label"
+              for="some_html_id"
+            >
+              <div
+                class="euiText euiText--small"
+              >
+                <p>
+                  Trigger name
+                </p>
+              </div>
+            </label>
+          </div>
+          <div
+            class="euiFormRow__fieldWrapper"
+          >
+            <div
+              class="euiFormControlLayout"
+            >
+              <div
+                class="euiFormControlLayout__childrenWrapper"
+              >
+                <input
+                  class="euiFieldText"
+                  data-test-subj="alert-condition-name-0"
+                  id="some_html_id"
+                  placeholder="Enter a name to describe the alert condition"
+                  type="text"
+                  value="alert_name"
+                />
+              </div>
+            </div>
+          </div>
+        </div>
+        <div
+          class="euiSpacer euiSpacer--l"
+        />
+        <div
+          class="euiFormRow"
+          id="some_html_id-row"
+        >
+          <div
+            class="euiFormRow__labelWrapper"
+          >
+            <label
+              class="euiFormLabel euiFormRow__label"
+              for="some_html_id"
+            >
+              Detection type
+            </label>
+          </div>
+          <div
+            class="euiFormRow__fieldWrapper"
+          >
+            <div
+              class="euiText euiText--medium"
+              id="some_html_id"
+            >
+              <p>
+                Detection rules
+              </p>
+            </div>
+          </div>
+        </div>
+        <div
+          class="euiSpacer euiSpacer--l"
+        />
         <div
           class="euiAccordion"
         >
@@ -33,7 +108,7 @@ Object {
                   <div
                     class="euiText euiText--small"
                   >
-                    Trigger details and condition
+                    Trigger condition
                   </div>
                   <div
                     class="euiText euiText--small"
@@ -63,62 +138,6 @@ Object {
               <div
                 class="euiAccordion__padding--l"
               >
-                <div
-                  class="euiFormRow"
-                  id="some_html_id-row"
-                >
-                  <div
-                    class="euiFormRow__labelWrapper"
-                  >
-                    <label
-                      aria-invalid="false"
-                      class="euiFormLabel euiFormRow__label"
-                      for="some_html_id"
-                    >
-                      <div
-                        class="euiText euiText--small"
-                      >
-                        <p>
-                          Trigger name
-                        </p>
-                      </div>
-                    </label>
-                  </div>
-                  <div
-                    class="euiFormRow__fieldWrapper"
-                  >
-                    <div
-                      class="euiFormControlLayout"
-                    >
-                      <div
-                        class="euiFormControlLayout__childrenWrapper"
-                      >
-                        <input
-                          class="euiFieldText"
-                          data-test-subj="alert-condition-name-0"
-                          id="some_html_id"
-                          placeholder="Enter a name to describe the alert condition"
-                          type="text"
-                          value="alert_name"
-                        />
-                      </div>
-                    </div>
-                  </div>
-                </div>
-                <div
-                  class="euiSpacer euiSpacer--xxl"
-                />
-                <div
-                  class="euiText euiText--medium"
-                  style="font-size: 20px;"
-                >
-                  <p>
-                    If a detection rule matches
-                  </p>
-                </div>
-                <div
-                  class="euiSpacer euiSpacer--m"
-                />
                 <div
                   class="euiFormRow"
                   id="some_html_id-row"
@@ -860,6 +879,81 @@ Object {
   </body>,
   "container": <div>
     <div>
+      <div
+        class="euiFormRow"
+        id="some_html_id-row"
+      >
+        <div
+          class="euiFormRow__labelWrapper"
+        >
+          <label
+            aria-invalid="false"
+            class="euiFormLabel euiFormRow__label"
+            for="some_html_id"
+          >
+            <div
+              class="euiText euiText--small"
+            >
+              <p>
+                Trigger name
+              </p>
+            </div>
+          </label>
+        </div>
+        <div
+          class="euiFormRow__fieldWrapper"
+        >
+          <div
+            class="euiFormControlLayout"
+          >
+            <div
+              class="euiFormControlLayout__childrenWrapper"
+            >
+              <input
+                class="euiFieldText"
+                data-test-subj="alert-condition-name-0"
+                id="some_html_id"
+                placeholder="Enter a name to describe the alert condition"
+                type="text"
+                value="alert_name"
+              />
+            </div>
+          </div>
+        </div>
+      </div>
+      <div
+        class="euiSpacer euiSpacer--l"
+      />
+      <div
+        class="euiFormRow"
+        id="some_html_id-row"
+      >
+        <div
+          class="euiFormRow__labelWrapper"
+        >
+          <label
+            class="euiFormLabel euiFormRow__label"
+            for="some_html_id"
+          >
+            Detection type
+          </label>
+        </div>
+        <div
+          class="euiFormRow__fieldWrapper"
+        >
+          <div
+            class="euiText euiText--medium"
+            id="some_html_id"
+          >
+            <p>
+              Detection rules
+            </p>
+          </div>
+        </div>
+      </div>
+      <div
+        class="euiSpacer euiSpacer--l"
+      />
       <div
         class="euiAccordion"
       >
@@ -887,7 +981,7 @@ Object {
                 <div
                   class="euiText euiText--small"
                 >
-                  Trigger details and condition
+                  Trigger condition
                 </div>
                 <div
                   class="euiText euiText--small"
@@ -917,62 +1011,6 @@ Object {
             <div
               class="euiAccordion__padding--l"
             >
-              <div
-                class="euiFormRow"
-                id="some_html_id-row"
-              >
-                <div
-                  class="euiFormRow__labelWrapper"
-                >
-                  <label
-                    aria-invalid="false"
-                    class="euiFormLabel euiFormRow__label"
-                    for="some_html_id"
-                  >
-                    <div
-                      class="euiText euiText--small"
-                    >
-                      <p>
-                        Trigger name
-                      </p>
-                    </div>
-                  </label>
-                </div>
-                <div
-                  class="euiFormRow__fieldWrapper"
-                >
-                  <div
-                    class="euiFormControlLayout"
-                  >
-                    <div
-                      class="euiFormControlLayout__childrenWrapper"
-                    >
-                      <input
-                        class="euiFieldText"
-                        data-test-subj="alert-condition-name-0"
-                        id="some_html_id"
-                        placeholder="Enter a name to describe the alert condition"
-                        type="text"
-                        value="alert_name"
-                      />
-                    </div>
-                  </div>
-                </div>
-              </div>
-              <div
-                class="euiSpacer euiSpacer--xxl"
-              />
-              <div
-                class="euiText euiText--medium"
-                style="font-size: 20px;"
-              >
-                <p>
-                  If a detection rule matches
-                </p>
-              </div>
-              <div
-                class="euiSpacer euiSpacer--m"
-              />
               <div
                 class="euiFormRow"
                 id="some_html_id-row"
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx b/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
index 9e769e890..0146ea47d 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
@@ -82,6 +82,14 @@ export default class ConfigureAlerts extends Component<ConfigureAlertsProps, Con
 
     if (triggers.length === 0) {
       this.addCondition();
+      this.props.updateDataValidState(DetectorCreationStep.CONFIGURE_ALERTS, true);
+    } else {
+      const isTriggerDataValid =
+        !!triggers.length ||
+        triggers.every((trigger) => {
+          return !!trigger.name && validateName(trigger.name) && trigger.severity;
+        });
+      this.props.updateDataValidState(DetectorCreationStep.CONFIGURE_ALERTS, isTriggerDataValid);
     }
   };
 
@@ -139,7 +147,7 @@ export default class ConfigureAlerts extends Component<ConfigureAlertsProps, Con
 
     let getPageTitle = (): string | JSX.Element => {
       if (isEdit) {
-        return <>Alert triggers (${triggers.length})</>;
+        return <>{`Alert triggers (${triggers.length})`}</>;
       }
 
       return (
@@ -155,8 +163,8 @@ export default class ConfigureAlerts extends Component<ConfigureAlertsProps, Con
     };
 
     const { loading, notificationChannels } = this.state;
-    return (
-      <div>
+    const content = (
+      <>
         {getPageTitle()}
 
         <EuiSpacer size={'m'} />
@@ -216,7 +224,9 @@ export default class ConfigureAlerts extends Component<ConfigureAlertsProps, Con
         <EuiButton disabled={triggers.length >= MAX_ALERT_CONDITIONS} onClick={this.addCondition}>
           {triggers.length > 0 ? 'Add another alert trigger' : 'Add alert triggers'}
         </EuiButton>
-      </div>
+      </>
     );
+
+    return isEdit ? <div>{content}</div> : <EuiPanel>{content}</EuiPanel>;
   }
 }
diff --git a/public/pages/CreateDetector/components/DefineDetector/components/DetectionRules/DetectionRules.tsx b/public/pages/CreateDetector/components/DefineDetector/components/DetectionRules/DetectionRules.tsx
index 8b715d12f..2305359c3 100644
--- a/public/pages/CreateDetector/components/DefineDetector/components/DetectionRules/DetectionRules.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/components/DetectionRules/DetectionRules.tsx
@@ -98,11 +98,10 @@ export const DetectionRules: React.FC<DetectionRulesProps> = ({
         buttonContent={
           <div data-test-subj="detection-rules-btn">
             <EuiTitle size={'s'}>
-              <h4>{`Detection rules (${enabledRulesCount} selected)`}</h4>
+              <h4>{`Selected detection rules (${enabledRulesCount})`}</h4>
             </EuiTitle>
             <EuiText size="s" color="subdued">
-              Detection rules are automatically added based on your chosen log types. Additionally,
-              you may add or remove detection rules for this detector.
+              Add or remove detection rules for this detector.
             </EuiText>
           </div>
         }
diff --git a/public/pages/CreateDetector/components/DefineDetector/components/DetectorDataSource/DetectorDataSource.tsx b/public/pages/CreateDetector/components/DefineDetector/components/DetectorDataSource/DetectorDataSource.tsx
index 10fdef34f..512ac1d59 100644
--- a/public/pages/CreateDetector/components/DefineDetector/components/DetectorDataSource/DetectorDataSource.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/components/DetectorDataSource/DetectorDataSource.tsx
@@ -4,7 +4,6 @@
  */
 
 import React, { Component } from 'react';
-import { ContentPanel } from '../../../../../../components/ContentPanel';
 import {
   EuiComboBox,
   EuiComboBoxOptionOption,
@@ -12,6 +11,7 @@ import {
   EuiSpacer,
   EuiCallOut,
   EuiTextColor,
+  EuiTitle,
 } from '@elastic/eui';
 import { FormFieldHeader } from '../../../../../../components/FormFieldHeader/FormFieldHeader';
 import { IndexOption } from '../../../../../Detectors/models/interfaces';
@@ -149,7 +149,10 @@ export default class DetectorDataSource extends Component<
     } = this.state;
     const isInvalid = fieldTouched && detectorIndices.length < MIN_NUM_DATA_SOURCES;
     return (
-      <ContentPanel title={'Data source'} titleSize={'m'}>
+      <>
+        <EuiTitle size="m">
+          <h3>Data source</h3>
+        </EuiTitle>
         <EuiSpacer size={'m'} />
         <EuiFormRow
           label={
@@ -186,7 +189,7 @@ export default class DetectorDataSource extends Component<
             </EuiCallOut>
           </>
         ) : null}
-      </ContentPanel>
+      </>
     );
   }
 }
diff --git a/public/pages/CreateDetector/components/DefineDetector/components/DetectorDetails/DetectorBasicDetailsForm.tsx b/public/pages/CreateDetector/components/DefineDetector/components/DetectorDetails/DetectorBasicDetailsForm.tsx
index be6977c86..efcbe5bdc 100644
--- a/public/pages/CreateDetector/components/DefineDetector/components/DetectorDetails/DetectorBasicDetailsForm.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/components/DetectorDetails/DetectorBasicDetailsForm.tsx
@@ -4,8 +4,7 @@
  */
 
 import React, { Component } from 'react';
-import { ContentPanel } from '../../../../../../components/ContentPanel';
-import { EuiFormRow, EuiFieldText, EuiSpacer, EuiTextArea } from '@elastic/eui';
+import { EuiFormRow, EuiFieldText, EuiSpacer, EuiTextArea, EuiTitle } from '@elastic/eui';
 import { FormFieldHeader } from '../../../../../../components/FormFieldHeader/FormFieldHeader';
 import {
   getDescriptionErrorMessage,
@@ -74,7 +73,10 @@ export default class DetectorBasicDetailsForm extends Component<
       nameFieldTouched,
     } = this.state;
     return (
-      <ContentPanel title={'Detector details'} titleSize={'m'}>
+      <>
+        <EuiTitle size="m">
+          <h3>Detector details</h3>
+        </EuiTitle>
         <EuiSpacer size={'m'} />
         <EuiFormRow
           label={<FormFieldHeader headerTitle={'Name'} />}
@@ -111,7 +113,7 @@ export default class DetectorBasicDetailsForm extends Component<
             data-test-subj={'define-detector-detector-description'}
           />
         </EuiFormRow>
-      </ContentPanel>
+      </>
     );
   }
 }
diff --git a/public/pages/CreateDetector/components/DefineDetector/components/DetectorSchedule/DetectorSchedule.tsx b/public/pages/CreateDetector/components/DefineDetector/components/DetectorSchedule/DetectorSchedule.tsx
index 2816d0ddb..802e60a84 100644
--- a/public/pages/CreateDetector/components/DefineDetector/components/DetectorSchedule/DetectorSchedule.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/components/DetectorSchedule/DetectorSchedule.tsx
@@ -3,9 +3,8 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-import { ContentPanel } from '../../../../../../components/ContentPanel';
 import React from 'react';
-import { EuiSelectOption } from '@elastic/eui';
+import { EuiSelectOption, EuiSpacer, EuiTitle } from '@elastic/eui';
 import { PeriodSchedule } from '../../../../../../../models/interfaces';
 import { Interval } from './Interval';
 import { CustomCron } from './CustomCron';
@@ -52,9 +51,13 @@ export class DetectorSchedule extends React.Component<
     const FrequencyPicker = components[this.state.selectedFrequency];
 
     return (
-      <ContentPanel title={'Detector schedule'}>
+      <>
+        <EuiTitle size="m">
+          <h3>Detector schedule</h3>
+        </EuiTitle>
+        <EuiSpacer />
         <FrequencyPicker {...this.props} />
-      </ContentPanel>
+      </>
     );
   }
 }
diff --git a/public/pages/CreateDetector/components/DefineDetector/components/DetectorType/DetectorType.tsx b/public/pages/CreateDetector/components/DefineDetector/components/DetectorType/DetectorType.tsx
index 0b98da1f9..646fe4272 100644
--- a/public/pages/CreateDetector/components/DefineDetector/components/DetectorType/DetectorType.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/components/DetectorType/DetectorType.tsx
@@ -4,8 +4,7 @@
  */
 
 import React, { Component } from 'react';
-import { ContentPanel } from '../../../../../../components/ContentPanel';
-import { EuiFormRow, EuiSpacer, EuiComboBox } from '@elastic/eui';
+import { EuiFormRow, EuiSpacer, EuiComboBox, EuiTitle, EuiText } from '@elastic/eui';
 import { FormFieldHeader } from '../../../../../../components/FormFieldHeader/FormFieldHeader';
 import { CreateDetectorRulesState, DetectionRules } from '../DetectionRules/DetectionRules';
 import { RuleItem } from '../DetectionRules/types/interfaces';
@@ -72,17 +71,21 @@ export default class DetectorType extends Component<DetectorTypeProps, DetectorT
     const { detectorType } = this.props;
 
     return (
-      <ContentPanel
-        title={'Detection'}
-        subTitleText={
-          'The available detection rules are automatically populated based on your selected log type. Use the toggles to select detection rules for this detector'
-        }
-        titleSize={'m'}
-      >
+      <>
+        <EuiTitle size="m">
+          <h3>Detection rules</h3>
+        </EuiTitle>
+        <EuiText>
+          <p>
+            The detection rules are automatically populated based on your selected log type. Threat
+            intelligence based detection can be enabled for standard log types.{' '}
+          </p>
+        </EuiText>
+        <EuiSpacer />
         <EuiFormRow
           label={
             <div>
-              <FormFieldHeader headerTitle={'Select a log type you would like to detect'} />
+              <FormFieldHeader headerTitle={'Log type'} />
               <EuiSpacer size={'s'} />
             </div>
           }
@@ -117,7 +120,7 @@ export default class DetectorType extends Component<DetectorTypeProps, DetectorT
         <EuiFormRow fullWidth={true}>
           <ConfigureFieldMapping {...this.props.configureFieldMappingProps} />
         </EuiFormRow>
-      </ContentPanel>
+      </>
     );
   }
 }
diff --git a/public/pages/CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence.tsx b/public/pages/CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence.tsx
new file mode 100644
index 000000000..9af80bfa6
--- /dev/null
+++ b/public/pages/CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence.tsx
@@ -0,0 +1,38 @@
+/*
+ * Copyright OpenSearch Contributors
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import React from 'react';
+import { EuiCheckbox, EuiText, EuiTitle, htmlIdGenerator } from '@elastic/eui';
+
+export interface ThreatIntelligenceProps {
+  threatIntelChecked: boolean;
+  onThreatIntelChange: (checked: boolean) => void;
+}
+
+export const ThreatIntelligence: React.FC<ThreatIntelligenceProps> = ({
+  threatIntelChecked,
+  onThreatIntelChange,
+}) => {
+  return (
+    <>
+      <EuiTitle size="m">
+        <h3>Threat intelligence feeds</h3>
+      </EuiTitle>
+
+      <EuiText>
+        <p>
+          Match your data source against known malicious IP-addresses. Available for standard log
+          types only. Learn more
+        </p>
+      </EuiText>
+      <EuiCheckbox
+        id={htmlIdGenerator()()}
+        label="Enable threat intelligence-based detection"
+        checked={threatIntelChecked}
+        onChange={(e) => onThreatIntelChange(e.target.checked)}
+      />
+    </>
+  );
+};
diff --git a/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx b/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
index 7db946786..eaf38743b 100644
--- a/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
@@ -5,7 +5,7 @@
 
 import React, { Component } from 'react';
 import { RouteComponentProps } from 'react-router-dom';
-import { EuiSpacer, EuiTitle, EuiText, EuiCallOut } from '@elastic/eui';
+import { EuiSpacer, EuiCallOut } from '@elastic/eui';
 import { PeriodSchedule } from '../../../../../../models/interfaces';
 import DetectorBasicDetailsForm from '../components/DetectorDetails';
 import DetectorDataSource from '../components/DetectorDataSource';
@@ -20,6 +20,9 @@ import { NotificationsStart } from 'opensearch-dashboards/public';
 import { logTypesWithDashboards } from '../../../../../utils/constants';
 import { Detector, DetectorCreationStep, FieldMapping } from '../../../../../../types';
 import { ConfigureFieldMappingProps } from '../../ConfigureFieldMapping/containers/ConfigureFieldMapping';
+import { ContentPanel } from '../../../../../components/ContentPanel';
+import { ruleTypes } from '../../../../Rules/utils/constants';
+import { ThreatIntelligence } from '../components/ThreatIntelligence/ThreatIntelligence';
 
 interface DefineDetectorProps extends RouteComponentProps {
   detector: Detector;
@@ -43,6 +46,10 @@ interface DefineDetectorState {
 }
 
 export default class DefineDetector extends Component<DefineDetectorProps, DefineDetectorState> {
+  private standardLogTypes = new Set(
+    ruleTypes.filter((ruleType) => ruleType.isStandard).map(({ value }) => value)
+  );
+
   constructor(props: DefineDetectorProps) {
     super(props);
     this.state = {
@@ -123,6 +130,16 @@ export default class DefineDetector extends Component<DefineDetectorProps, Defin
     const newDetector: Detector = {
       ...this.state.detector,
       detector_type: detectorType,
+      threat_intel_enabled: this.standardLogTypes.has(detectorType),
+    };
+
+    this.updateDetectorCreationState(newDetector);
+  };
+
+  onThreatIntelligenceChanged = (checked: boolean) => {
+    const newDetector: Detector = {
+      ...this.state.detector,
+      threat_intel_enabled: checked,
     };
 
     this.updateDetectorCreationState(newDetector);
@@ -186,7 +203,7 @@ export default class DefineDetector extends Component<DefineDetectorProps, Defin
       replaceFieldMappings,
     } = this.props;
     const { detector } = this.state;
-    const { name, inputs, detector_type } = this.props.detector;
+    const { name, inputs, detector_type, threat_intel_enabled } = this.props.detector;
     const { description, indices } = inputs[0].detector_input;
     const configureFieldMappingProps: ConfigureFieldMappingProps = {
       ...this.props,
@@ -200,16 +217,12 @@ export default class DefineDetector extends Component<DefineDetectorProps, Defin
     };
 
     return (
-      <div>
-        <EuiTitle size={'m'}>
-          <h3>{`${isEdit ? 'Edit' : 'Define'} detector`}</h3>
-        </EuiTitle>
-
-        <EuiText size="s" color="subdued">
-          Configure your detector to identify relevant security findings and potential threats from
-          your log data.
-        </EuiText>
-
+      <ContentPanel
+        title={`${isEdit ? 'Edit' : 'Define'} detector`}
+        subTitleText={
+          'Configure your detector to identify relevant security findings and potential threats from your log data.'
+        }
+      >
         <EuiSpacer size={'m'} />
 
         <DetectorBasicDetailsForm
@@ -230,7 +243,7 @@ export default class DefineDetector extends Component<DefineDetectorProps, Defin
           onDetectorInputIndicesChange={this.onDetectorInputIndicesChange}
         />
 
-        <EuiSpacer size={'m'} />
+        <EuiSpacer size={'l'} />
 
         <DetectorType
           detectorType={detector_type}
@@ -245,6 +258,13 @@ export default class DefineDetector extends Component<DefineDetectorProps, Defin
 
         <EuiSpacer size={'m'} />
 
+        {this.standardLogTypes.has(detector_type) && (
+          <ThreatIntelligence
+            threatIntelChecked={threat_intel_enabled}
+            onThreatIntelChange={this.onThreatIntelligenceChanged}
+          />
+        )}
+
         {logTypesWithDashboards.has(detector_type) ? (
           <>
             <EuiCallOut
@@ -266,7 +286,7 @@ export default class DefineDetector extends Component<DefineDetectorProps, Defin
           detector={detector}
           onDetectorScheduleChange={this.onDetectorScheduleChange}
         />
-      </div>
+      </ContentPanel>
     );
   }
 }
diff --git a/public/pages/CreateDetector/containers/CreateDetector.tsx b/public/pages/CreateDetector/containers/CreateDetector.tsx
index 0e1c42d99..5ade7d68a 100644
--- a/public/pages/CreateDetector/containers/CreateDetector.tsx
+++ b/public/pages/CreateDetector/containers/CreateDetector.tsx
@@ -5,7 +5,15 @@
 
 import React, { Component } from 'react';
 import { RouteComponentProps } from 'react-router-dom';
-import { EuiButton, EuiButtonEmpty, EuiFlexGroup, EuiFlexItem, EuiSteps } from '@elastic/eui';
+import {
+  EuiButton,
+  EuiButtonEmpty,
+  EuiFlexGroup,
+  EuiFlexItem,
+  EuiSpacer,
+  EuiSteps,
+  EuiTitle,
+} from '@elastic/eui';
 import DefineDetector from '../components/DefineDetector/containers/DefineDetector';
 import { createDetectorSteps, PENDING_DETECTOR_ID } from '../utils/constants';
 import {
@@ -346,7 +354,15 @@ export default class CreateDetector extends Component<CreateDetectorProps, Creat
           <EuiFlexItem grow={false}>
             <EuiSteps steps={steps} titleSize={'xs'} />
           </EuiFlexItem>
-          <EuiFlexItem>{this.getStepContent()}</EuiFlexItem>
+          <EuiFlexItem>
+            <>
+              <EuiTitle>
+                <h1>Create detector</h1>
+              </EuiTitle>
+              <EuiSpacer />
+              {this.getStepContent()}
+            </>
+          </EuiFlexItem>
         </EuiFlexGroup>
 
         <EuiFlexGroup alignItems={'center'} justifyContent={'flexEnd'}>
diff --git a/public/pages/Detectors/components/UpdateBasicDetails/UpdateBasicDetails.tsx b/public/pages/Detectors/components/UpdateBasicDetails/UpdateBasicDetails.tsx
index 0810b90c7..55e1af2a8 100644
--- a/public/pages/Detectors/components/UpdateBasicDetails/UpdateBasicDetails.tsx
+++ b/public/pages/Detectors/components/UpdateBasicDetails/UpdateBasicDetails.tsx
@@ -8,6 +8,7 @@ import {
   EuiComboBoxOptionOption,
   EuiFlexGroup,
   EuiFlexItem,
+  EuiPanel,
   EuiSpacer,
   EuiTitle,
 } from '@elastic/eui';
@@ -244,46 +245,50 @@ export const UpdateDetectorBasicDetails: React.FC<UpdateDetectorBasicDetailsProp
   }, [detector, fieldMappings]);
 
   return (
-    <div>
+    <>
       <EuiTitle size={'m'}>
         <h3>Edit detector details</h3>
       </EuiTitle>
       <EuiSpacer size="xxl" />
 
-      <DetectorBasicDetailsForm
-        isEdit={true}
-        detectorName={name}
-        detectorDescription={description}
-        onDetectorNameChange={onDetectorNameChange}
-        onDetectorInputDescriptionChange={onDetectorInputDescriptionChange}
-      />
-      <EuiSpacer size="xl" />
-
-      <DetectorDataSource
-        isEdit={true}
-        detector_type={detector.detector_type}
-        notifications={props.notifications}
-        indexService={services?.indexService as IndexService}
-        detectorIndices={inputs[0].detector_input.indices}
-        fieldMappingService={services?.fieldMappingService as FieldMappingService}
-        onDetectorInputIndicesChange={onDetectorInputIndicesChange}
-      />
-      <EuiSpacer size={'xl'} />
-
-      <DetectorSchedule detector={detector} onDetectorScheduleChange={onDetectorScheduleChange} />
-      <EuiSpacer size="xl" />
-
-      {fieldMappingsIsVisible ? (
-        <>
-          <ReviewFieldMappings
-            {...props}
-            detector={detector}
-            fieldMappingService={services?.fieldMappingService}
-            onFieldMappingChange={onFieldMappingChange}
-          />
-          <EuiSpacer size="xl" />
-        </>
-      ) : null}
+      <EuiPanel>
+        <DetectorBasicDetailsForm
+          isEdit={true}
+          detectorName={name}
+          detectorDescription={description}
+          onDetectorNameChange={onDetectorNameChange}
+          onDetectorInputDescriptionChange={onDetectorInputDescriptionChange}
+        />
+        <EuiSpacer size="xl" />
+
+        <DetectorDataSource
+          isEdit={true}
+          detector_type={detector.detector_type}
+          notifications={props.notifications}
+          indexService={services?.indexService as IndexService}
+          detectorIndices={inputs[0].detector_input.indices}
+          fieldMappingService={services?.fieldMappingService as FieldMappingService}
+          onDetectorInputIndicesChange={onDetectorInputIndicesChange}
+        />
+        <EuiSpacer size={'xl'} />
+
+        <DetectorSchedule detector={detector} onDetectorScheduleChange={onDetectorScheduleChange} />
+        <EuiSpacer size="xl" />
+
+        {fieldMappingsIsVisible ? (
+          <>
+            <ReviewFieldMappings
+              {...props}
+              detector={detector}
+              fieldMappingService={services?.fieldMappingService}
+              onFieldMappingChange={onFieldMappingChange}
+            />
+            <EuiSpacer size="xl" />
+          </>
+        ) : null}
+      </EuiPanel>
+
+      <EuiSpacer />
 
       <EuiFlexGroup justifyContent="flexEnd">
         <EuiFlexItem grow={false}>
@@ -303,6 +308,6 @@ export const UpdateDetectorBasicDetails: React.FC<UpdateDetectorBasicDetailsProp
           </EuiButton>
         </EuiFlexItem>
       </EuiFlexGroup>
-    </div>
+    </>
   );
 };
diff --git a/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap b/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
index 6dc2300c2..9dd4cfda7 100644
--- a/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
+++ b/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
@@ -584,946 +584,873 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
     }
   }
 >
-  <div>
-    <EuiTitle
-      size="m"
+  <EuiTitle
+    size="m"
+  >
+    <h3
+      className="euiTitle euiTitle--medium"
     >
-      <h3
-        className="euiTitle euiTitle--medium"
-      >
-        Edit detector details
-      </h3>
-    </EuiTitle>
-    <EuiSpacer
-      size="xxl"
-    >
-      <div
-        className="euiSpacer euiSpacer--xxl"
-      />
-    </EuiSpacer>
-    <DetectorBasicDetailsForm
-      detectorDescription="detectorDescription"
-      detectorName="detector_name"
-      isEdit={true}
-      onDetectorInputDescriptionChange={[Function]}
-      onDetectorNameChange={[Function]}
+      Edit detector details
+    </h3>
+  </EuiTitle>
+  <EuiSpacer
+    size="xxl"
+  >
+    <div
+      className="euiSpacer euiSpacer--xxl"
+    />
+  </EuiSpacer>
+  <EuiPanel>
+    <div
+      className="euiPanel euiPanel--paddingMedium euiPanel--borderRadiusMedium euiPanel--plain euiPanel--hasShadow"
     >
-      <ContentPanel
-        title="Detector details"
-        titleSize="m"
+      <DetectorBasicDetailsForm
+        detectorDescription="detectorDescription"
+        detectorName="detector_name"
+        isEdit={true}
+        onDetectorInputDescriptionChange={[Function]}
+        onDetectorNameChange={[Function]}
       >
-        <EuiPanel
-          className=""
-          style={
-            Object {
-              "paddingLeft": "0px",
-              "paddingRight": "0px",
-            }
+        <EuiTitle
+          size="m"
+        >
+          <h3
+            className="euiTitle euiTitle--medium"
+          >
+            Detector details
+          </h3>
+        </EuiTitle>
+        <EuiSpacer
+          size="m"
+        >
+          <div
+            className="euiSpacer euiSpacer--m"
+          />
+        </EuiSpacer>
+        <EuiFormRow
+          describedByIds={Array []}
+          display="row"
+          fullWidth={false}
+          hasChildLabel={true}
+          hasEmptyLabelSpace={false}
+          isInvalid={false}
+          label={
+            <FormFieldHeader
+              headerTitle="Name"
+            />
           }
+          labelType="label"
         >
           <div
-            className="euiPanel euiPanel--paddingMedium euiPanel--borderRadiusMedium euiPanel--plain euiPanel--hasShadow"
-            style={
-              Object {
-                "paddingLeft": "0px",
-                "paddingRight": "0px",
-              }
-            }
+            className="euiFormRow"
+            id="some_html_id-row"
           >
-            <EuiFlexGroup
-              alignItems="center"
-              justifyContent="spaceBetween"
-              style={
-                Object {
-                  "padding": "0px 10px",
-                }
-              }
-            >
-              <div
-                className="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--alignItemsCenter euiFlexGroup--justifyContentSpaceBetween euiFlexGroup--directionRow euiFlexGroup--responsive"
-                style={
-                  Object {
-                    "padding": "0px 10px",
-                  }
-                }
-              >
-                <EuiFlexItem>
-                  <div
-                    className="euiFlexItem"
-                  >
-                    <EuiTitle
-                      size="m"
-                    >
-                      <h3
-                        className="euiTitle euiTitle--medium"
-                      >
-                        Detector details
-                      </h3>
-                    </EuiTitle>
-                  </div>
-                </EuiFlexItem>
-              </div>
-            </EuiFlexGroup>
-            <EuiHorizontalRule
-              margin="xs"
-            >
-              <hr
-                className="euiHorizontalRule euiHorizontalRule--full euiHorizontalRule--marginXSmall"
-              />
-            </EuiHorizontalRule>
             <div
-              style={
-                Object {
-                  "padding": "0px 10px",
-                }
-              }
+              className="euiFormRow__labelWrapper"
             >
-              <EuiSpacer
-                size="m"
-              >
-                <div
-                  className="euiSpacer euiSpacer--m"
-                />
-              </EuiSpacer>
-              <EuiFormRow
-                describedByIds={Array []}
-                display="row"
-                fullWidth={false}
-                hasChildLabel={true}
-                hasEmptyLabelSpace={false}
+              <EuiFormLabel
+                aria-invalid={false}
+                className="euiFormRow__label"
+                htmlFor="some_html_id"
+                isFocused={false}
                 isInvalid={false}
-                label={
-                  <FormFieldHeader
-                    headerTitle="Name"
-                  />
-                }
-                labelType="label"
+                type="label"
               >
-                <div
-                  className="euiFormRow"
-                  id="some_html_id-row"
+                <label
+                  aria-invalid={false}
+                  className="euiFormLabel euiFormRow__label"
+                  htmlFor="some_html_id"
                 >
-                  <div
-                    className="euiFormRow__labelWrapper"
-                  >
-                    <EuiFormLabel
-                      aria-invalid={false}
-                      className="euiFormRow__label"
-                      htmlFor="some_html_id"
-                      isFocused={false}
-                      isInvalid={false}
-                      type="label"
-                    >
-                      <label
-                        aria-invalid={false}
-                        className="euiFormLabel euiFormRow__label"
-                        htmlFor="some_html_id"
-                      >
-                        <FormFieldHeader
-                          headerTitle="Name"
-                        >
-                          <EuiText
-                            size="s"
-                          >
-                            <div
-                              className="euiText euiText--small"
-                            >
-                              <strong>
-                                Name
-                              </strong>
-                            </div>
-                          </EuiText>
-                        </FormFieldHeader>
-                      </label>
-                    </EuiFormLabel>
-                  </div>
-                  <div
-                    className="euiFormRow__fieldWrapper"
+                  <FormFieldHeader
+                    headerTitle="Name"
                   >
-                    <EuiFieldText
-                      data-test-subj="define-detector-detector-name"
-                      id="some_html_id"
-                      onBlur={[Function]}
-                      onChange={[Function]}
-                      onFocus={[Function]}
-                      placeholder="Enter a name for the detector."
-                      readOnly={false}
-                      required={true}
-                      value="detector_name"
+                    <EuiText
+                      size="s"
                     >
-                      <EuiFormControlLayout
-                        fullWidth={false}
-                        inputId="some_html_id"
-                        readOnly={false}
+                      <div
+                        className="euiText euiText--small"
                       >
-                        <div
-                          className="euiFormControlLayout"
-                        >
-                          <div
-                            className="euiFormControlLayout__childrenWrapper"
-                          >
-                            <EuiValidatableControl>
-                              <input
-                                className="euiFieldText"
-                                data-test-subj="define-detector-detector-name"
-                                id="some_html_id"
-                                onBlur={[Function]}
-                                onChange={[Function]}
-                                onFocus={[Function]}
-                                placeholder="Enter a name for the detector."
-                                readOnly={false}
-                                required={true}
-                                type="text"
-                                value="detector_name"
-                              />
-                            </EuiValidatableControl>
-                            <EuiFormControlLayoutIcons />
-                          </div>
-                        </div>
-                      </EuiFormControlLayout>
-                    </EuiFieldText>
-                  </div>
-                </div>
-              </EuiFormRow>
-              <EuiSpacer
-                size="m"
-              >
-                <div
-                  className="euiSpacer euiSpacer--m"
-                />
-              </EuiSpacer>
-              <EuiFormRow
-                describedByIds={Array []}
-                display="row"
-                fullWidth={false}
-                hasChildLabel={true}
-                hasEmptyLabelSpace={false}
-                isInvalid={false}
-                label={
-                  <FormFieldHeader
-                    headerTitle="Description"
-                    optionalField={true}
-                  />
-                }
-                labelType="label"
+                        <strong>
+                          Name
+                        </strong>
+                      </div>
+                    </EuiText>
+                  </FormFieldHeader>
+                </label>
+              </EuiFormLabel>
+            </div>
+            <div
+              className="euiFormRow__fieldWrapper"
+            >
+              <EuiFieldText
+                data-test-subj="define-detector-detector-name"
+                id="some_html_id"
+                onBlur={[Function]}
+                onChange={[Function]}
+                onFocus={[Function]}
+                placeholder="Enter a name for the detector."
+                readOnly={false}
+                required={true}
+                value="detector_name"
               >
-                <div
-                  className="euiFormRow"
-                  id="some_html_id-row"
+                <EuiFormControlLayout
+                  fullWidth={false}
+                  inputId="some_html_id"
+                  readOnly={false}
                 >
                   <div
-                    className="euiFormRow__labelWrapper"
+                    className="euiFormControlLayout"
                   >
-                    <EuiFormLabel
-                      aria-invalid={false}
-                      className="euiFormRow__label"
-                      htmlFor="some_html_id"
-                      isFocused={false}
-                      isInvalid={false}
-                      type="label"
-                    >
-                      <label
-                        aria-invalid={false}
-                        className="euiFormLabel euiFormRow__label"
-                        htmlFor="some_html_id"
-                      >
-                        <FormFieldHeader
-                          headerTitle="Description"
-                          optionalField={true}
-                        >
-                          <EuiText
-                            size="s"
-                          >
-                            <div
-                              className="euiText euiText--small"
-                            >
-                              <strong>
-                                Description
-                              </strong>
-                              <i>
-                                 - optional 
-                              </i>
-                            </div>
-                          </EuiText>
-                        </FormFieldHeader>
-                      </label>
-                    </EuiFormLabel>
-                  </div>
-                  <div
-                    className="euiFormRow__fieldWrapper"
-                  >
-                    <EuiTextArea
-                      compressed={true}
-                      data-test-subj="define-detector-detector-description"
-                      id="some_html_id"
-                      onBlur={[Function]}
-                      onChange={[Function]}
-                      onFocus={[Function]}
-                      placeholder="Enter a description for the detector."
-                      value="detectorDescription"
+                    <div
+                      className="euiFormControlLayout__childrenWrapper"
                     >
                       <EuiValidatableControl>
-                        <textarea
-                          className="euiTextArea euiTextArea--resizeVertical euiTextArea--compressed"
-                          data-test-subj="define-detector-detector-description"
+                        <input
+                          className="euiFieldText"
+                          data-test-subj="define-detector-detector-name"
                           id="some_html_id"
                           onBlur={[Function]}
                           onChange={[Function]}
                           onFocus={[Function]}
-                          placeholder="Enter a description for the detector."
-                          rows={3}
-                          value="detectorDescription"
+                          placeholder="Enter a name for the detector."
+                          readOnly={false}
+                          required={true}
+                          type="text"
+                          value="detector_name"
                         />
                       </EuiValidatableControl>
-                    </EuiTextArea>
+                      <EuiFormControlLayoutIcons />
+                    </div>
                   </div>
-                </div>
-              </EuiFormRow>
+                </EuiFormControlLayout>
+              </EuiFieldText>
             </div>
           </div>
-        </EuiPanel>
-      </ContentPanel>
-    </DetectorBasicDetailsForm>
-    <EuiSpacer
-      size="xl"
-    >
-      <div
-        className="euiSpacer euiSpacer--xl"
-      />
-    </EuiSpacer>
-    <Component
-      detectorIndices={
-        Array [
-          ".windows",
-        ]
-      }
-      detector_type="detector_type"
-      indexService={
-        Object {
-          "getIndices": [Function],
+        </EuiFormRow>
+        <EuiSpacer
+          size="m"
+        >
+          <div
+            className="euiSpacer euiSpacer--m"
+          />
+        </EuiSpacer>
+        <EuiFormRow
+          describedByIds={Array []}
+          display="row"
+          fullWidth={false}
+          hasChildLabel={true}
+          hasEmptyLabelSpace={false}
+          isInvalid={false}
+          label={
+            <FormFieldHeader
+              headerTitle="Description"
+              optionalField={true}
+            />
+          }
+          labelType="label"
+        >
+          <div
+            className="euiFormRow"
+            id="some_html_id-row"
+          >
+            <div
+              className="euiFormRow__labelWrapper"
+            >
+              <EuiFormLabel
+                aria-invalid={false}
+                className="euiFormRow__label"
+                htmlFor="some_html_id"
+                isFocused={false}
+                isInvalid={false}
+                type="label"
+              >
+                <label
+                  aria-invalid={false}
+                  className="euiFormLabel euiFormRow__label"
+                  htmlFor="some_html_id"
+                >
+                  <FormFieldHeader
+                    headerTitle="Description"
+                    optionalField={true}
+                  >
+                    <EuiText
+                      size="s"
+                    >
+                      <div
+                        className="euiText euiText--small"
+                      >
+                        <strong>
+                          Description
+                        </strong>
+                        <i>
+                           - optional 
+                        </i>
+                      </div>
+                    </EuiText>
+                  </FormFieldHeader>
+                </label>
+              </EuiFormLabel>
+            </div>
+            <div
+              className="euiFormRow__fieldWrapper"
+            >
+              <EuiTextArea
+                compressed={true}
+                data-test-subj="define-detector-detector-description"
+                id="some_html_id"
+                onBlur={[Function]}
+                onChange={[Function]}
+                onFocus={[Function]}
+                placeholder="Enter a description for the detector."
+                value="detectorDescription"
+              >
+                <EuiValidatableControl>
+                  <textarea
+                    className="euiTextArea euiTextArea--resizeVertical euiTextArea--compressed"
+                    data-test-subj="define-detector-detector-description"
+                    id="some_html_id"
+                    onBlur={[Function]}
+                    onChange={[Function]}
+                    onFocus={[Function]}
+                    placeholder="Enter a description for the detector."
+                    rows={3}
+                    value="detectorDescription"
+                  />
+                </EuiValidatableControl>
+              </EuiTextArea>
+            </div>
+          </div>
+        </EuiFormRow>
+      </DetectorBasicDetailsForm>
+      <EuiSpacer
+        size="xl"
+      >
+        <div
+          className="euiSpacer euiSpacer--xl"
+        />
+      </EuiSpacer>
+      <Component
+        detectorIndices={
+          Array [
+            ".windows",
+          ]
         }
-      }
-      isEdit={true}
-      notifications={
-        Object {
-          "toasts": Object {
-            "addDanger": [MockFunction],
-            "addInfo": [MockFunction],
-            "addSuccess": [MockFunction],
-            "addWarning": [MockFunction],
-          },
+        detector_type="detector_type"
+        indexService={
+          Object {
+            "getIndices": [Function],
+          }
         }
-      }
-      onDetectorInputIndicesChange={[Function]}
-    >
-      <mock-component
-        mock="DetectorDataSource"
-      />
-    </Component>
-    <EuiSpacer
-      size="xl"
-    >
-      <div
-        className="euiSpacer euiSpacer--xl"
-      />
-    </EuiSpacer>
-    <DetectorSchedule
-      detector={
-        Object {
-          "createdBy": "someone",
-          "detector_type": "detector_type",
-          "enabled": true,
-          "enabled_time": 1,
-          "id": "detector_id_1",
-          "inputs": Array [
-            Object {
-              "detector_input": Object {
-                "custom_rules": Array [
+        isEdit={true}
+        notifications={
+          Object {
+            "toasts": Object {
+              "addDanger": [MockFunction],
+              "addInfo": [MockFunction],
+              "addSuccess": [MockFunction],
+              "addWarning": [MockFunction],
+            },
+          }
+        }
+        onDetectorInputIndicesChange={[Function]}
+      >
+        <mock-component
+          mock="DetectorDataSource"
+        />
+      </Component>
+      <EuiSpacer
+        size="xl"
+      >
+        <div
+          className="euiSpacer euiSpacer--xl"
+        />
+      </EuiSpacer>
+      <DetectorSchedule
+        detector={
+          Object {
+            "createdBy": "someone",
+            "detector_type": "detector_type",
+            "enabled": true,
+            "enabled_time": 1,
+            "id": "detector_id_1",
+            "inputs": Array [
+              Object {
+                "detector_input": Object {
+                  "custom_rules": Array [
+                    Object {
+                      "_id": "rule_id_1",
+                      "_index": ".windows",
+                      "_primary_term": 1,
+                      "_source": Object {
+                        "last_update_time": "12/12/2022",
+                        "queries": Array [
+                          Object {
+                            "value": ".windows",
+                          },
+                        ],
+                        "rule": "rule_name",
+                      },
+                      "_version": 1,
+                      "id": "rule_id_1",
+                      "prePackaged": true,
+                    },
+                  ],
+                  "description": "detectorDescription",
+                  "indices": Array [
+                    ".windows",
+                  ],
+                  "pre_packaged_rules": Array [
+                    Object {
+                      "_id": "rule_id_1",
+                      "_index": ".windows",
+                      "_primary_term": 1,
+                      "_source": Object {
+                        "last_update_time": "12/12/2022",
+                        "queries": Array [
+                          Object {
+                            "value": ".windows",
+                          },
+                        ],
+                        "rule": "rule_name",
+                      },
+                      "_version": 1,
+                      "id": "rule_id_1",
+                      "prePackaged": true,
+                    },
+                  ],
+                },
+              },
+            ],
+            "last_update_time": 1,
+            "name": "detector_name",
+            "schedule": Object {
+              "period": Object {
+                "interval": 1,
+                "unit": "MINUTES",
+              },
+            },
+            "triggers": Array [
+              Object {
+                "actions": Array [
                   Object {
-                    "_id": "rule_id_1",
-                    "_index": ".windows",
-                    "_primary_term": 1,
-                    "_source": Object {
-                      "last_update_time": "12/12/2022",
-                      "queries": Array [
-                        Object {
-                          "value": ".windows",
-                        },
-                      ],
-                      "rule": "rule_name",
+                    "destination_id": "some_destination_id_1",
+                    "id": "trigger_id_1_0",
+                    "message_template": Object {
+                      "lang": "some_lang",
+                      "source": "some_source",
+                    },
+                    "name": "some_name",
+                    "subject_template": Object {
+                      "lang": "some_lang",
+                      "source": "some_source",
                     },
-                    "_version": 1,
-                    "id": "rule_id_1",
-                    "prePackaged": true,
+                    "throttle": Object {
+                      "unit": "minutes",
+                      "value": 1,
+                    },
+                    "throttle_enabled": true,
                   },
-                ],
-                "description": "detectorDescription",
-                "indices": Array [
-                  ".windows",
-                ],
-                "pre_packaged_rules": Array [
                   Object {
-                    "_id": "rule_id_1",
-                    "_index": ".windows",
-                    "_primary_term": 1,
-                    "_source": Object {
-                      "last_update_time": "12/12/2022",
-                      "queries": Array [
-                        Object {
-                          "value": ".windows",
-                        },
-                      ],
-                      "rule": "rule_name",
+                    "destination_id": "some_destination_id_1",
+                    "id": "trigger_id_1_1",
+                    "message_template": Object {
+                      "lang": "some_lang",
+                      "source": "some_source",
+                    },
+                    "name": "some_name",
+                    "subject_template": Object {
+                      "lang": "some_lang",
+                      "source": "some_source",
+                    },
+                    "throttle": Object {
+                      "unit": "minutes",
+                      "value": 1,
                     },
-                    "_version": 1,
-                    "id": "rule_id_1",
-                    "prePackaged": true,
+                    "throttle_enabled": true,
                   },
                 ],
+                "id": "trigger_id_0",
+                "ids": Array [
+                  "rule_id_1",
+                ],
+                "name": "alert_name",
+                "sev_levels": Array [
+                  "severity_level_low",
+                ],
+                "severity": "1",
+                "tags": Array [
+                  "any.tag",
+                ],
+                "types": Array [
+                  "detector_type_1",
+                ],
               },
-            },
-          ],
-          "last_update_time": 1,
-          "name": "detector_name",
-          "schedule": Object {
-            "period": Object {
-              "interval": 1,
-              "unit": "MINUTES",
-            },
-          },
-          "triggers": Array [
-            Object {
-              "actions": Array [
-                Object {
-                  "destination_id": "some_destination_id_1",
-                  "id": "trigger_id_1_0",
-                  "message_template": Object {
-                    "lang": "some_lang",
-                    "source": "some_source",
-                  },
-                  "name": "some_name",
-                  "subject_template": Object {
-                    "lang": "some_lang",
-                    "source": "some_source",
-                  },
-                  "throttle": Object {
-                    "unit": "minutes",
-                    "value": 1,
-                  },
-                  "throttle_enabled": true,
-                },
-                Object {
-                  "destination_id": "some_destination_id_1",
-                  "id": "trigger_id_1_1",
-                  "message_template": Object {
-                    "lang": "some_lang",
-                    "source": "some_source",
-                  },
-                  "name": "some_name",
-                  "subject_template": Object {
-                    "lang": "some_lang",
-                    "source": "some_source",
-                  },
-                  "throttle": Object {
-                    "unit": "minutes",
-                    "value": 1,
-                  },
-                  "throttle_enabled": true,
-                },
-              ],
-              "id": "trigger_id_0",
-              "ids": Array [
-                "rule_id_1",
-              ],
-              "name": "alert_name",
-              "sev_levels": Array [
-                "severity_level_low",
-              ],
-              "severity": "1",
-              "tags": Array [
-                "any.tag",
-              ],
-              "types": Array [
-                "detector_type_1",
-              ],
-            },
-            Object {
-              "actions": Array [
-                Object {
-                  "destination_id": "some_destination_id_1",
-                  "id": "trigger_id_1_0",
-                  "message_template": Object {
-                    "lang": "some_lang",
-                    "source": "some_source",
-                  },
-                  "name": "some_name",
-                  "subject_template": Object {
-                    "lang": "some_lang",
-                    "source": "some_source",
-                  },
-                  "throttle": Object {
-                    "unit": "minutes",
-                    "value": 1,
-                  },
-                  "throttle_enabled": true,
-                },
-                Object {
-                  "destination_id": "some_destination_id_1",
-                  "id": "trigger_id_1_1",
-                  "message_template": Object {
-                    "lang": "some_lang",
-                    "source": "some_source",
-                  },
-                  "name": "some_name",
-                  "subject_template": Object {
-                    "lang": "some_lang",
-                    "source": "some_source",
+              Object {
+                "actions": Array [
+                  Object {
+                    "destination_id": "some_destination_id_1",
+                    "id": "trigger_id_1_0",
+                    "message_template": Object {
+                      "lang": "some_lang",
+                      "source": "some_source",
+                    },
+                    "name": "some_name",
+                    "subject_template": Object {
+                      "lang": "some_lang",
+                      "source": "some_source",
+                    },
+                    "throttle": Object {
+                      "unit": "minutes",
+                      "value": 1,
+                    },
+                    "throttle_enabled": true,
                   },
-                  "throttle": Object {
-                    "unit": "minutes",
-                    "value": 1,
+                  Object {
+                    "destination_id": "some_destination_id_1",
+                    "id": "trigger_id_1_1",
+                    "message_template": Object {
+                      "lang": "some_lang",
+                      "source": "some_source",
+                    },
+                    "name": "some_name",
+                    "subject_template": Object {
+                      "lang": "some_lang",
+                      "source": "some_source",
+                    },
+                    "throttle": Object {
+                      "unit": "minutes",
+                      "value": 1,
+                    },
+                    "throttle_enabled": true,
                   },
-                  "throttle_enabled": true,
-                },
-              ],
-              "id": "trigger_id_1",
-              "ids": Array [
-                "rule_id_1",
-              ],
-              "name": "alert_name",
-              "sev_levels": Array [
-                "severity_level_low",
-              ],
-              "severity": "1",
-              "tags": Array [
-                "any.tag",
-              ],
-              "types": Array [
-                "detector_type_1",
-              ],
-            },
-          ],
-          "type": "detector",
+                ],
+                "id": "trigger_id_1",
+                "ids": Array [
+                  "rule_id_1",
+                ],
+                "name": "alert_name",
+                "sev_levels": Array [
+                  "severity_level_low",
+                ],
+                "severity": "1",
+                "tags": Array [
+                  "any.tag",
+                ],
+                "types": Array [
+                  "detector_type_1",
+                ],
+              },
+            ],
+            "type": "detector",
+          }
         }
-      }
-      onDetectorScheduleChange={[Function]}
-    >
-      <ContentPanel
-        title="Detector schedule"
+        onDetectorScheduleChange={[Function]}
       >
-        <EuiPanel
-          className=""
-          style={
-            Object {
-              "paddingLeft": "0px",
-              "paddingRight": "0px",
-            }
-          }
+        <EuiTitle
+          size="m"
         >
-          <div
-            className="euiPanel euiPanel--paddingMedium euiPanel--borderRadiusMedium euiPanel--plain euiPanel--hasShadow"
-            style={
-              Object {
-                "paddingLeft": "0px",
-                "paddingRight": "0px",
-              }
-            }
+          <h3
+            className="euiTitle euiTitle--medium"
           >
-            <EuiFlexGroup
-              alignItems="center"
-              justifyContent="spaceBetween"
-              style={
-                Object {
-                  "padding": "0px 10px",
-                }
-              }
-            >
-              <div
-                className="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--alignItemsCenter euiFlexGroup--justifyContentSpaceBetween euiFlexGroup--directionRow euiFlexGroup--responsive"
-                style={
-                  Object {
-                    "padding": "0px 10px",
-                  }
-                }
-              >
-                <EuiFlexItem>
-                  <div
-                    className="euiFlexItem"
-                  >
-                    <EuiTitle
-                      size="m"
-                    >
-                      <h3
-                        className="euiTitle euiTitle--medium"
-                      >
-                        Detector schedule
-                      </h3>
-                    </EuiTitle>
-                  </div>
-                </EuiFlexItem>
-              </div>
-            </EuiFlexGroup>
-            <EuiHorizontalRule
-              margin="xs"
-            >
-              <hr
-                className="euiHorizontalRule euiHorizontalRule--full euiHorizontalRule--marginXSmall"
-              />
-            </EuiHorizontalRule>
-            <div
-              style={
+            Detector schedule
+          </h3>
+        </EuiTitle>
+        <EuiSpacer>
+          <div
+            className="euiSpacer euiSpacer--l"
+          />
+        </EuiSpacer>
+        <Interval
+          detector={
+            Object {
+              "createdBy": "someone",
+              "detector_type": "detector_type",
+              "enabled": true,
+              "enabled_time": 1,
+              "id": "detector_id_1",
+              "inputs": Array [
                 Object {
-                  "padding": "0px 10px",
-                }
-              }
-            >
-              <Interval
-                detector={
-                  Object {
-                    "createdBy": "someone",
-                    "detector_type": "detector_type",
-                    "enabled": true,
-                    "enabled_time": 1,
-                    "id": "detector_id_1",
-                    "inputs": Array [
+                  "detector_input": Object {
+                    "custom_rules": Array [
                       Object {
-                        "detector_input": Object {
-                          "custom_rules": Array [
+                        "_id": "rule_id_1",
+                        "_index": ".windows",
+                        "_primary_term": 1,
+                        "_source": Object {
+                          "last_update_time": "12/12/2022",
+                          "queries": Array [
                             Object {
-                              "_id": "rule_id_1",
-                              "_index": ".windows",
-                              "_primary_term": 1,
-                              "_source": Object {
-                                "last_update_time": "12/12/2022",
-                                "queries": Array [
-                                  Object {
-                                    "value": ".windows",
-                                  },
-                                ],
-                                "rule": "rule_name",
-                              },
-                              "_version": 1,
-                              "id": "rule_id_1",
-                              "prePackaged": true,
+                              "value": ".windows",
                             },
                           ],
-                          "description": "detectorDescription",
-                          "indices": Array [
-                            ".windows",
-                          ],
-                          "pre_packaged_rules": Array [
+                          "rule": "rule_name",
+                        },
+                        "_version": 1,
+                        "id": "rule_id_1",
+                        "prePackaged": true,
+                      },
+                    ],
+                    "description": "detectorDescription",
+                    "indices": Array [
+                      ".windows",
+                    ],
+                    "pre_packaged_rules": Array [
+                      Object {
+                        "_id": "rule_id_1",
+                        "_index": ".windows",
+                        "_primary_term": 1,
+                        "_source": Object {
+                          "last_update_time": "12/12/2022",
+                          "queries": Array [
                             Object {
-                              "_id": "rule_id_1",
-                              "_index": ".windows",
-                              "_primary_term": 1,
-                              "_source": Object {
-                                "last_update_time": "12/12/2022",
-                                "queries": Array [
-                                  Object {
-                                    "value": ".windows",
-                                  },
-                                ],
-                                "rule": "rule_name",
-                              },
-                              "_version": 1,
-                              "id": "rule_id_1",
-                              "prePackaged": true,
+                              "value": ".windows",
                             },
                           ],
+                          "rule": "rule_name",
                         },
+                        "_version": 1,
+                        "id": "rule_id_1",
+                        "prePackaged": true,
                       },
                     ],
-                    "last_update_time": 1,
-                    "name": "detector_name",
-                    "schedule": Object {
-                      "period": Object {
-                        "interval": 1,
-                        "unit": "MINUTES",
+                  },
+                },
+              ],
+              "last_update_time": 1,
+              "name": "detector_name",
+              "schedule": Object {
+                "period": Object {
+                  "interval": 1,
+                  "unit": "MINUTES",
+                },
+              },
+              "triggers": Array [
+                Object {
+                  "actions": Array [
+                    Object {
+                      "destination_id": "some_destination_id_1",
+                      "id": "trigger_id_1_0",
+                      "message_template": Object {
+                        "lang": "some_lang",
+                        "source": "some_source",
+                      },
+                      "name": "some_name",
+                      "subject_template": Object {
+                        "lang": "some_lang",
+                        "source": "some_source",
+                      },
+                      "throttle": Object {
+                        "unit": "minutes",
+                        "value": 1,
                       },
+                      "throttle_enabled": true,
                     },
-                    "triggers": Array [
-                      Object {
-                        "actions": Array [
-                          Object {
-                            "destination_id": "some_destination_id_1",
-                            "id": "trigger_id_1_0",
-                            "message_template": Object {
-                              "lang": "some_lang",
-                              "source": "some_source",
-                            },
-                            "name": "some_name",
-                            "subject_template": Object {
-                              "lang": "some_lang",
-                              "source": "some_source",
-                            },
-                            "throttle": Object {
-                              "unit": "minutes",
-                              "value": 1,
-                            },
-                            "throttle_enabled": true,
-                          },
-                          Object {
-                            "destination_id": "some_destination_id_1",
-                            "id": "trigger_id_1_1",
-                            "message_template": Object {
-                              "lang": "some_lang",
-                              "source": "some_source",
-                            },
-                            "name": "some_name",
-                            "subject_template": Object {
-                              "lang": "some_lang",
-                              "source": "some_source",
-                            },
-                            "throttle": Object {
-                              "unit": "minutes",
-                              "value": 1,
-                            },
-                            "throttle_enabled": true,
-                          },
-                        ],
-                        "id": "trigger_id_0",
-                        "ids": Array [
-                          "rule_id_1",
-                        ],
-                        "name": "alert_name",
-                        "sev_levels": Array [
-                          "severity_level_low",
-                        ],
-                        "severity": "1",
-                        "tags": Array [
-                          "any.tag",
-                        ],
-                        "types": Array [
-                          "detector_type_1",
-                        ],
+                    Object {
+                      "destination_id": "some_destination_id_1",
+                      "id": "trigger_id_1_1",
+                      "message_template": Object {
+                        "lang": "some_lang",
+                        "source": "some_source",
                       },
-                      Object {
-                        "actions": Array [
-                          Object {
-                            "destination_id": "some_destination_id_1",
-                            "id": "trigger_id_1_0",
-                            "message_template": Object {
-                              "lang": "some_lang",
-                              "source": "some_source",
-                            },
-                            "name": "some_name",
-                            "subject_template": Object {
-                              "lang": "some_lang",
-                              "source": "some_source",
-                            },
-                            "throttle": Object {
-                              "unit": "minutes",
-                              "value": 1,
-                            },
-                            "throttle_enabled": true,
-                          },
-                          Object {
-                            "destination_id": "some_destination_id_1",
-                            "id": "trigger_id_1_1",
-                            "message_template": Object {
-                              "lang": "some_lang",
-                              "source": "some_source",
-                            },
-                            "name": "some_name",
-                            "subject_template": Object {
-                              "lang": "some_lang",
-                              "source": "some_source",
-                            },
-                            "throttle": Object {
-                              "unit": "minutes",
-                              "value": 1,
-                            },
-                            "throttle_enabled": true,
-                          },
-                        ],
-                        "id": "trigger_id_1",
-                        "ids": Array [
-                          "rule_id_1",
-                        ],
-                        "name": "alert_name",
-                        "sev_levels": Array [
-                          "severity_level_low",
-                        ],
-                        "severity": "1",
-                        "tags": Array [
-                          "any.tag",
-                        ],
-                        "types": Array [
-                          "detector_type_1",
-                        ],
+                      "name": "some_name",
+                      "subject_template": Object {
+                        "lang": "some_lang",
+                        "source": "some_source",
                       },
-                    ],
-                    "type": "detector",
-                  }
-                }
-                onDetectorScheduleChange={[Function]}
+                      "throttle": Object {
+                        "unit": "minutes",
+                        "value": 1,
+                      },
+                      "throttle_enabled": true,
+                    },
+                  ],
+                  "id": "trigger_id_0",
+                  "ids": Array [
+                    "rule_id_1",
+                  ],
+                  "name": "alert_name",
+                  "sev_levels": Array [
+                    "severity_level_low",
+                  ],
+                  "severity": "1",
+                  "tags": Array [
+                    "any.tag",
+                  ],
+                  "types": Array [
+                    "detector_type_1",
+                  ],
+                },
+                Object {
+                  "actions": Array [
+                    Object {
+                      "destination_id": "some_destination_id_1",
+                      "id": "trigger_id_1_0",
+                      "message_template": Object {
+                        "lang": "some_lang",
+                        "source": "some_source",
+                      },
+                      "name": "some_name",
+                      "subject_template": Object {
+                        "lang": "some_lang",
+                        "source": "some_source",
+                      },
+                      "throttle": Object {
+                        "unit": "minutes",
+                        "value": 1,
+                      },
+                      "throttle_enabled": true,
+                    },
+                    Object {
+                      "destination_id": "some_destination_id_1",
+                      "id": "trigger_id_1_1",
+                      "message_template": Object {
+                        "lang": "some_lang",
+                        "source": "some_source",
+                      },
+                      "name": "some_name",
+                      "subject_template": Object {
+                        "lang": "some_lang",
+                        "source": "some_source",
+                      },
+                      "throttle": Object {
+                        "unit": "minutes",
+                        "value": 1,
+                      },
+                      "throttle_enabled": true,
+                    },
+                  ],
+                  "id": "trigger_id_1",
+                  "ids": Array [
+                    "rule_id_1",
+                  ],
+                  "name": "alert_name",
+                  "sev_levels": Array [
+                    "severity_level_low",
+                  ],
+                  "severity": "1",
+                  "tags": Array [
+                    "any.tag",
+                  ],
+                  "types": Array [
+                    "detector_type_1",
+                  ],
+                },
+              ],
+              "type": "detector",
+            }
+          }
+          onDetectorScheduleChange={[Function]}
+        >
+          <EuiFormRow
+            describedByIds={Array []}
+            display="row"
+            error="Enter schedule interval."
+            fullWidth={false}
+            hasChildLabel={true}
+            hasEmptyLabelSpace={false}
+            isInvalid={false}
+            label={
+              <FormFieldHeader
+                headerTitle="Run every"
+              />
+            }
+            labelType="label"
+          >
+            <div
+              className="euiFormRow"
+              id="some_html_id-row"
+            >
+              <div
+                className="euiFormRow__labelWrapper"
               >
-                <EuiFormRow
-                  describedByIds={Array []}
-                  display="row"
-                  error="Enter schedule interval."
-                  fullWidth={false}
-                  hasChildLabel={true}
-                  hasEmptyLabelSpace={false}
+                <EuiFormLabel
+                  aria-invalid={false}
+                  className="euiFormRow__label"
+                  htmlFor="some_html_id"
+                  isFocused={false}
                   isInvalid={false}
-                  label={
+                  type="label"
+                >
+                  <label
+                    aria-invalid={false}
+                    className="euiFormLabel euiFormRow__label"
+                    htmlFor="some_html_id"
+                  >
                     <FormFieldHeader
                       headerTitle="Run every"
-                    />
-                  }
-                  labelType="label"
+                    >
+                      <EuiText
+                        size="s"
+                      >
+                        <div
+                          className="euiText euiText--small"
+                        >
+                          <strong>
+                            Run every
+                          </strong>
+                        </div>
+                      </EuiText>
+                    </FormFieldHeader>
+                  </label>
+                </EuiFormLabel>
+              </div>
+              <div
+                className="euiFormRow__fieldWrapper"
+              >
+                <EuiFlexGroup
+                  id="some_html_id"
+                  onBlur={[Function]}
+                  onFocus={[Function]}
                 >
                   <div
-                    className="euiFormRow"
-                    id="some_html_id-row"
+                    className="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive"
+                    id="some_html_id"
+                    onBlur={[Function]}
+                    onFocus={[Function]}
                   >
-                    <div
-                      className="euiFormRow__labelWrapper"
-                    >
-                      <EuiFormLabel
-                        aria-invalid={false}
-                        className="euiFormRow__label"
-                        htmlFor="some_html_id"
-                        isFocused={false}
-                        isInvalid={false}
-                        type="label"
+                    <EuiFlexItem>
+                      <div
+                        className="euiFlexItem"
                       >
-                        <label
-                          aria-invalid={false}
-                          className="euiFormLabel euiFormRow__label"
-                          htmlFor="some_html_id"
+                        <EuiFieldNumber
+                          data-test-subj="detector-schedule-number-select"
+                          icon="clock"
+                          isInvalid={false}
+                          min={1}
+                          onChange={[Function]}
+                          required={true}
+                          value={1}
                         >
-                          <FormFieldHeader
-                            headerTitle="Run every"
+                          <EuiFormControlLayout
+                            compressed={false}
+                            fullWidth={false}
+                            icon="clock"
+                            isLoading={false}
                           >
-                            <EuiText
-                              size="s"
-                            >
-                              <div
-                                className="euiText euiText--small"
-                              >
-                                <strong>
-                                  Run every
-                                </strong>
-                              </div>
-                            </EuiText>
-                          </FormFieldHeader>
-                        </label>
-                      </EuiFormLabel>
-                    </div>
-                    <div
-                      className="euiFormRow__fieldWrapper"
-                    >
-                      <EuiFlexGroup
-                        id="some_html_id"
-                        onBlur={[Function]}
-                        onFocus={[Function]}
-                      >
-                        <div
-                          className="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive"
-                          id="some_html_id"
-                          onBlur={[Function]}
-                          onFocus={[Function]}
-                        >
-                          <EuiFlexItem>
                             <div
-                              className="euiFlexItem"
+                              className="euiFormControlLayout"
                             >
-                              <EuiFieldNumber
-                                data-test-subj="detector-schedule-number-select"
-                                icon="clock"
-                                isInvalid={false}
-                                min={1}
-                                onChange={[Function]}
-                                required={true}
-                                value={1}
+                              <div
+                                className="euiFormControlLayout__childrenWrapper"
                               >
-                                <EuiFormControlLayout
+                                <EuiValidatableControl
+                                  isInvalid={false}
+                                >
+                                  <input
+                                    className="euiFieldNumber euiFieldNumber--withIcon"
+                                    data-test-subj="detector-schedule-number-select"
+                                    min={1}
+                                    onChange={[Function]}
+                                    required={true}
+                                    type="number"
+                                    value={1}
+                                  />
+                                </EuiValidatableControl>
+                                <EuiFormControlLayoutIcons
                                   compressed={false}
-                                  fullWidth={false}
                                   icon="clock"
                                   isLoading={false}
                                 >
                                   <div
-                                    className="euiFormControlLayout"
+                                    className="euiFormControlLayoutIcons"
                                   >
-                                    <div
-                                      className="euiFormControlLayout__childrenWrapper"
+                                    <EuiFormControlLayoutCustomIcon
+                                      size="m"
+                                      type="clock"
                                     >
-                                      <EuiValidatableControl
-                                        isInvalid={false}
-                                      >
-                                        <input
-                                          className="euiFieldNumber euiFieldNumber--withIcon"
-                                          data-test-subj="detector-schedule-number-select"
-                                          min={1}
-                                          onChange={[Function]}
-                                          required={true}
-                                          type="number"
-                                          value={1}
-                                        />
-                                      </EuiValidatableControl>
-                                      <EuiFormControlLayoutIcons
-                                        compressed={false}
-                                        icon="clock"
-                                        isLoading={false}
+                                      <span
+                                        className="euiFormControlLayoutCustomIcon"
                                       >
-                                        <div
-                                          className="euiFormControlLayoutIcons"
+                                        <EuiIcon
+                                          aria-hidden="true"
+                                          className="euiFormControlLayoutCustomIcon__icon"
+                                          size="m"
+                                          type="clock"
                                         >
-                                          <EuiFormControlLayoutCustomIcon
-                                            size="m"
-                                            type="clock"
-                                          >
-                                            <span
-                                              className="euiFormControlLayoutCustomIcon"
-                                            >
-                                              <EuiIcon
-                                                aria-hidden="true"
-                                                className="euiFormControlLayoutCustomIcon__icon"
-                                                size="m"
-                                                type="clock"
-                                              >
-                                                EuiIconMock
-                                              </EuiIcon>
-                                            </span>
-                                          </EuiFormControlLayoutCustomIcon>
-                                        </div>
-                                      </EuiFormControlLayoutIcons>
-                                    </div>
+                                          EuiIconMock
+                                        </EuiIcon>
+                                      </span>
+                                    </EuiFormControlLayoutCustomIcon>
                                   </div>
-                                </EuiFormControlLayout>
-                              </EuiFieldNumber>
+                                </EuiFormControlLayoutIcons>
+                              </div>
                             </div>
-                          </EuiFlexItem>
-                          <EuiFlexItem>
+                          </EuiFormControlLayout>
+                        </EuiFieldNumber>
+                      </div>
+                    </EuiFlexItem>
+                    <EuiFlexItem>
+                      <div
+                        className="euiFlexItem"
+                      >
+                        <EuiSelect
+                          data-test-subj="detector-schedule-unit-select"
+                          onChange={[Function]}
+                          options={
+                            Array [
+                              Object {
+                                "text": "Minutes",
+                                "value": "MINUTES",
+                              },
+                              Object {
+                                "text": "Hours",
+                                "value": "HOURS",
+                              },
+                              Object {
+                                "text": "Days",
+                                "value": "DAYS",
+                              },
+                            ]
+                          }
+                          value="MINUTES"
+                        >
+                          <EuiFormControlLayout
+                            compressed={false}
+                            fullWidth={false}
+                            icon={
+                              Object {
+                                "side": "right",
+                                "type": "arrowDown",
+                              }
+                            }
+                            isLoading={false}
+                          >
                             <div
-                              className="euiFlexItem"
+                              className="euiFormControlLayout"
                             >
-                              <EuiSelect
-                                data-test-subj="detector-schedule-unit-select"
-                                onChange={[Function]}
-                                options={
-                                  Array [
-                                    Object {
-                                      "text": "Minutes",
-                                      "value": "MINUTES",
-                                    },
-                                    Object {
-                                      "text": "Hours",
-                                      "value": "HOURS",
-                                    },
-                                    Object {
-                                      "text": "Days",
-                                      "value": "DAYS",
-                                    },
-                                  ]
-                                }
-                                value="MINUTES"
+                              <div
+                                className="euiFormControlLayout__childrenWrapper"
                               >
-                                <EuiFormControlLayout
+                                <EuiValidatableControl>
+                                  <select
+                                    className="euiSelect"
+                                    data-test-subj="detector-schedule-unit-select"
+                                    onChange={[Function]}
+                                    onMouseUp={[Function]}
+                                    value="MINUTES"
+                                  >
+                                    <option
+                                      key="0"
+                                      value="MINUTES"
+                                    >
+                                      Minutes
+                                    </option>
+                                    <option
+                                      key="1"
+                                      value="HOURS"
+                                    >
+                                      Hours
+                                    </option>
+                                    <option
+                                      key="2"
+                                      value="DAYS"
+                                    >
+                                      Days
+                                    </option>
+                                  </select>
+                                </EuiValidatableControl>
+                                <EuiFormControlLayoutIcons
                                   compressed={false}
-                                  fullWidth={false}
                                   icon={
                                     Object {
                                       "side": "right",
@@ -1533,217 +1460,175 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                                   isLoading={false}
                                 >
                                   <div
-                                    className="euiFormControlLayout"
+                                    className="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
                                   >
-                                    <div
-                                      className="euiFormControlLayout__childrenWrapper"
+                                    <EuiFormControlLayoutCustomIcon
+                                      size="m"
+                                      type="arrowDown"
                                     >
-                                      <EuiValidatableControl>
-                                        <select
-                                          className="euiSelect"
-                                          data-test-subj="detector-schedule-unit-select"
-                                          onChange={[Function]}
-                                          onMouseUp={[Function]}
-                                          value="MINUTES"
-                                        >
-                                          <option
-                                            key="0"
-                                            value="MINUTES"
-                                          >
-                                            Minutes
-                                          </option>
-                                          <option
-                                            key="1"
-                                            value="HOURS"
-                                          >
-                                            Hours
-                                          </option>
-                                          <option
-                                            key="2"
-                                            value="DAYS"
-                                          >
-                                            Days
-                                          </option>
-                                        </select>
-                                      </EuiValidatableControl>
-                                      <EuiFormControlLayoutIcons
-                                        compressed={false}
-                                        icon={
-                                          Object {
-                                            "side": "right",
-                                            "type": "arrowDown",
-                                          }
-                                        }
-                                        isLoading={false}
+                                      <span
+                                        className="euiFormControlLayoutCustomIcon"
                                       >
-                                        <div
-                                          className="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
+                                        <EuiIcon
+                                          aria-hidden="true"
+                                          className="euiFormControlLayoutCustomIcon__icon"
+                                          size="m"
+                                          type="arrowDown"
                                         >
-                                          <EuiFormControlLayoutCustomIcon
-                                            size="m"
-                                            type="arrowDown"
-                                          >
-                                            <span
-                                              className="euiFormControlLayoutCustomIcon"
-                                            >
-                                              <EuiIcon
-                                                aria-hidden="true"
-                                                className="euiFormControlLayoutCustomIcon__icon"
-                                                size="m"
-                                                type="arrowDown"
-                                              >
-                                                EuiIconMock
-                                              </EuiIcon>
-                                            </span>
-                                          </EuiFormControlLayoutCustomIcon>
-                                        </div>
-                                      </EuiFormControlLayoutIcons>
-                                    </div>
+                                          EuiIconMock
+                                        </EuiIcon>
+                                      </span>
+                                    </EuiFormControlLayoutCustomIcon>
                                   </div>
-                                </EuiFormControlLayout>
-                              </EuiSelect>
+                                </EuiFormControlLayoutIcons>
+                              </div>
                             </div>
-                          </EuiFlexItem>
-                        </div>
-                      </EuiFlexGroup>
-                    </div>
+                          </EuiFormControlLayout>
+                        </EuiSelect>
+                      </div>
+                    </EuiFlexItem>
                   </div>
-                </EuiFormRow>
-              </Interval>
+                </EuiFlexGroup>
+              </div>
             </div>
-          </div>
-        </EuiPanel>
-      </ContentPanel>
-    </DetectorSchedule>
-    <EuiSpacer
-      size="xl"
-    >
-      <div
-        className="euiSpacer euiSpacer--xl"
-      />
-    </EuiSpacer>
-    <EuiFlexGroup
-      justifyContent="flexEnd"
+          </EuiFormRow>
+        </Interval>
+      </DetectorSchedule>
+      <EuiSpacer
+        size="xl"
+      >
+        <div
+          className="euiSpacer euiSpacer--xl"
+        />
+      </EuiSpacer>
+    </div>
+  </EuiPanel>
+  <EuiSpacer>
+    <div
+      className="euiSpacer euiSpacer--l"
+    />
+  </EuiSpacer>
+  <EuiFlexGroup
+    justifyContent="flexEnd"
+  >
+    <div
+      className="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--justifyContentFlexEnd euiFlexGroup--directionRow euiFlexGroup--responsive"
     >
-      <div
-        className="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--justifyContentFlexEnd euiFlexGroup--directionRow euiFlexGroup--responsive"
+      <EuiFlexItem
+        grow={false}
       >
-        <EuiFlexItem
-          grow={false}
+        <div
+          className="euiFlexItem euiFlexItem--flexGrowZero"
         >
-          <div
-            className="euiFlexItem euiFlexItem--flexGrowZero"
+          <EuiButton
+            disabled={false}
+            onClick={[Function]}
           >
-            <EuiButton
+            <EuiButtonDisplay
+              baseClassName="euiButton"
               disabled={false}
+              element="button"
+              isDisabled={false}
               onClick={[Function]}
+              type="button"
             >
-              <EuiButtonDisplay
-                baseClassName="euiButton"
+              <button
+                className="euiButton euiButton--primary"
                 disabled={false}
-                element="button"
-                isDisabled={false}
                 onClick={[Function]}
+                style={
+                  Object {
+                    "minWidth": undefined,
+                  }
+                }
                 type="button"
               >
-                <button
-                  className="euiButton euiButton--primary"
-                  disabled={false}
-                  onClick={[Function]}
-                  style={
+                <EuiButtonContent
+                  className="euiButton__content"
+                  iconSide="left"
+                  textProps={
                     Object {
-                      "minWidth": undefined,
+                      "className": "euiButton__text",
                     }
                   }
-                  type="button"
                 >
-                  <EuiButtonContent
-                    className="euiButton__content"
-                    iconSide="left"
-                    textProps={
-                      Object {
-                        "className": "euiButton__text",
-                      }
-                    }
+                  <span
+                    className="euiButtonContent euiButton__content"
                   >
                     <span
-                      className="euiButtonContent euiButton__content"
+                      className="euiButton__text"
                     >
-                      <span
-                        className="euiButton__text"
-                      >
-                        Cancel
-                      </span>
+                      Cancel
                     </span>
-                  </EuiButtonContent>
-                </button>
-              </EuiButtonDisplay>
-            </EuiButton>
-          </div>
-        </EuiFlexItem>
-        <EuiFlexItem
-          grow={false}
+                  </span>
+                </EuiButtonContent>
+              </button>
+            </EuiButtonDisplay>
+          </EuiButton>
+        </div>
+      </EuiFlexItem>
+      <EuiFlexItem
+        grow={false}
+      >
+        <div
+          className="euiFlexItem euiFlexItem--flexGrowZero"
         >
-          <div
-            className="euiFlexItem euiFlexItem--flexGrowZero"
+          <EuiButton
+            data-test-subj="save-basic-details-edits"
+            disabled={false}
+            fill={true}
+            isLoading={false}
+            onClick={[Function]}
           >
-            <EuiButton
+            <EuiButtonDisplay
+              baseClassName="euiButton"
               data-test-subj="save-basic-details-edits"
               disabled={false}
+              element="button"
               fill={true}
+              isDisabled={false}
               isLoading={false}
               onClick={[Function]}
+              type="button"
             >
-              <EuiButtonDisplay
-                baseClassName="euiButton"
+              <button
+                className="euiButton euiButton--primary euiButton--fill"
                 data-test-subj="save-basic-details-edits"
                 disabled={false}
-                element="button"
-                fill={true}
-                isDisabled={false}
-                isLoading={false}
                 onClick={[Function]}
+                style={
+                  Object {
+                    "minWidth": undefined,
+                  }
+                }
                 type="button"
               >
-                <button
-                  className="euiButton euiButton--primary euiButton--fill"
-                  data-test-subj="save-basic-details-edits"
-                  disabled={false}
-                  onClick={[Function]}
-                  style={
+                <EuiButtonContent
+                  className="euiButton__content"
+                  iconSide="left"
+                  isLoading={false}
+                  textProps={
                     Object {
-                      "minWidth": undefined,
+                      "className": "euiButton__text",
                     }
                   }
-                  type="button"
                 >
-                  <EuiButtonContent
-                    className="euiButton__content"
-                    iconSide="left"
-                    isLoading={false}
-                    textProps={
-                      Object {
-                        "className": "euiButton__text",
-                      }
-                    }
+                  <span
+                    className="euiButtonContent euiButton__content"
                   >
                     <span
-                      className="euiButtonContent euiButton__content"
+                      className="euiButton__text"
                     >
-                      <span
-                        className="euiButton__text"
-                      >
-                        Save changes
-                      </span>
+                      Save changes
                     </span>
-                  </EuiButtonContent>
-                </button>
-              </EuiButtonDisplay>
-            </EuiButton>
-          </div>
-        </EuiFlexItem>
-      </div>
-    </EuiFlexGroup>
-  </div>
+                  </span>
+                </EuiButtonContent>
+              </button>
+            </EuiButtonDisplay>
+          </EuiButton>
+        </div>
+      </EuiFlexItem>
+    </div>
+  </EuiFlexGroup>
 </UpdateDetectorBasicDetails>
 `;
diff --git a/public/pages/Rules/utils/constants.ts b/public/pages/Rules/utils/constants.ts
index 377763448..3ff063fcc 100644
--- a/public/pages/Rules/utils/constants.ts
+++ b/public/pages/Rules/utils/constants.ts
@@ -5,7 +5,13 @@
 
 import { euiPaletteForStatus } from '@elastic/eui';
 
-export const ruleTypes: { label: string; value: string; id: string; category: string }[] = [];
+export const ruleTypes: {
+  label: string;
+  value: string;
+  id: string;
+  category: string;
+  isStandard: boolean;
+}[] = [];
 
 const paletteColors = euiPaletteForStatus(5);
 
diff --git a/public/store/LogTypeStore.ts b/public/store/LogTypeStore.ts
index 3528406df..c3f34594e 100644
--- a/public/store/LogTypeStore.ts
+++ b/public/store/LogTypeStore.ts
@@ -54,11 +54,12 @@ export class LogTypeStore {
         0,
         ruleTypes.length,
         ...logTypes
-          .map(({ category, id, name }) => ({
+          .map(({ category, id, name, source }) => ({
             label: name,
             value: name,
             id,
             category,
+            isStandard: source === 'Standard',
           }))
           .sort((a, b) => {
             return a.label < b.label ? -1 : a.label > b.label ? 1 : 0;
diff --git a/public/utils/constants.ts b/public/utils/constants.ts
index 4bcf6eddf..989c8a9ae 100644
--- a/public/utils/constants.ts
+++ b/public/utils/constants.ts
@@ -149,6 +149,7 @@ export const EMPTY_DEFAULT_DETECTOR: Detector = {
   schedule: EMPTY_DEFAULT_PERIOD_SCHEDULE,
   inputs: [EMPTY_DEFAULT_DETECTOR_INPUT],
   triggers: [],
+  threat_intel_enabled: false,
 };
 
 export const EMPTY_DEFAULT_DETECTOR_HIT: DetectorHit = {
diff --git a/types/Detector.ts b/types/Detector.ts
index 7d3565b76..d4f521dcf 100644
--- a/types/Detector.ts
+++ b/types/Detector.ts
@@ -32,6 +32,7 @@ export interface Detector {
   schedule: DetectorSchedule;
   inputs: DetectorInput[];
   triggers: AlertCondition[];
+  threat_intel_enabled: boolean;
 }
 
 export interface AlertConditionRuleOption {

From 8956ab9b26475f4089368f588055690387f918df Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Thu, 19 Oct 2023 03:02:19 -0700
Subject: [PATCH 2/9] updated cypress workflow file

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 .github/workflows/cypress-workflow.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/cypress-workflow.yml b/.github/workflows/cypress-workflow.yml
index 3b6bc009d..5231e5221 100644
--- a/.github/workflows/cypress-workflow.yml
+++ b/.github/workflows/cypress-workflow.yml
@@ -7,14 +7,14 @@ on:
     branches:
       - "*"
 env:
-  OPENSEARCH_DASHBOARDS_VERSION: '2.9.0'
-  OPENSEARCH_VERSION: '2.9.0-SNAPSHOT'
-  SECURITY_ANALYTICS_BRANCH: '2.9'
+  OPENSEARCH_DASHBOARDS_VERSION: '2.11.0'
+  OPENSEARCH_VERSION: '2.11.0-SNAPSHOT'
+  SECURITY_ANALYTICS_BRANCH: '2.11'
   GRADLE_VERSION: '7.6.1'
 
   # If this variable is not empty, the package.json, opensearch_dashboards.json, and yarn.lock files will be replaced
   # with those files from the 'opensearch-project/security-analytics-dashboards-plugin' branch or commit specified.
-  OVERRIDE_REFERENCE: '2.9'
+  OVERRIDE_REFERENCE: '2.11'
 jobs:
   tests:
     name: Run Cypress E2E tests
@@ -111,7 +111,7 @@ jobs:
       - name: Run OpenSearch-Dashboards server
         run: |
           cd OpenSearch-Dashboards
-          yarn start --no-base-path --no-watch &
+          yarn start --no-base-path --no-watch --server.host="0.0.0.0" &
         shell: bash
 
       # Window is slow so wait longer

From 3085a5c755a9057ecb1ea53ed7a9585cb61c7036 Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Fri, 20 Oct 2023 11:26:19 -0700
Subject: [PATCH 3/9] updated alerts; findings UX

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 cypress/integration/1_detectors.spec.js       |   4 +-
 models/interfaces.ts                          |   1 +
 .../components/AlertFlyout/AlertFlyout.tsx    |   7 +-
 .../containers/CorrelationRules.tsx           |  35 +-
 public/pages/Correlations/utils/helpers.tsx   |  39 +-
 .../AlertCondition/AlertConditionPanel.tsx    | 484 +++++-----
 .../AlertConditionPanel.test.tsx.snap         | 856 ++++++++----------
 .../ConfigureAlerts/utils/helpers.ts          |   1 +
 .../components/FindingDetailsFlyout.tsx       |  61 +-
 .../FindingsTable/FindingsTable.tsx           |  48 +-
 .../Findings/containers/Findings/Findings.tsx |   9 +-
 public/pages/Findings/models/interfaces.ts    |   1 +
 .../Overview/models/OverviewViewModel.ts      |  31 +-
 server/services/FindingsService.ts            |  14 +
 types/Alert.ts                                |   1 +
 types/Correlations.ts                         |   4 +
 16 files changed, 779 insertions(+), 817 deletions(-)

diff --git a/cypress/integration/1_detectors.spec.js b/cypress/integration/1_detectors.spec.js
index 08785f525..cde531af7 100644
--- a/cypress/integration/1_detectors.spec.js
+++ b/cypress/integration/1_detectors.spec.js
@@ -125,7 +125,7 @@ const createDetector = (detectorName, dataSource, expectFailure) => {
 
   fillDetailsForm(detectorName, dataSource);
 
-  cy.getElementByText('.euiAccordion .euiTitle', 'Detection rules (14 selected)')
+  cy.getElementByText('.euiAccordion .euiTitle', 'Selected detection rules (14)')
     .click({ force: true, timeout: 5000 })
     .then(() => cy.contains('.euiTable .euiTableRow', 'Dns'));
 
@@ -150,8 +150,6 @@ const createDetector = (detectorName, dataSource, expectFailure) => {
     .focus()
     .blur();
 
-  cy.getFieldByLabel('Specify alert severity').selectComboboxItem('1 (Highest)');
-
   cy.intercept('POST', '/_plugins/_security_analytics/mappings').as('createMappingsRequest');
   cy.intercept('POST', '/_plugins/_security_analytics/detectors').as('createDetectorRequest');
 
diff --git a/models/interfaces.ts b/models/interfaces.ts
index b55303ad6..d219cdbe9 100644
--- a/models/interfaces.ts
+++ b/models/interfaces.ts
@@ -50,6 +50,7 @@ export interface AlertCondition {
   sev_levels: string[];
   tags: string[];
   ids: string[];
+  threat_intel_enabled: boolean;
 
   // Alert related fields
   actions: TriggerAction[];
diff --git a/public/pages/Alerts/components/AlertFlyout/AlertFlyout.tsx b/public/pages/Alerts/components/AlertFlyout/AlertFlyout.tsx
index d9d98b280..8e9c2212b 100644
--- a/public/pages/Alerts/components/AlertFlyout/AlertFlyout.tsx
+++ b/public/pages/Alerts/components/AlertFlyout/AlertFlyout.tsx
@@ -145,7 +145,7 @@ export class AlertFlyout extends React.Component<AlertFlyoutProps, AlertFlyoutSt
         name: 'Finding ID',
         sortable: true,
         dataType: 'string',
-        render: (id, finding) =>
+        render: (id, finding: any) =>
           (
             <EuiLink
               onClick={() => {
@@ -157,7 +157,10 @@ export class AlertFlyout extends React.Component<AlertFlyoutProps, AlertFlyoutSt
                     ...finding,
                     detector: { _id: detector.id as string, _index: '', _source: detector },
                     ruleName: rule.title,
-                    ruleSeverity: rule.level,
+                    ruleSeverity:
+                      rule.level === 'critical'
+                        ? rule.level
+                        : finding['ruleSeverity'] || rule.level,
                   },
                   [...this.state.findingItems, finding],
                   true,
diff --git a/public/pages/Correlations/containers/CorrelationRules.tsx b/public/pages/Correlations/containers/CorrelationRules.tsx
index bec190dd7..abf398740 100644
--- a/public/pages/Correlations/containers/CorrelationRules.tsx
+++ b/public/pages/Correlations/containers/CorrelationRules.tsx
@@ -21,21 +21,26 @@ import {
   getCorrelationRulesTableColumns,
   getCorrelationRulesTableSearchConfig,
 } from '../utils/helpers';
-import { CorrelationRule } from '../../../../types';
+import { CorrelationRule, CorrelationRuleTableItem } from '../../../../types';
 import { RouteComponentProps } from 'react-router-dom';
 import { DeleteCorrelationRuleModal } from '../components/DeleteModal';
 
 export const CorrelationRules: React.FC<RouteComponentProps> = (props: RouteComponentProps) => {
   const context = useContext(CoreServicesContext);
-  const [allRules, setAllRules] = useState<CorrelationRule[]>([]);
-  const [filteredRules, setFilteredRules] = useState<CorrelationRule[]>([]);
+  const [allRules, setAllRules] = useState<CorrelationRuleTableItem[]>([]);
   const [isDeleteModalVisible, setIsDeleteModalVisible] = useState(false);
   const [selectedRule, setSelectedRule] = useState<CorrelationRule | undefined>(undefined);
 
   const getCorrelationRules = useCallback(async () => {
     const allRuleItems: CorrelationRule[] = await DataStore.correlations.getCorrelationRules();
-    setAllRules(allRuleItems);
-    setFilteredRules(allRuleItems);
+    const allRuleTableItems: CorrelationRuleTableItem[] = allRuleItems.map((item) => {
+      const logTypes = item.queries.map((q) => q.logType).join(', ');
+      return {
+        ...item,
+        logTypes,
+      };
+    });
+    setAllRules(allRuleTableItems);
   }, [DataStore.correlations.getCorrelationRules]);
 
   useEffect(() => {
@@ -61,22 +66,6 @@ export const CorrelationRules: React.FC<RouteComponentProps> = (props: RouteComp
     []
   );
 
-  const onLogTypeFilterChange = useCallback(
-    (logTypes?: string[]) => {
-      if (!logTypes) {
-        setFilteredRules(allRules);
-        return;
-      }
-
-      const logTypesSet = new Set(logTypes);
-      const filteredRules = allRules.filter((rule) => {
-        return rule.queries.some((query) => logTypesSet.has(query.logType));
-      });
-      setFilteredRules(filteredRules);
-    },
-    [allRules]
-  );
-
   const onRuleNameClick = useCallback((rule: CorrelationRule) => {
     props.history.push({
       pathname: `${ROUTES.CORRELATION_RULE_EDIT}/${rule.id}`,
@@ -143,10 +132,10 @@ export const CorrelationRules: React.FC<RouteComponentProps> = (props: RouteComp
                   setIsDeleteModalVisible(true);
                   setSelectedRule(rule);
                 })}
-                items={filteredRules}
+                items={allRules}
                 pagination={true}
                 sorting={true}
-                search={getCorrelationRulesTableSearchConfig(onLogTypeFilterChange)}
+                search={getCorrelationRulesTableSearchConfig()}
               />
             ) : (
               <EuiEmptyPrompt
diff --git a/public/pages/Correlations/utils/helpers.tsx b/public/pages/Correlations/utils/helpers.tsx
index 4c1633f23..7979673b5 100644
--- a/public/pages/Correlations/utils/helpers.tsx
+++ b/public/pages/Correlations/utils/helpers.tsx
@@ -5,20 +5,14 @@
 
 import React from 'react';
 import { EuiBasicTableColumn, EuiBadge, EuiToolTip, EuiButtonIcon, EuiLink } from '@elastic/eui';
-import {
-  ArgsWithError,
-  ArgsWithQuery,
-  CorrelationRule,
-  CorrelationRuleQuery,
-} from '../../../../types';
+import { CorrelationRule, CorrelationRuleQuery, CorrelationRuleTableItem } from '../../../../types';
 import { Search } from '@opensearch-project/oui/src/eui_components/basic_table';
-import { FieldClause } from '@opensearch-project/oui/src/eui_components/search_bar/query/ast';
 import { formatRuleType, getLogTypeFilterOptions } from '../../../utils/helpers';
 
 export const getCorrelationRulesTableColumns = (
   onRuleNameClick: (rule: CorrelationRule) => void,
   _refreshRules: (ruleItem: CorrelationRule) => void
-): EuiBasicTableColumn<CorrelationRule>[] => {
+): EuiBasicTableColumn<CorrelationRuleTableItem>[] => {
   return [
     {
       field: 'name',
@@ -31,7 +25,8 @@ export const getCorrelationRulesTableColumns = (
     },
     {
       name: 'Log types',
-      render: (ruleItem: CorrelationRule) => {
+      field: 'logTypes',
+      render: (logTypes: string, ruleItem: CorrelationRule) => {
         const badges = [
           ...new Set(ruleItem.queries?.map((query) => formatRuleType(query.logType))),
         ];
@@ -75,33 +70,11 @@ export const getCorrelationRulesTableColumns = (
   ];
 };
 
-export const getCorrelationRulesTableSearchConfig = (
-  onLogTypeFilterChange: (logTypes?: string[]) => void
-): Search => {
+export const getCorrelationRulesTableSearchConfig = (): Search => {
   return {
     box: {
       placeholder: 'Search by rule name, log type',
-    },
-    onChange: (args: ArgsWithQuery | ArgsWithError) => {
-      if (!args.error) {
-        const logTypeFieldClauseIdx = args.query.ast.clauses.findIndex(
-          (clause) => clause.type === 'field' && clause.field === 'logTypes'
-        );
-        const logTypeFieldClause =
-          logTypeFieldClauseIdx > -1 ? args.query.ast.clauses[logTypeFieldClauseIdx] : undefined;
-
-        if (logTypeFieldClause) {
-          const logTypes = (logTypeFieldClause as FieldClause).value as string[];
-          // Need to remove the logTypes clause so that in built search doesn't try to apply it because that will return 0 results,
-          // since it requires custom logic we implemented in the `onLogTypeFilterChange` callback
-          args.query.ast.removeOrFieldClauses('logTypes');
-          onLogTypeFilterChange(logTypes);
-        } else if (args.query.ast.clauses.length === 0) {
-          onLogTypeFilterChange(undefined);
-        }
-      }
-
-      return true;
+      schema: true,
     },
     filters: [
       {
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
index 95e53e1af..88455382e 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
@@ -8,7 +8,7 @@ import { RouteComponentProps } from 'react-router-dom';
 import {
   EuiAccordion,
   EuiButton,
-  EuiButtonGroup,
+  EuiCheckbox,
   EuiComboBox,
   EuiComboBoxOptionOption,
   EuiFieldText,
@@ -16,6 +16,7 @@ import {
   EuiFlexItem,
   EuiFormRow,
   EuiSpacer,
+  EuiSwitch,
   EuiText,
   EuiTextArea,
   EuiTitle,
@@ -52,24 +53,15 @@ interface AlertConditionPanelState {
   nameIsInvalid: boolean;
   previewToggle: boolean;
   selectedNames: EuiComboBoxOptionOption<string>[];
-  selectedDetectionTypeId: string;
+  showNotificationDetails: boolean;
+  detectionRulesTriggerEnabled: boolean;
+  threatIntelTriggerEnabled: boolean;
 }
 
 export default class AlertConditionPanel extends Component<
   AlertConditionPanelProps,
   AlertConditionPanelState
 > {
-  private detectionTypeGroupBtns = [
-    {
-      id: 'detection-rules',
-      label: 'Detection rules',
-    },
-    {
-      id: 'threat-intelligence',
-      label: 'Threat intelligence',
-    },
-  ];
-
   constructor(props: AlertConditionPanelProps) {
     super(props);
     this.state = {
@@ -77,7 +69,9 @@ export default class AlertConditionPanel extends Component<
       nameIsInvalid: false,
       previewToggle: false,
       selectedNames: [],
-      selectedDetectionTypeId: this.detectionTypeGroupBtns[0].id,
+      showNotificationDetails: true,
+      detectionRulesTriggerEnabled: true,
+      threatIntelTriggerEnabled: true,
     };
   }
 
@@ -268,14 +262,21 @@ export default class AlertConditionPanel extends Component<
     const {
       alertCondition = getEmptyAlertCondition(),
       allNotificationChannels,
-      detector: { threat_intel_enabled },
+      detector: { threat_intel_enabled: threatIntelEnabledInDetector },
       indexNum,
       loadingNotifications,
       refreshNotificationChannels,
       rulesOptions,
       hasNotificationPlugin,
     } = this.props;
-    const { nameFieldTouched, nameIsInvalid, selectedNames } = this.state;
+    const {
+      nameFieldTouched,
+      nameIsInvalid,
+      selectedNames,
+      showNotificationDetails,
+      detectionRulesTriggerEnabled,
+      threatIntelTriggerEnabled,
+    } = this.state;
     const { name, sev_levels: ruleSeverityLevels, tags, severity } = alertCondition;
     const uniqueTagsOptions = new Set(
       rulesOptions.map((option) => option.tags).reduce((prev, current) => prev.concat(current), [])
@@ -352,252 +353,275 @@ export default class AlertConditionPanel extends Component<
         </EuiFormRow>
         <EuiSpacer size={'l'} />
 
-        <EuiFormRow label="Detection type">
-          {threat_intel_enabled ? (
-            <EuiButtonGroup
-              legend="Detection type button group"
-              options={this.detectionTypeGroupBtns}
-              idSelected={this.state.selectedDetectionTypeId}
-              onChange={(id: string) => {
-                this.setState({ selectedDetectionTypeId: id });
-              }}
-              isFullWidth
-            />
-          ) : (
-            <EuiText>
-              <p>Detection rules</p>
-            </EuiText>
-          )}
-        </EuiFormRow>
-        <EuiSpacer size={'l'} />
-        {threat_intel_enabled && this.state.selectedDetectionTypeId === 'threat-intelligence' ? (
-          <>
-            <EuiTitle size="xs">
-              <h4>Trigger condition</h4>
-            </EuiTitle>
-            <EuiText>
-              <p>
-                An alert will be generated when any match is found by the threat intelligence feed.
-              </p>
-            </EuiText>
-          </>
-        ) : (
-          <EuiAccordion
-            id={`trigger-details-${indexNum}`}
-            paddingSize="l"
-            initialIsOpen={this.props.isEdit}
-            buttonContent={
-              <div data-test-subj="trigger-details-btn">
-                <EuiText size={'s'}>Trigger condition</EuiText>
-                <EuiText size="s" color="subdued">
-                  {triggerDetailsSubheading}
-                </EuiText>
-              </div>
-            }
-          >
-            <EuiFormRow
-              label={
-                <EuiText size="s">
-                  <p>Rule names</p>
-                </EuiText>
-              }
-            >
-              <EuiComboBox
-                placeholder={'Any rules'}
-                options={namesOptions}
-                onChange={this.onRuleNamesChange}
-                selectedOptions={selectedNames}
-                data-test-subj={`alert-rulename-combo-box`}
-              />
-            </EuiFormRow>
-            <EuiSpacer size={'m'} />
+        <EuiTitle size="m">
+          <h3>Detection type</h3>
+        </EuiTitle>
 
-            <EuiFormRow
-              label={
-                <EuiText size="s">
-                  <p>Rule Severities</p>
-                </EuiText>
-              }
-            >
-              <EuiComboBox
-                placeholder={'Any severities'}
-                options={ruleSeverityOptions}
-                onChange={this.onRuleSeverityChange}
-                noSuggestions={false}
-                selectedOptions={createSelectedOptions(ruleSeverityLevels)}
-                data-test-subj={`alert-severity-combo-box`}
-              />
-            </EuiFormRow>
-            <EuiSpacer size={'m'} />
-
-            <EuiFormRow
-              label={
-                <EuiText size="s">
-                  <p>Tags</p>
-                </EuiText>
-              }
-            >
-              <EuiComboBox
-                placeholder={'Any tags'}
-                options={tagsOptions}
-                onChange={this.onTagsChange}
-                onCreateOption={this.onCreateTag}
-                selectedOptions={createSelectedOptions(tags)}
-                data-test-subj={'alert-tags-combo-box'}
-              />
-            </EuiFormRow>
-          </EuiAccordion>
+        {threatIntelEnabledInDetector ? (
+          <EuiCheckbox
+            id="detection-type-rules"
+            label="Detection rules"
+            checked={detectionRulesTriggerEnabled}
+            onChange={(e) => this.setState({ detectionRulesTriggerEnabled: e.target.checked })}
+          />
+        ) : (
+          <EuiText>
+            <p>Detection rules</p>
+          </EuiText>
         )}
 
-        <EuiSpacer size={'l'} />
+        <EuiSpacer size="m" />
 
-        <EuiText size="m" style={{ fontSize: 20 }}>
-          <p>Notification</p>
-        </EuiText>
-        <EuiSpacer size={'m'} />
-
-        <EuiAccordion
-          id={`notification-details-${indexNum}`}
-          initialIsOpen={true}
-          paddingSize="l"
-          buttonContent={
-            <div data-test-subj="detection-rules-btn">
-              <EuiText size={'m'}>Notification</EuiText>
-              <EuiText size="s" color="subdued">
-                {`Configure notification to receive alerts when the trigger condition is met.`}
-              </EuiText>
-            </div>
-          }
-        >
-          <EuiFormRow
-            label={
-              <EuiText size="s">
-                <p>Specify alert severity</p>
-              </EuiText>
-            }
-          >
-            <EuiComboBox
-              placeholder={'Select applicable severity levels.'}
-              async={true}
-              options={Object.values(ALERT_SEVERITY_OPTIONS)}
-              selectedOptions={
-                severity ? [parseAlertSeverityToOption(severity)] : [ALERT_SEVERITY_OPTIONS.HIGHEST]
+        {detectionRulesTriggerEnabled && (
+          <>
+            <EuiAccordion
+              id={`trigger-details-${indexNum}`}
+              paddingSize="l"
+              initialIsOpen={this.props.isEdit}
+              buttonContent={
+                <div data-test-subj="trigger-details-btn">
+                  <EuiText size={'s'}>Trigger condition</EuiText>
+                  <EuiText size="s" color="subdued">
+                    {triggerDetailsSubheading}
+                  </EuiText>
+                </div>
               }
-              onChange={this.onAlertSeverityChange}
-              singleSelection={{ asPlainText: true }}
-              isClearable={false}
-              data-test-subj={'security-levels-combo-box'}
-            />
-          </EuiFormRow>
-
-          <EuiSpacer size={'l'} />
-
-          <EuiFlexGroup alignItems="flexEnd">
-            <EuiFlexItem style={{ maxWidth: 400 }}>
+            >
               <EuiFormRow
                 label={
-                  <EuiText size="m">
-                    <p>Select channel to notify</p>
+                  <EuiText size="s">
+                    <p>Rule names</p>
                   </EuiText>
                 }
               >
                 <EuiComboBox
-                  placeholder={'Select notification channel.'}
-                  async={true}
-                  isLoading={loadingNotifications}
-                  options={allNotificationChannels as EuiComboBoxOptionOption<string>[]}
-                  selectedOptions={
-                    selectedNotificationChannelOption as EuiComboBoxOptionOption<string>[]
-                  }
-                  onChange={this.onNotificationChannelsChange}
-                  singleSelection={{ asPlainText: true }}
-                  onBlur={refreshNotificationChannels}
-                  isDisabled={!hasNotificationPlugin}
+                  placeholder={'Any rules'}
+                  options={namesOptions}
+                  onChange={this.onRuleNamesChange}
+                  selectedOptions={selectedNames}
+                  data-test-subj={`alert-rulename-combo-box`}
                 />
               </EuiFormRow>
-            </EuiFlexItem>
-            <EuiFlexItem grow={false}>
-              <EuiButton
-                href={NOTIFICATIONS_HREF}
-                iconType={'popout'}
-                target={'_blank'}
-                isDisabled={!hasNotificationPlugin}
-              >
-                Manage channels
-              </EuiButton>
-            </EuiFlexItem>
-          </EuiFlexGroup>
-
-          {!hasNotificationPlugin && (
-            <>
-              <EuiSpacer size="m" />
-              <NotificationsCallOut />
-            </>
-          )}
-        </EuiAccordion>
+              <EuiSpacer size={'m'} />
 
-        <EuiSpacer size={'l'} />
-
-        <EuiAccordion
-          id={`alert-condition-notify-msg-${indexNum}`}
-          buttonContent={
-            <EuiText size="m">
-              <p>Notification message</p>
-            </EuiText>
-          }
-          paddingSize={'l'}
-          initialIsOpen={false}
-        >
-          <EuiFlexGroup direction={'column'} style={{ width: '75%' }}>
-            <EuiFlexItem>
               <EuiFormRow
                 label={
-                  <EuiText size={'s'}>
-                    <p>Message subject</p>
+                  <EuiText size="s">
+                    <p>Rule Severities</p>
                   </EuiText>
                 }
-                fullWidth={true}
               >
-                <EuiFieldText
-                  placeholder={'Enter a subject for the notification message.'}
-                  value={alertCondition.actions[0]?.subject_template.source}
-                  onChange={(e) => this.onMessageSubjectChange(e.target.value)}
-                  required={true}
-                  fullWidth={true}
+                <EuiComboBox
+                  placeholder={'Any severities'}
+                  options={ruleSeverityOptions}
+                  onChange={this.onRuleSeverityChange}
+                  noSuggestions={false}
+                  selectedOptions={createSelectedOptions(ruleSeverityLevels)}
+                  data-test-subj={`alert-severity-combo-box`}
                 />
               </EuiFormRow>
-            </EuiFlexItem>
+              <EuiSpacer size={'m'} />
 
-            <EuiFlexItem>
               <EuiFormRow
                 label={
                   <EuiText size="s">
-                    <p>Message body</p>
+                    <p>Tags</p>
                   </EuiText>
                 }
-                fullWidth={true}
               >
-                <EuiTextArea
-                  placeholder={'Enter the content of the notification message.'}
-                  value={alertCondition.actions[0]?.message_template.source}
-                  onChange={(e) => this.onMessageBodyChange(e.target.value)}
-                  required={true}
-                  fullWidth={true}
+                <EuiComboBox
+                  placeholder={'Any tags'}
+                  options={tagsOptions}
+                  onChange={this.onTagsChange}
+                  onCreateOption={this.onCreateTag}
+                  selectedOptions={createSelectedOptions(tags)}
+                  data-test-subj={'alert-tags-combo-box'}
                 />
               </EuiFormRow>
-            </EuiFlexItem>
+            </EuiAccordion>
 
-            <EuiFlexItem>
-              <EuiFormRow>
-                <EuiButton fullWidth={false} onClick={() => this.prepareMessage(true)}>
-                  Generate message
-                </EuiButton>
-              </EuiFormRow>
-            </EuiFlexItem>
-          </EuiFlexGroup>
-        </EuiAccordion>
+            <EuiSpacer size="m" />
+          </>
+        )}
 
-        <EuiSpacer size="xl" />
+        {threatIntelEnabledInDetector && (
+          <>
+            <EuiCheckbox
+              id="detection-type-threat-intel"
+              label="Threat intelligence"
+              checked={threatIntelTriggerEnabled}
+              onChange={(e) => this.setState({ threatIntelTriggerEnabled: e.target.checked })}
+            />
+
+            {threatIntelTriggerEnabled && (
+              <>
+                <EuiSpacer size="s" />
+                <EuiText>
+                  <p>
+                    An alert will be generated when any match is found by the threat intelligence
+                    feed.
+                  </p>
+                </EuiText>
+                <EuiSpacer size="s" />
+              </>
+            )}
+          </>
+        )}
+
+        <EuiSpacer size="s" />
+
+        {!detectionRulesTriggerEnabled && !threatIntelTriggerEnabled && (
+          <>
+            <EuiText color="danger">
+              <p>Select detection type for the trigger</p>
+            </EuiText>
+            <EuiSpacer size="s" />
+          </>
+        )}
+
+        <EuiSpacer size="l" />
+        <EuiSwitch
+          label="Send notification"
+          checked={showNotificationDetails}
+          onChange={(e) => this.setState({ showNotificationDetails: e.target.checked })}
+        />
+
+        <EuiSpacer />
+
+        {showNotificationDetails && (
+          <>
+            <EuiFormRow
+              label={
+                <EuiText size="s">
+                  <p>Alert severity</p>
+                </EuiText>
+              }
+            >
+              <EuiComboBox
+                placeholder={'Select applicable severity levels.'}
+                async={true}
+                options={Object.values(ALERT_SEVERITY_OPTIONS)}
+                selectedOptions={
+                  severity
+                    ? [parseAlertSeverityToOption(severity)]
+                    : [ALERT_SEVERITY_OPTIONS.HIGHEST]
+                }
+                onChange={this.onAlertSeverityChange}
+                singleSelection={{ asPlainText: true }}
+                isClearable={false}
+                data-test-subj={'security-levels-combo-box'}
+              />
+            </EuiFormRow>
+
+            <EuiSpacer size={'l'} />
+
+            <EuiFlexGroup alignItems="flexEnd">
+              <EuiFlexItem style={{ maxWidth: 400 }}>
+                <EuiFormRow
+                  label={
+                    <EuiText size="m">
+                      <p>Notification channel</p>
+                    </EuiText>
+                  }
+                >
+                  <EuiComboBox
+                    placeholder={'Select notification channel.'}
+                    async={true}
+                    isLoading={loadingNotifications}
+                    options={allNotificationChannels as EuiComboBoxOptionOption<string>[]}
+                    selectedOptions={
+                      selectedNotificationChannelOption as EuiComboBoxOptionOption<string>[]
+                    }
+                    onChange={this.onNotificationChannelsChange}
+                    singleSelection={{ asPlainText: true }}
+                    onBlur={refreshNotificationChannels}
+                    isDisabled={!hasNotificationPlugin}
+                  />
+                </EuiFormRow>
+              </EuiFlexItem>
+              <EuiFlexItem grow={false}>
+                <EuiButton
+                  href={NOTIFICATIONS_HREF}
+                  iconType={'popout'}
+                  target={'_blank'}
+                  isDisabled={!hasNotificationPlugin}
+                >
+                  Manage channels
+                </EuiButton>
+              </EuiFlexItem>
+            </EuiFlexGroup>
+
+            {!hasNotificationPlugin && (
+              <>
+                <EuiSpacer size="m" />
+                <NotificationsCallOut />
+              </>
+            )}
+
+            <EuiSpacer size={'l'} />
+
+            <EuiAccordion
+              id={`alert-condition-notify-msg-${indexNum}`}
+              buttonContent={
+                <EuiText size="m">
+                  <p>Notification message</p>
+                </EuiText>
+              }
+              paddingSize={'l'}
+              initialIsOpen={false}
+            >
+              <EuiFlexGroup direction={'column'} style={{ width: '75%' }}>
+                <EuiFlexItem>
+                  <EuiFormRow
+                    label={
+                      <EuiText size={'s'}>
+                        <p>Message subject</p>
+                      </EuiText>
+                    }
+                    fullWidth={true}
+                  >
+                    <EuiFieldText
+                      placeholder={'Enter a subject for the notification message.'}
+                      value={alertCondition.actions[0]?.subject_template.source}
+                      onChange={(e) => this.onMessageSubjectChange(e.target.value)}
+                      required={true}
+                      fullWidth={true}
+                    />
+                  </EuiFormRow>
+                </EuiFlexItem>
+
+                <EuiFlexItem>
+                  <EuiFormRow
+                    label={
+                      <EuiText size="s">
+                        <p>Message body</p>
+                      </EuiText>
+                    }
+                    fullWidth={true}
+                  >
+                    <EuiTextArea
+                      placeholder={'Enter the content of the notification message.'}
+                      value={alertCondition.actions[0]?.message_template.source}
+                      onChange={(e) => this.onMessageBodyChange(e.target.value)}
+                      required={true}
+                      fullWidth={true}
+                    />
+                  </EuiFormRow>
+                </EuiFlexItem>
+
+                <EuiFlexItem>
+                  <EuiFormRow>
+                    <EuiButton fullWidth={false} onClick={() => this.prepareMessage(true)}>
+                      Generate message
+                    </EuiButton>
+                  </EuiFormRow>
+                </EuiFlexItem>
+              </EuiFlexGroup>
+            </EuiAccordion>
+
+            <EuiSpacer size="xl" />
+          </>
+        )}
       </div>
     );
   }
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
index 4a4c09074..fc7702f54 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
@@ -51,35 +51,20 @@ Object {
         <div
           class="euiSpacer euiSpacer--l"
         />
+        <h3
+          class="euiTitle euiTitle--medium"
+        >
+          Detection type
+        </h3>
         <div
-          class="euiFormRow"
-          id="some_html_id-row"
+          class="euiText euiText--medium"
         >
-          <div
-            class="euiFormRow__labelWrapper"
-          >
-            <label
-              class="euiFormLabel euiFormRow__label"
-              for="some_html_id"
-            >
-              Detection type
-            </label>
-          </div>
-          <div
-            class="euiFormRow__fieldWrapper"
-          >
-            <div
-              class="euiText euiText--medium"
-              id="some_html_id"
-            >
-              <p>
-                Detection rules
-              </p>
-            </div>
-          </div>
+          <p>
+            Detection rules
+          </p>
         </div>
         <div
-          class="euiSpacer euiSpacer--l"
+          class="euiSpacer euiSpacer--m"
         />
         <div
           class="euiAccordion"
@@ -440,271 +425,244 @@ Object {
             </div>
           </div>
         </div>
+        <div
+          class="euiSpacer euiSpacer--m"
+        />
+        <div
+          class="euiSpacer euiSpacer--s"
+        />
         <div
           class="euiSpacer euiSpacer--l"
         />
         <div
-          class="euiText euiText--medium"
-          style="font-size: 20px;"
+          class="euiSwitch"
         >
-          <p>
-            Notification
-          </p>
+          <button
+            aria-checked="true"
+            aria-labelledby="some_html_id"
+            class="euiSwitch__button"
+            id="some_html_id"
+            role="switch"
+            type="button"
+          >
+            <span
+              class="euiSwitch__body"
+            >
+              <span
+                class="euiSwitch__thumb"
+              />
+              <span
+                class="euiSwitch__track"
+              >
+                EuiIconMock
+                EuiIconMock
+              </span>
+            </span>
+          </button>
+          <span
+            class="euiSwitch__label"
+            id="some_html_id"
+          >
+            Send notification
+          </span>
         </div>
         <div
-          class="euiSpacer euiSpacer--m"
+          class="euiSpacer euiSpacer--l"
         />
         <div
-          class="euiAccordion euiAccordion-isOpen"
+          class="euiFormRow"
+          id="some_html_id-row"
         >
           <div
-            class="euiAccordion__triggerWrapper"
+            class="euiFormRow__labelWrapper"
           >
-            <button
-              aria-controls="notification-details-0"
-              aria-expanded="true"
-              class="euiAccordion__button"
-              id="some_html_id"
-              type="button"
+            <label
+              class="euiFormLabel euiFormRow__label"
+              for="some_html_id"
             >
-              <span
-                class="euiAccordion__iconWrapper"
+              <div
+                class="euiText euiText--small"
               >
-                EuiIconMock
-              </span>
-              <span
-                class="euiIEFlexWrapFix"
+                <p>
+                  Alert severity
+                </p>
+              </div>
+            </label>
+          </div>
+          <div
+            class="euiFormRow__fieldWrapper"
+          >
+            <div
+              aria-expanded="false"
+              aria-haspopup="listbox"
+              class="euiComboBox"
+              data-test-subj="security-levels-combo-box"
+              role="combobox"
+            >
+              <div
+                class="euiFormControlLayout"
               >
                 <div
-                  data-test-subj="detection-rules-btn"
+                  class="euiFormControlLayout__childrenWrapper"
                 >
                   <div
-                    class="euiText euiText--medium"
+                    class="euiComboBox__inputWrap euiComboBox__inputWrap--noWrap"
+                    data-test-subj="comboBoxInput"
+                    tabindex="-1"
                   >
-                    Notification
+                    <span
+                      class="euiComboBoxPill euiComboBoxPill--plainText"
+                      id="1"
+                      text="1 (Highest)"
+                      value="1"
+                    >
+                      1 (Highest)
+                    </span>
+                    <div
+                      class="euiComboBox__input"
+                      style="font-size: 14px; display: inline-block;"
+                    >
+                      <input
+                        aria-controls=""
+                        data-test-subj="comboBoxSearchInput"
+                        id="some_html_id"
+                        role="textbox"
+                        style="box-sizing: content-box; width: 2px;"
+                        value=""
+                      />
+                      <div
+                        style="position: absolute; top: 0px; left: 0px; visibility: hidden; height: 0px; overflow: scroll; white-space: pre; font-family: -webkit-small-control; letter-spacing: normal; text-transform: none;"
+                      />
+                    </div>
                   </div>
                   <div
-                    class="euiText euiText--small"
+                    class="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
                   >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
+                    <button
+                      aria-label="Open list of options"
+                      class="euiFormControlLayoutCustomIcon euiFormControlLayoutCustomIcon--clickable"
+                      data-test-subj="comboBoxToggleListButton"
+                      type="button"
                     >
-                      Configure notification to receive alerts when the trigger condition is met.
-                    </div>
+                      EuiIconMock
+                    </button>
                   </div>
                 </div>
-              </span>
-            </button>
+              </div>
+            </div>
           </div>
+        </div>
+        <div
+          class="euiSpacer euiSpacer--l"
+        />
+        <div
+          class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--alignItemsFlexEnd euiFlexGroup--directionRow euiFlexGroup--responsive"
+        >
           <div
-            aria-labelledby="some_html_id"
-            class="euiAccordion__childWrapper"
-            id="notification-details-0"
-            role="region"
-            tabindex="-1"
+            class="euiFlexItem"
+            style="max-width: 400px;"
           >
-            <div>
+            <div
+              class="euiFormRow"
+              id="some_html_id-row"
+            >
               <div
-                class="euiAccordion__padding--l"
+                class="euiFormRow__labelWrapper"
               >
-                <div
-                  class="euiFormRow"
-                  id="some_html_id-row"
+                <label
+                  class="euiFormLabel euiFormRow__label"
+                  for="some_html_id"
                 >
                   <div
-                    class="euiFormRow__labelWrapper"
-                  >
-                    <label
-                      class="euiFormLabel euiFormRow__label"
-                      for="some_html_id"
-                    >
-                      <div
-                        class="euiText euiText--small"
-                      >
-                        <p>
-                          Specify alert severity
-                        </p>
-                      </div>
-                    </label>
-                  </div>
-                  <div
-                    class="euiFormRow__fieldWrapper"
+                    class="euiText euiText--medium"
                   >
-                    <div
-                      aria-expanded="false"
-                      aria-haspopup="listbox"
-                      class="euiComboBox"
-                      data-test-subj="security-levels-combo-box"
-                      role="combobox"
-                    >
-                      <div
-                        class="euiFormControlLayout"
-                      >
-                        <div
-                          class="euiFormControlLayout__childrenWrapper"
-                        >
-                          <div
-                            class="euiComboBox__inputWrap euiComboBox__inputWrap--noWrap"
-                            data-test-subj="comboBoxInput"
-                            tabindex="-1"
-                          >
-                            <span
-                              class="euiComboBoxPill euiComboBoxPill--plainText"
-                              id="1"
-                              text="1 (Highest)"
-                              value="1"
-                            >
-                              1 (Highest)
-                            </span>
-                            <div
-                              class="euiComboBox__input"
-                              style="font-size: 14px; display: inline-block;"
-                            >
-                              <input
-                                aria-controls=""
-                                data-test-subj="comboBoxSearchInput"
-                                id="some_html_id"
-                                role="textbox"
-                                style="box-sizing: content-box; width: 2px;"
-                                value=""
-                              />
-                              <div
-                                style="position: absolute; top: 0px; left: 0px; visibility: hidden; height: 0px; overflow: scroll; white-space: pre; font-family: -webkit-small-control; letter-spacing: normal; text-transform: none;"
-                              />
-                            </div>
-                          </div>
-                          <div
-                            class="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
-                          >
-                            <button
-                              aria-label="Open list of options"
-                              class="euiFormControlLayoutCustomIcon euiFormControlLayoutCustomIcon--clickable"
-                              data-test-subj="comboBoxToggleListButton"
-                              type="button"
-                            >
-                              EuiIconMock
-                            </button>
-                          </div>
-                        </div>
-                      </div>
-                    </div>
+                    <p>
+                      Notification channel
+                    </p>
                   </div>
-                </div>
-                <div
-                  class="euiSpacer euiSpacer--l"
-                />
+                </label>
+              </div>
+              <div
+                class="euiFormRow__fieldWrapper"
+              >
                 <div
-                  class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--alignItemsFlexEnd euiFlexGroup--directionRow euiFlexGroup--responsive"
+                  aria-expanded="false"
+                  aria-haspopup="listbox"
+                  class="euiComboBox"
+                  role="combobox"
                 >
                   <div
-                    class="euiFlexItem"
-                    style="max-width: 400px;"
+                    class="euiFormControlLayout"
                   >
                     <div
-                      class="euiFormRow"
-                      id="some_html_id-row"
+                      class="euiFormControlLayout__childrenWrapper"
                     >
                       <div
-                        class="euiFormRow__labelWrapper"
+                        class="euiComboBox__inputWrap euiComboBox__inputWrap--noWrap euiComboBox__inputWrap-isClearable"
+                        data-test-subj="comboBoxInput"
+                        tabindex="-1"
                       >
-                        <label
-                          class="euiFormLabel euiFormRow__label"
-                          for="some_html_id"
+                        <p
+                          class="euiComboBoxPlaceholder"
                         >
-                          <div
-                            class="euiText euiText--medium"
-                          >
-                            <p>
-                              Select channel to notify
-                            </p>
-                          </div>
-                        </label>
-                      </div>
-                      <div
-                        class="euiFormRow__fieldWrapper"
-                      >
+                          Select notification channel.
+                        </p>
                         <div
-                          aria-expanded="false"
-                          aria-haspopup="listbox"
-                          class="euiComboBox"
-                          role="combobox"
+                          class="euiComboBox__input"
+                          style="font-size: 14px; display: inline-block;"
                         >
+                          <input
+                            aria-controls=""
+                            data-test-subj="comboBoxSearchInput"
+                            id="some_html_id"
+                            role="textbox"
+                            style="box-sizing: content-box; width: 2px;"
+                            value=""
+                          />
                           <div
-                            class="euiFormControlLayout"
-                          >
-                            <div
-                              class="euiFormControlLayout__childrenWrapper"
-                            >
-                              <div
-                                class="euiComboBox__inputWrap euiComboBox__inputWrap--noWrap euiComboBox__inputWrap-isClearable"
-                                data-test-subj="comboBoxInput"
-                                tabindex="-1"
-                              >
-                                <p
-                                  class="euiComboBoxPlaceholder"
-                                >
-                                  Select notification channel.
-                                </p>
-                                <div
-                                  class="euiComboBox__input"
-                                  style="font-size: 14px; display: inline-block;"
-                                >
-                                  <input
-                                    aria-controls=""
-                                    data-test-subj="comboBoxSearchInput"
-                                    id="some_html_id"
-                                    role="textbox"
-                                    style="box-sizing: content-box; width: 2px;"
-                                    value=""
-                                  />
-                                  <div
-                                    style="position: absolute; top: 0px; left: 0px; visibility: hidden; height: 0px; overflow: scroll; white-space: pre; font-family: -webkit-small-control; letter-spacing: normal; text-transform: none;"
-                                  />
-                                </div>
-                              </div>
-                              <div
-                                class="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
-                              >
-                                <button
-                                  aria-label="Open list of options"
-                                  class="euiFormControlLayoutCustomIcon euiFormControlLayoutCustomIcon--clickable"
-                                  data-test-subj="comboBoxToggleListButton"
-                                  type="button"
-                                >
-                                  EuiIconMock
-                                </button>
-                              </div>
-                            </div>
-                          </div>
+                            style="position: absolute; top: 0px; left: 0px; visibility: hidden; height: 0px; overflow: scroll; white-space: pre; font-family: -webkit-small-control; letter-spacing: normal; text-transform: none;"
+                          />
                         </div>
                       </div>
-                    </div>
-                  </div>
-                  <div
-                    class="euiFlexItem euiFlexItem--flexGrowZero"
-                  >
-                    <a
-                      class="euiButton euiButton--primary"
-                      href="notifications-dashboards#/channels"
-                      rel="noopener noreferrer"
-                      target="_blank"
-                    >
-                      <span
-                        class="euiButtonContent euiButton__content"
+                      <div
+                        class="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
                       >
-                        EuiIconMock
-                        <span
-                          class="euiButton__text"
+                        <button
+                          aria-label="Open list of options"
+                          class="euiFormControlLayoutCustomIcon euiFormControlLayoutCustomIcon--clickable"
+                          data-test-subj="comboBoxToggleListButton"
+                          type="button"
                         >
-                          Manage channels
-                        </span>
-                      </span>
-                    </a>
+                          EuiIconMock
+                        </button>
+                      </div>
+                    </div>
                   </div>
                 </div>
               </div>
             </div>
           </div>
+          <div
+            class="euiFlexItem euiFlexItem--flexGrowZero"
+          >
+            <a
+              class="euiButton euiButton--primary"
+              href="notifications-dashboards#/channels"
+              rel="noopener noreferrer"
+              target="_blank"
+            >
+              <span
+                class="euiButtonContent euiButton__content"
+              >
+                EuiIconMock
+                <span
+                  class="euiButton__text"
+                >
+                  Manage channels
+                </span>
+              </span>
+            </a>
+          </div>
         </div>
         <div
           class="euiSpacer euiSpacer--l"
@@ -924,35 +882,20 @@ Object {
       <div
         class="euiSpacer euiSpacer--l"
       />
+      <h3
+        class="euiTitle euiTitle--medium"
+      >
+        Detection type
+      </h3>
       <div
-        class="euiFormRow"
-        id="some_html_id-row"
+        class="euiText euiText--medium"
       >
-        <div
-          class="euiFormRow__labelWrapper"
-        >
-          <label
-            class="euiFormLabel euiFormRow__label"
-            for="some_html_id"
-          >
-            Detection type
-          </label>
-        </div>
-        <div
-          class="euiFormRow__fieldWrapper"
-        >
-          <div
-            class="euiText euiText--medium"
-            id="some_html_id"
-          >
-            <p>
-              Detection rules
-            </p>
-          </div>
-        </div>
+        <p>
+          Detection rules
+        </p>
       </div>
       <div
-        class="euiSpacer euiSpacer--l"
+        class="euiSpacer euiSpacer--m"
       />
       <div
         class="euiAccordion"
@@ -1313,271 +1256,244 @@ Object {
           </div>
         </div>
       </div>
+      <div
+        class="euiSpacer euiSpacer--m"
+      />
+      <div
+        class="euiSpacer euiSpacer--s"
+      />
       <div
         class="euiSpacer euiSpacer--l"
       />
       <div
-        class="euiText euiText--medium"
-        style="font-size: 20px;"
+        class="euiSwitch"
       >
-        <p>
-          Notification
-        </p>
+        <button
+          aria-checked="true"
+          aria-labelledby="some_html_id"
+          class="euiSwitch__button"
+          id="some_html_id"
+          role="switch"
+          type="button"
+        >
+          <span
+            class="euiSwitch__body"
+          >
+            <span
+              class="euiSwitch__thumb"
+            />
+            <span
+              class="euiSwitch__track"
+            >
+              EuiIconMock
+              EuiIconMock
+            </span>
+          </span>
+        </button>
+        <span
+          class="euiSwitch__label"
+          id="some_html_id"
+        >
+          Send notification
+        </span>
       </div>
       <div
-        class="euiSpacer euiSpacer--m"
+        class="euiSpacer euiSpacer--l"
       />
       <div
-        class="euiAccordion euiAccordion-isOpen"
+        class="euiFormRow"
+        id="some_html_id-row"
       >
         <div
-          class="euiAccordion__triggerWrapper"
+          class="euiFormRow__labelWrapper"
         >
-          <button
-            aria-controls="notification-details-0"
-            aria-expanded="true"
-            class="euiAccordion__button"
-            id="some_html_id"
-            type="button"
+          <label
+            class="euiFormLabel euiFormRow__label"
+            for="some_html_id"
           >
-            <span
-              class="euiAccordion__iconWrapper"
+            <div
+              class="euiText euiText--small"
             >
-              EuiIconMock
-            </span>
-            <span
-              class="euiIEFlexWrapFix"
+              <p>
+                Alert severity
+              </p>
+            </div>
+          </label>
+        </div>
+        <div
+          class="euiFormRow__fieldWrapper"
+        >
+          <div
+            aria-expanded="false"
+            aria-haspopup="listbox"
+            class="euiComboBox"
+            data-test-subj="security-levels-combo-box"
+            role="combobox"
+          >
+            <div
+              class="euiFormControlLayout"
             >
               <div
-                data-test-subj="detection-rules-btn"
+                class="euiFormControlLayout__childrenWrapper"
               >
                 <div
-                  class="euiText euiText--medium"
+                  class="euiComboBox__inputWrap euiComboBox__inputWrap--noWrap"
+                  data-test-subj="comboBoxInput"
+                  tabindex="-1"
                 >
-                  Notification
+                  <span
+                    class="euiComboBoxPill euiComboBoxPill--plainText"
+                    id="1"
+                    text="1 (Highest)"
+                    value="1"
+                  >
+                    1 (Highest)
+                  </span>
+                  <div
+                    class="euiComboBox__input"
+                    style="font-size: 14px; display: inline-block;"
+                  >
+                    <input
+                      aria-controls=""
+                      data-test-subj="comboBoxSearchInput"
+                      id="some_html_id"
+                      role="textbox"
+                      style="box-sizing: content-box; width: 2px;"
+                      value=""
+                    />
+                    <div
+                      style="position: absolute; top: 0px; left: 0px; visibility: hidden; height: 0px; overflow: scroll; white-space: pre; font-family: -webkit-small-control; letter-spacing: normal; text-transform: none;"
+                    />
+                  </div>
                 </div>
                 <div
-                  class="euiText euiText--small"
+                  class="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
                 >
-                  <div
-                    class="euiTextColor euiTextColor--subdued"
+                  <button
+                    aria-label="Open list of options"
+                    class="euiFormControlLayoutCustomIcon euiFormControlLayoutCustomIcon--clickable"
+                    data-test-subj="comboBoxToggleListButton"
+                    type="button"
                   >
-                    Configure notification to receive alerts when the trigger condition is met.
-                  </div>
+                    EuiIconMock
+                  </button>
                 </div>
               </div>
-            </span>
-          </button>
+            </div>
+          </div>
         </div>
+      </div>
+      <div
+        class="euiSpacer euiSpacer--l"
+      />
+      <div
+        class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--alignItemsFlexEnd euiFlexGroup--directionRow euiFlexGroup--responsive"
+      >
         <div
-          aria-labelledby="some_html_id"
-          class="euiAccordion__childWrapper"
-          id="notification-details-0"
-          role="region"
-          tabindex="-1"
+          class="euiFlexItem"
+          style="max-width: 400px;"
         >
-          <div>
+          <div
+            class="euiFormRow"
+            id="some_html_id-row"
+          >
             <div
-              class="euiAccordion__padding--l"
+              class="euiFormRow__labelWrapper"
             >
-              <div
-                class="euiFormRow"
-                id="some_html_id-row"
+              <label
+                class="euiFormLabel euiFormRow__label"
+                for="some_html_id"
               >
                 <div
-                  class="euiFormRow__labelWrapper"
-                >
-                  <label
-                    class="euiFormLabel euiFormRow__label"
-                    for="some_html_id"
-                  >
-                    <div
-                      class="euiText euiText--small"
-                    >
-                      <p>
-                        Specify alert severity
-                      </p>
-                    </div>
-                  </label>
-                </div>
-                <div
-                  class="euiFormRow__fieldWrapper"
+                  class="euiText euiText--medium"
                 >
-                  <div
-                    aria-expanded="false"
-                    aria-haspopup="listbox"
-                    class="euiComboBox"
-                    data-test-subj="security-levels-combo-box"
-                    role="combobox"
-                  >
-                    <div
-                      class="euiFormControlLayout"
-                    >
-                      <div
-                        class="euiFormControlLayout__childrenWrapper"
-                      >
-                        <div
-                          class="euiComboBox__inputWrap euiComboBox__inputWrap--noWrap"
-                          data-test-subj="comboBoxInput"
-                          tabindex="-1"
-                        >
-                          <span
-                            class="euiComboBoxPill euiComboBoxPill--plainText"
-                            id="1"
-                            text="1 (Highest)"
-                            value="1"
-                          >
-                            1 (Highest)
-                          </span>
-                          <div
-                            class="euiComboBox__input"
-                            style="font-size: 14px; display: inline-block;"
-                          >
-                            <input
-                              aria-controls=""
-                              data-test-subj="comboBoxSearchInput"
-                              id="some_html_id"
-                              role="textbox"
-                              style="box-sizing: content-box; width: 2px;"
-                              value=""
-                            />
-                            <div
-                              style="position: absolute; top: 0px; left: 0px; visibility: hidden; height: 0px; overflow: scroll; white-space: pre; font-family: -webkit-small-control; letter-spacing: normal; text-transform: none;"
-                            />
-                          </div>
-                        </div>
-                        <div
-                          class="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
-                        >
-                          <button
-                            aria-label="Open list of options"
-                            class="euiFormControlLayoutCustomIcon euiFormControlLayoutCustomIcon--clickable"
-                            data-test-subj="comboBoxToggleListButton"
-                            type="button"
-                          >
-                            EuiIconMock
-                          </button>
-                        </div>
-                      </div>
-                    </div>
-                  </div>
+                  <p>
+                    Notification channel
+                  </p>
                 </div>
-              </div>
-              <div
-                class="euiSpacer euiSpacer--l"
-              />
+              </label>
+            </div>
+            <div
+              class="euiFormRow__fieldWrapper"
+            >
               <div
-                class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--alignItemsFlexEnd euiFlexGroup--directionRow euiFlexGroup--responsive"
+                aria-expanded="false"
+                aria-haspopup="listbox"
+                class="euiComboBox"
+                role="combobox"
               >
                 <div
-                  class="euiFlexItem"
-                  style="max-width: 400px;"
+                  class="euiFormControlLayout"
                 >
                   <div
-                    class="euiFormRow"
-                    id="some_html_id-row"
+                    class="euiFormControlLayout__childrenWrapper"
                   >
                     <div
-                      class="euiFormRow__labelWrapper"
+                      class="euiComboBox__inputWrap euiComboBox__inputWrap--noWrap euiComboBox__inputWrap-isClearable"
+                      data-test-subj="comboBoxInput"
+                      tabindex="-1"
                     >
-                      <label
-                        class="euiFormLabel euiFormRow__label"
-                        for="some_html_id"
+                      <p
+                        class="euiComboBoxPlaceholder"
                       >
-                        <div
-                          class="euiText euiText--medium"
-                        >
-                          <p>
-                            Select channel to notify
-                          </p>
-                        </div>
-                      </label>
-                    </div>
-                    <div
-                      class="euiFormRow__fieldWrapper"
-                    >
+                        Select notification channel.
+                      </p>
                       <div
-                        aria-expanded="false"
-                        aria-haspopup="listbox"
-                        class="euiComboBox"
-                        role="combobox"
+                        class="euiComboBox__input"
+                        style="font-size: 14px; display: inline-block;"
                       >
+                        <input
+                          aria-controls=""
+                          data-test-subj="comboBoxSearchInput"
+                          id="some_html_id"
+                          role="textbox"
+                          style="box-sizing: content-box; width: 2px;"
+                          value=""
+                        />
                         <div
-                          class="euiFormControlLayout"
-                        >
-                          <div
-                            class="euiFormControlLayout__childrenWrapper"
-                          >
-                            <div
-                              class="euiComboBox__inputWrap euiComboBox__inputWrap--noWrap euiComboBox__inputWrap-isClearable"
-                              data-test-subj="comboBoxInput"
-                              tabindex="-1"
-                            >
-                              <p
-                                class="euiComboBoxPlaceholder"
-                              >
-                                Select notification channel.
-                              </p>
-                              <div
-                                class="euiComboBox__input"
-                                style="font-size: 14px; display: inline-block;"
-                              >
-                                <input
-                                  aria-controls=""
-                                  data-test-subj="comboBoxSearchInput"
-                                  id="some_html_id"
-                                  role="textbox"
-                                  style="box-sizing: content-box; width: 2px;"
-                                  value=""
-                                />
-                                <div
-                                  style="position: absolute; top: 0px; left: 0px; visibility: hidden; height: 0px; overflow: scroll; white-space: pre; font-family: -webkit-small-control; letter-spacing: normal; text-transform: none;"
-                                />
-                              </div>
-                            </div>
-                            <div
-                              class="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
-                            >
-                              <button
-                                aria-label="Open list of options"
-                                class="euiFormControlLayoutCustomIcon euiFormControlLayoutCustomIcon--clickable"
-                                data-test-subj="comboBoxToggleListButton"
-                                type="button"
-                              >
-                                EuiIconMock
-                              </button>
-                            </div>
-                          </div>
-                        </div>
+                          style="position: absolute; top: 0px; left: 0px; visibility: hidden; height: 0px; overflow: scroll; white-space: pre; font-family: -webkit-small-control; letter-spacing: normal; text-transform: none;"
+                        />
                       </div>
                     </div>
-                  </div>
-                </div>
-                <div
-                  class="euiFlexItem euiFlexItem--flexGrowZero"
-                >
-                  <a
-                    class="euiButton euiButton--primary"
-                    href="notifications-dashboards#/channels"
-                    rel="noopener noreferrer"
-                    target="_blank"
-                  >
-                    <span
-                      class="euiButtonContent euiButton__content"
+                    <div
+                      class="euiFormControlLayoutIcons euiFormControlLayoutIcons--right"
                     >
-                      EuiIconMock
-                      <span
-                        class="euiButton__text"
+                      <button
+                        aria-label="Open list of options"
+                        class="euiFormControlLayoutCustomIcon euiFormControlLayoutCustomIcon--clickable"
+                        data-test-subj="comboBoxToggleListButton"
+                        type="button"
                       >
-                        Manage channels
-                      </span>
-                    </span>
-                  </a>
+                        EuiIconMock
+                      </button>
+                    </div>
+                  </div>
                 </div>
               </div>
             </div>
           </div>
         </div>
+        <div
+          class="euiFlexItem euiFlexItem--flexGrowZero"
+        >
+          <a
+            class="euiButton euiButton--primary"
+            href="notifications-dashboards#/channels"
+            rel="noopener noreferrer"
+            target="_blank"
+          >
+            <span
+              class="euiButtonContent euiButton__content"
+            >
+              EuiIconMock
+              <span
+                class="euiButton__text"
+              >
+                Manage channels
+              </span>
+            </span>
+          </a>
+        </div>
       </div>
       <div
         class="euiSpacer euiSpacer--l"
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/utils/helpers.ts b/public/pages/CreateDetector/components/ConfigureAlerts/utils/helpers.ts
index 23896fb1c..5c31bce30 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/utils/helpers.ts
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/utils/helpers.ts
@@ -78,5 +78,6 @@ export function getEmptyAlertCondition(conditionName: string = ''): AlertConditi
     types: [],
     severity: '1',
     ids: [],
+    threat_intel_enabled: true,
   };
 }
diff --git a/public/pages/Findings/components/FindingDetailsFlyout.tsx b/public/pages/Findings/components/FindingDetailsFlyout.tsx
index 9adba27e8..166e1de1d 100644
--- a/public/pages/Findings/components/FindingDetailsFlyout.tsx
+++ b/public/pages/Findings/components/FindingDetailsFlyout.tsx
@@ -45,6 +45,7 @@ import { CorrelationFinding, RuleItemInfoBase } from '../../../../types';
 import { FindingFlyoutTabId, FindingFlyoutTabs } from '../utils/constants';
 import { DataStore } from '../../../store/DataStore';
 import { CorrelationsTable } from './CorrelationsTable/CorrelationsTable';
+import { getSeverityColor } from '../../Correlations/utils/constants';
 
 export interface FindingDetailsFlyoutBaseProps {
   finding: FindingItemType;
@@ -441,17 +442,44 @@ export default class FindingDetailsFlyout extends Component<
 
   private createFindingDetails(isDocumentLoading: boolean) {
     const {
-      finding: { queries },
+      finding: { queries, detectionType },
     } = this.props;
 
+    const showThreatDetectionInfo = detectionType.includes('Threat');
+    const showRuleDetailsInfo = detectionType.includes('Detection');
+    const severity = 'High';
+    const { background, text } = getSeverityColor(severity);
+
     return (
       <>
-        <EuiTitle size={'s'}>
-          <h3>Rule details</h3>
-        </EuiTitle>
-        <EuiSpacer size={'m'} />
-        {this.renderRuleDetails(queries)}
-        <EuiSpacer size="l" />
+        {showThreatDetectionInfo && (
+          <>
+            <EuiTitle size={'s'}>
+              <h3>Threat intelligence feed</h3>
+            </EuiTitle>
+            <EuiSpacer size={'m'} />
+            <div>
+              Severity{' '}
+              <EuiBadge color={background} style={{ color: text }}>
+                {severity}
+              </EuiBadge>
+            </div>
+            <EuiSpacer size="s" />
+            <EuiText>
+              <p>This finding is generated from a threat intelligence feed IOCs.</p>
+            </EuiText>
+            <EuiSpacer size={'l'} />
+          </>
+        )}
+        {showRuleDetailsInfo && (
+          <>
+            <EuiTitle size={'s'}>
+              <h3>Rule details</h3>
+            </EuiTitle>
+            {this.renderRuleDetails(queries)}
+            <EuiSpacer size="l" />
+          </>
+        )}
         {this.renderFindingDocuments(isDocumentLoading)}
       </>
     );
@@ -460,14 +488,7 @@ export default class FindingDetailsFlyout extends Component<
   render() {
     const { backButton } = this.props;
     const {
-      finding: {
-        id,
-        detector: {
-          _id,
-          _source: { name },
-        },
-        timestamp,
-      },
+      finding: { id, timestamp, detectionType },
     } = this.props;
     const { isDocumentLoading } = this.state;
     return (
@@ -529,14 +550,8 @@ export default class FindingDetailsFlyout extends Component<
             </EuiFlexItem>
 
             <EuiFlexItem>
-              <EuiFormRow label={'Detector'}>
-                <EuiLink
-                  href={`#${ROUTES.DETECTOR_DETAILS}/${_id}`}
-                  target={'_blank'}
-                  data-test-subj={'finding-details-flyout-detector-link'}
-                >
-                  {name || DEFAULT_EMPTY_DATA}
-                </EuiLink>
+              <EuiFormRow label={'Detection type'}>
+                <EuiText>{detectionType}</EuiText>
               </EuiFormRow>
             </EuiFlexItem>
           </EuiFlexGroup>
diff --git a/public/pages/Findings/components/FindingsTable/FindingsTable.tsx b/public/pages/Findings/components/FindingsTable/FindingsTable.tsx
index 1ed9a091d..73be83969 100644
--- a/public/pages/Findings/components/FindingsTable/FindingsTable.tsx
+++ b/public/pages/Findings/components/FindingsTable/FindingsTable.tsx
@@ -73,8 +73,8 @@ export default class FindingsTable extends Component<FindingsTableProps, Finding
     };
   }
 
-  componentDidMount = async () => {
-    await this.filterFindings();
+  componentDidMount = () => {
+    this.filterFindings();
   };
 
   componentDidUpdate(prevProps: Readonly<FindingsTableProps>) {
@@ -180,30 +180,21 @@ export default class FindingsTable extends Component<FindingsTableProps, Finding
             </EuiLink>
           ) || DEFAULT_EMPTY_DATA,
       },
-      {
-        field: 'ruleName',
-        name: 'Rule name',
-        sortable: true,
-        dataType: 'string',
-        render: (ruleName: string) => ruleName || DEFAULT_EMPTY_DATA,
-      },
       {
         field: 'detectorName',
-        name: 'Threat detector',
+        name: 'Detector',
         sortable: true,
         dataType: 'string',
         render: (name: string) => name || DEFAULT_EMPTY_DATA,
       },
       {
-        field: 'logType',
-        name: 'Log type',
-        sortable: true,
-        dataType: 'string',
-        render: (logType: string) => formatRuleType(logType),
+        field: 'detectionType',
+        name: 'Detection type',
+        render: (detectionType: string) => detectionType || DEFAULT_EMPTY_DATA,
       },
       {
         field: 'ruleSeverity',
-        name: 'Rule severity',
+        name: 'Severity',
         sortable: true,
         dataType: 'string',
         align: 'left',
@@ -218,6 +209,13 @@ export default class FindingsTable extends Component<FindingsTableProps, Finding
           );
         },
       },
+      {
+        field: 'logType',
+        name: 'Log type',
+        sortable: true,
+        dataType: 'string',
+        render: (logType: string) => formatRuleType(logType),
+      },
       {
         name: 'Actions',
         sortable: false,
@@ -270,7 +268,7 @@ export default class FindingsTable extends Component<FindingsTableProps, Finding
         {
           type: 'field_value_selection',
           field: 'ruleSeverity',
-          name: 'Rule severity',
+          name: 'Severity',
           options: Array.from(severities).map((severity) => {
             const name =
               parseAlertSeverityToOption(severity)?.label || capitalizeFirstLetter(severity);
@@ -288,6 +286,22 @@ export default class FindingsTable extends Component<FindingsTableProps, Finding
           })),
           multiSelect: 'or',
         } as FieldValueSelectionFilterConfigType,
+        {
+          type: 'field_value_selection',
+          field: 'detectionType',
+          name: 'Detection type',
+          options: [
+            {
+              value: 'Detection rules',
+              name: 'Detection rules',
+            },
+            {
+              value: 'Threat intelligence',
+              name: 'Threat intelligence',
+            },
+          ],
+          multiSelect: 'or',
+        } as FieldValueSelectionFilterConfigType,
       ],
     };
 
diff --git a/public/pages/Findings/containers/Findings/Findings.tsx b/public/pages/Findings/containers/Findings/Findings.tsx
index 9631b4465..4468d3f12 100644
--- a/public/pages/Findings/containers/Findings/Findings.tsx
+++ b/public/pages/Findings/containers/Findings/Findings.tsx
@@ -256,11 +256,13 @@ class Findings extends Component<FindingsProps, FindingsState> {
       const findingTime = new Date(finding.timestamp);
       findingTime.setMilliseconds(0);
       findingTime.setSeconds(0);
+      const ruleLevel = this.state.rules[finding.queries[0].id].level;
       visData.push({
         finding: 1,
         time: findingTime.getTime(),
         logType: finding.detector._source.detector_type,
-        ruleSeverity: this.state.rules[finding.queries[0].id].level,
+        ruleSeverity:
+          ruleLevel === 'critical' ? ruleLevel : (finding as any)['ruleSeverity'] || ruleLevel,
       });
     });
     const {
@@ -307,11 +309,12 @@ class Findings extends Component<FindingsProps, FindingsState> {
       },
     } = this.props;
     if (Object.keys(rules).length > 0) {
-      findings = findings.map((finding) => {
+      findings = findings.map((finding: any) => {
         const rule = rules[finding.queries[0].id];
         if (rule) {
           finding['ruleName'] = rule.title;
-          finding['ruleSeverity'] = rule.level;
+          finding['ruleSeverity'] =
+            rule.level === 'critical' ? rule.level : finding['ruleSeverity'] || rule.level;
         }
         return finding;
       });
diff --git a/public/pages/Findings/models/interfaces.ts b/public/pages/Findings/models/interfaces.ts
index f1345a2d2..353350731 100644
--- a/public/pages/Findings/models/interfaces.ts
+++ b/public/pages/Findings/models/interfaces.ts
@@ -11,6 +11,7 @@ export interface Finding {
   queries: Query[];
   related_doc_ids: string[];
   timestamp: number;
+  detectionType: string;
 }
 
 export interface Query {
diff --git a/public/pages/Overview/models/OverviewViewModel.ts b/public/pages/Overview/models/OverviewViewModel.ts
index 2c09e4ad4..dad186e4e 100644
--- a/public/pages/Overview/models/OverviewViewModel.ts
+++ b/public/pages/Overview/models/OverviewViewModel.ts
@@ -40,7 +40,7 @@ export class OverviewViewModelActor {
     if (res?.ok) {
       this.overviewViewModel.detectors = res.response.hits.hits;
     } else if (!res?.error.includes('no such index')) {
-      errorNotificationToast(this.notifications, 'retrieve', 'detectors', res.error);
+      errorNotificationToast(this.notifications, 'retrieve', 'detectors', res?.error);
     }
   }
 
@@ -83,7 +83,7 @@ export class OverviewViewModelActor {
         if (findingRes?.ok) {
           const logType = detectorInfo.get(id)?.logType;
           const detectorName = detectorInfo.get(id)?.name || '';
-          const detectorFindings: FindingItem[] = findingRes.response.findings.map((finding) => {
+          const detectorFindings: any[] = findingRes.response.findings.map((finding) => {
             const ids = finding.queries.map((query) => query.id);
             ids.forEach((id) => ruleIds.add(id));
 
@@ -103,19 +103,24 @@ export class OverviewViewModelActor {
           });
           findingItems = findingItems.concat(detectorFindings);
         } else {
-          errorNotificationToast(this.notifications, 'retrieve', 'findings', findingRes.error);
+          errorNotificationToast(this.notifications, 'retrieve', 'findings', findingRes?.error);
         }
       }
-    } catch (e) {
+    } catch (e: any) {
       errorNotificationToast(this.notifications, 'retrieve', 'findings', e);
     }
 
     const rulesRes = await this.getRules([...ruleIds]);
-    findingItems = findingItems.map((item) => ({
-      ...item,
-      ruleName: rulesRes[item.ruleId]?.title || DEFAULT_EMPTY_DATA,
-      ruleSeverity: rulesRes[item.ruleId]?.level || DEFAULT_EMPTY_DATA,
-    }));
+    findingItems = findingItems.map((item) => {
+      const level = rulesRes[item.ruleId]?.level;
+      const severity = level === 'critical' ? level : item['ruleSeverity'] || level;
+
+      return {
+        ...item,
+        ruleName: rulesRes[item.ruleId]?.title || DEFAULT_EMPTY_DATA,
+        ruleSeverity: severity || DEFAULT_EMPTY_DATA,
+      };
+    });
 
     this.overviewViewModel.findings = this.filterChartDataByTime(findingItems);
   }
@@ -144,10 +149,10 @@ export class OverviewViewModelActor {
           }));
           alertItems = alertItems.concat(detectorAlertItems);
         } else {
-          errorNotificationToast(this.notifications, 'retrieve', 'alerts', alertsRes.error);
+          errorNotificationToast(this.notifications, 'retrieve', 'alerts', alertsRes?.error);
         }
       }
-    } catch (e) {
+    } catch (e: any) {
       errorNotificationToast(this.notifications, 'retrieve', 'alerts', e);
     }
 
@@ -185,10 +190,10 @@ export class OverviewViewModelActor {
     this.refreshState = 'Complete';
   }
 
-  private filterChartDataByTime = (chartData) => {
+  private filterChartDataByTime = (chartData: any) => {
     const startMoment = dateMath.parse(this.startTime);
     const endMoment = dateMath.parse(this.endTime);
-    return chartData.filter((dataItem) => {
+    return chartData.filter((dataItem: any) => {
       return moment(dataItem.time).isBetween(moment(startMoment), moment(endMoment));
     });
   };
diff --git a/server/services/FindingsService.ts b/server/services/FindingsService.ts
index 85571e836..ce3cd97a0 100644
--- a/server/services/FindingsService.ts
+++ b/server/services/FindingsService.ts
@@ -59,6 +59,20 @@ export default class FindingsService {
         CLIENT_DETECTOR_METHODS.GET_FINDINGS,
         params
       );
+
+      getFindingsResponse.findings.forEach((finding: any) => {
+        const types: string[] = [];
+        if (!finding.queries.every((query: any) => query.id.startsWith('threat_intel_'))) {
+          types.push('Detection rules');
+        }
+        if (finding.queries.some((query: any) => query.id.startsWith('threat_intel_'))) {
+          types.push('Threat intelligence');
+          finding['ruleSeverity'] = 'high';
+        }
+
+        finding['detectionType'] = types.join(', ');
+      });
+
       return response.custom({
         statusCode: 200,
         body: {
diff --git a/types/Alert.ts b/types/Alert.ts
index f085fa067..97b0d31b9 100644
--- a/types/Alert.ts
+++ b/types/Alert.ts
@@ -15,6 +15,7 @@ export interface AlertCondition {
   sev_levels: string[];
   tags: string[];
   ids: string[];
+  threat_intel_enabled: boolean;
 
   // Alert related fields
   actions: TriggerAction[];
diff --git a/types/Correlations.ts b/types/Correlations.ts
index 4fea7d03e..61a94d921 100644
--- a/types/Correlations.ts
+++ b/types/Correlations.ts
@@ -55,6 +55,10 @@ export interface CorrelationRule extends CorrelationRuleModel {
   id: string;
 }
 
+export interface CorrelationRuleTableItem extends CorrelationRule {
+  logTypes: string;
+}
+
 export interface CorrelationRuleSourceQueries {
   index: string;
   query: string;

From 02a56a3938738cfe484235030395e54b8f5f233f Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Wed, 25 Oct 2023 10:10:35 -0700
Subject: [PATCH 4/9] refactored alert condition panel; update detector for
 intel feeds

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 models/interfaces.ts                          |   3 +-
 .../AlertCondition/AlertConditionPanel.tsx    |  22 ++-
 .../containers/ConfigureAlerts.tsx            |  16 +-
 .../ConfigureAlerts/utils/helpers.ts          |   7 +-
 .../containers/ConfigureFieldMapping.tsx      |  10 +-
 .../ConfigureFieldMapping/utils/constants.ts  |   1 +
 .../containers/DefineDetector.tsx             |  12 ++
 .../containers/CreateDetector.tsx             |   1 +
 .../DetectorBasicDetailsView.tsx              |   5 +-
 .../UpdateBasicDetails/UpdateBasicDetails.tsx |  36 ++++-
 .../components/FindingDetailsFlyout.tsx       | 146 +++++++++---------
 public/utils/helpers.tsx                      |  20 ++-
 server/models/interfaces/FieldMappings.ts     |   1 +
 types/Alert.ts                                |   3 +-
 14 files changed, 192 insertions(+), 91 deletions(-)

diff --git a/models/interfaces.ts b/models/interfaces.ts
index d219cdbe9..b2b5d0aa0 100644
--- a/models/interfaces.ts
+++ b/models/interfaces.ts
@@ -50,11 +50,12 @@ export interface AlertCondition {
   sev_levels: string[];
   tags: string[];
   ids: string[];
-  threat_intel_enabled: boolean;
 
   // Alert related fields
   actions: TriggerAction[];
   severity: string;
+
+  detection_types: string[];
 }
 
 export interface TriggerAction {
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
index 88455382e..465ccd768 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
@@ -70,8 +70,8 @@ export default class AlertConditionPanel extends Component<
       previewToggle: false,
       selectedNames: [],
       showNotificationDetails: true,
-      detectionRulesTriggerEnabled: true,
-      threatIntelTriggerEnabled: true,
+      detectionRulesTriggerEnabled: props.alertCondition.detection_types.includes('rules'),
+      threatIntelTriggerEnabled: props.alertCondition.detection_types.includes('threat_intel'),
     };
   }
 
@@ -79,6 +79,14 @@ export default class AlertConditionPanel extends Component<
     this.prepareMessage();
   }
 
+  onDetectionTypeChange(detectionType: 'rules' | 'threat_intel', enabled: boolean) {
+    const detectionTypes = new Set(this.props.alertCondition.detection_types);
+    enabled ? detectionTypes.add(detectionType) : detectionTypes.delete(detectionType);
+    this.updateTrigger({
+      detection_types: Array.from(detectionTypes),
+    });
+  }
+
   prepareMessage = (updateMessage: boolean = false) => {
     const { alertCondition, detector } = this.props;
     const detectorInput = detector.inputs[0].detector_input;
@@ -362,7 +370,10 @@ export default class AlertConditionPanel extends Component<
             id="detection-type-rules"
             label="Detection rules"
             checked={detectionRulesTriggerEnabled}
-            onChange={(e) => this.setState({ detectionRulesTriggerEnabled: e.target.checked })}
+            onChange={(e) => {
+              this.setState({ detectionRulesTriggerEnabled: e.target.checked });
+              this.onDetectionTypeChange('rules', e.target.checked);
+            }}
           />
         ) : (
           <EuiText>
@@ -450,7 +461,10 @@ export default class AlertConditionPanel extends Component<
               id="detection-type-threat-intel"
               label="Threat intelligence"
               checked={threatIntelTriggerEnabled}
-              onChange={(e) => this.setState({ threatIntelTriggerEnabled: e.target.checked })}
+              onChange={(e) => {
+                this.setState({ threatIntelTriggerEnabled: e.target.checked });
+                this.onDetectionTypeChange('threat_intel', e.target.checked);
+              }}
             />
 
             {threatIntelTriggerEnabled && (
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx b/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
index 0146ea47d..6dc0a0980 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
@@ -115,15 +115,25 @@ export default class ConfigureAlerts extends Component<ConfigureAlertsProps, Con
       detector: { triggers },
       getTriggerName,
     } = this.props;
-    triggers.push(getEmptyAlertCondition(getTriggerName()));
-    changeDetector({ ...detector, triggers });
+    const detectionTypes = ['rules'];
+    if (detector.threat_intel_enabled) {
+      detectionTypes.push('threat_intel');
+    }
+    const newTriggers = [...triggers];
+    newTriggers.push(getEmptyAlertCondition(getTriggerName(), detectionTypes));
+    changeDetector({ ...detector, triggers: newTriggers });
   };
 
   onAlertTriggerChanged = (newDetector: Detector): void => {
     const isTriggerDataValid =
       !newDetector.triggers.length ||
       newDetector.triggers.every((trigger) => {
-        return !!trigger.name && validateName(trigger.name) && trigger.severity;
+        return (
+          !!trigger.name &&
+          validateName(trigger.name) &&
+          trigger.severity &&
+          trigger.detection_types.length
+        );
       });
 
     this.props.changeDetector(newDetector);
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/utils/helpers.ts b/public/pages/CreateDetector/components/ConfigureAlerts/utils/helpers.ts
index 5c31bce30..09aaedb9d 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/utils/helpers.ts
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/utils/helpers.ts
@@ -50,7 +50,10 @@ export function parseNotificationChannelsToOptions(
   }));
 }
 
-export function getEmptyAlertCondition(conditionName: string = ''): AlertCondition {
+export function getEmptyAlertCondition(
+  conditionName: string = '',
+  detection_types: string[] = []
+): AlertCondition {
   const emptyTriggerAction: TriggerAction = {
     id: '',
     name: '',
@@ -78,6 +81,6 @@ export function getEmptyAlertCondition(conditionName: string = ''): AlertConditi
     types: [],
     severity: '1',
     ids: [],
-    threat_intel_enabled: true,
+    detection_types,
   };
 }
diff --git a/public/pages/CreateDetector/components/ConfigureFieldMapping/containers/ConfigureFieldMapping.tsx b/public/pages/CreateDetector/components/ConfigureFieldMapping/containers/ConfigureFieldMapping.tsx
index 9b2d6c4cc..f86e34ee5 100644
--- a/public/pages/CreateDetector/components/ConfigureFieldMapping/containers/ConfigureFieldMapping.tsx
+++ b/public/pages/CreateDetector/components/ConfigureFieldMapping/containers/ConfigureFieldMapping.tsx
@@ -249,11 +249,19 @@ export default class ConfigureFieldMapping extends Component<
             this.state.createdMappings[ruleFieldName] ||
             mappingsView.response.properties[ruleFieldName].path;
         });
+        let threatIntelFeedFields = new Set();
+        mappingsView.response.threat_intel_field_aliases.forEach(({ fields }) => {
+          fields.forEach((field) => threatIntelFeedFields.add(field));
+        });
         mappingsView.response.unmapped_field_aliases?.forEach((ruleFieldName) => {
-          if (!ruleFieldsForEnabledRules.has(ruleFieldName)) {
+          if (
+            !ruleFieldsForEnabledRules.has(ruleFieldName) &&
+            !threatIntelFeedFields.has(ruleFieldName)
+          ) {
             unmappedRuleFields.delete(ruleFieldName);
           }
         });
+
         this.setState({
           createdMappings: existingMappings,
           mappingsData: {
diff --git a/public/pages/CreateDetector/components/ConfigureFieldMapping/utils/constants.ts b/public/pages/CreateDetector/components/ConfigureFieldMapping/utils/constants.ts
index cd7e111fc..5716f26a8 100644
--- a/public/pages/CreateDetector/components/ConfigureFieldMapping/utils/constants.ts
+++ b/public/pages/CreateDetector/components/ConfigureFieldMapping/utils/constants.ts
@@ -17,6 +17,7 @@ export const EMPTY_FIELD_MAPPINGS_VIEW: GetFieldMappingViewResponse = {
   properties: {},
   unmapped_field_aliases: [],
   unmapped_index_fields: [],
+  threat_intel_field_aliases: [],
 };
 
 export const EMPTY_FIELD_MAPPINGS: FieldMappingPropertyMap = {
diff --git a/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx b/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
index eaf38743b..27b220021 100644
--- a/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
@@ -23,6 +23,10 @@ import { ConfigureFieldMappingProps } from '../../ConfigureFieldMapping/containe
 import { ContentPanel } from '../../../../../components/ContentPanel';
 import { ruleTypes } from '../../../../Rules/utils/constants';
 import { ThreatIntelligence } from '../components/ThreatIntelligence/ThreatIntelligence';
+import {
+  addDetectionTypeToTrigger,
+  removeDetectionTypeFromTrigger,
+} from '../../../../../utils/helpers';
 
 interface DefineDetectorProps extends RouteComponentProps {
   detector: Detector;
@@ -137,9 +141,17 @@ export default class DefineDetector extends Component<DefineDetectorProps, Defin
   };
 
   onThreatIntelligenceChanged = (checked: boolean) => {
+    const newTriggers = this.state.detector.triggers.map((trigger) => ({
+      ...trigger,
+      detection_types: checked
+        ? addDetectionTypeToTrigger(trigger, 'threat_intel')
+        : removeDetectionTypeFromTrigger(trigger, 'threat_intel'),
+    }));
+
     const newDetector: Detector = {
       ...this.state.detector,
       threat_intel_enabled: checked,
+      triggers: newTriggers,
     };
 
     this.updateDetectorCreationState(newDetector);
diff --git a/public/pages/CreateDetector/containers/CreateDetector.tsx b/public/pages/CreateDetector/containers/CreateDetector.tsx
index 5ade7d68a..f8ce46eb2 100644
--- a/public/pages/CreateDetector/containers/CreateDetector.tsx
+++ b/public/pages/CreateDetector/containers/CreateDetector.tsx
@@ -73,6 +73,7 @@ export default class CreateDetector extends Component<CreateDetectorProps, Creat
       detector: {
         ...EMPTY_DEFAULT_DETECTOR,
         detector_type: '',
+        triggers: [],
       },
       fieldMappings: [],
       stepDataValid: {
diff --git a/public/pages/Detectors/components/DetectorBasicDetailsView/DetectorBasicDetailsView.tsx b/public/pages/Detectors/components/DetectorBasicDetailsView/DetectorBasicDetailsView.tsx
index 79a3eb6c5..b334c1a13 100644
--- a/public/pages/Detectors/components/DetectorBasicDetailsView/DetectorBasicDetailsView.tsx
+++ b/public/pages/Detectors/components/DetectorBasicDetailsView/DetectorBasicDetailsView.tsx
@@ -31,7 +31,7 @@ export const DetectorBasicDetailsView: React.FC<DetectorBasicDetailsViewProps> =
   onEditClicked,
   isEditable = true,
 }) => {
-  const { name, detector_type, inputs, schedule } = detector;
+  const { name, detector_type, inputs, schedule, threat_intel_enabled } = detector;
   const detectorSchedule = parseSchedule(schedule);
   const createdAt = enabled_time ? moment(enabled_time).format('YYYY-MM-DDTHH:mm') : undefined;
   const lastUpdated = last_update_time
@@ -97,6 +97,9 @@ export const DetectorBasicDetailsView: React.FC<DetectorBasicDetailsViewProps> =
         { label: 'Created at', content: createdAt || DEFAULT_EMPTY_DATA },
         { label: 'Last updated time', content: lastUpdated || DEFAULT_EMPTY_DATA },
       ])}
+      {createTextDetailsGroup([
+        { label: 'Threat intelligence feed enabled', content: threat_intel_enabled ? 'Yes' : 'No' },
+      ])}
       {rulesCanFold ? children : null}
     </ContentPanel>
   );
diff --git a/public/pages/Detectors/components/UpdateBasicDetails/UpdateBasicDetails.tsx b/public/pages/Detectors/components/UpdateBasicDetails/UpdateBasicDetails.tsx
index 55e1af2a8..9dc550978 100644
--- a/public/pages/Detectors/components/UpdateBasicDetails/UpdateBasicDetails.tsx
+++ b/public/pages/Detectors/components/UpdateBasicDetails/UpdateBasicDetails.tsx
@@ -28,6 +28,7 @@ import { errorNotificationToast, successNotificationToast } from '../../../../ut
 import { CoreServicesContext } from '../../../../components/core_services';
 import ReviewFieldMappings from '../ReviewFieldMappings/ReviewFieldMappings';
 import { FieldMapping, Detector } from '../../../../../types';
+import { ThreatIntelligence } from '../../../CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence';
 
 export interface UpdateDetectorBasicDetailsProps
   extends RouteComponentProps<any, any, { detectorHit: DetectorHit }> {
@@ -48,6 +49,11 @@ export const UpdateDetectorBasicDetails: React.FC<UpdateDetectorBasicDetailsProp
   const detectorId = props.location.pathname.replace(`${ROUTES.EDIT_DETECTOR_DETAILS}/`, '');
 
   const context = useContext(CoreServicesContext);
+  const [threatIntelEnabledInitially, setThreatIntelEnabledInitially] = useState(false);
+
+  useEffect(() => {
+    setThreatIntelEnabledInitially(detector.threat_intel_enabled);
+  }, []);
 
   useEffect(() => {
     const getDetector = async () => {
@@ -166,6 +172,19 @@ export const UpdateDetectorBasicDetails: React.FC<UpdateDetectorBasicDetailsProp
     [detector, updateDetectorState, setFieldMappingsIsVisible]
   );
 
+  const onThreatIntelFeedToggle = useCallback(
+    (enabled: boolean) => {
+      const newDetector: Detector = {
+        ...detector,
+        threat_intel_enabled: enabled,
+      };
+
+      setFieldMappingsIsVisible(!threatIntelEnabledInitially && enabled);
+      updateDetectorState(newDetector);
+    },
+    [detector, updateDetectorState, setFieldMappingsIsVisible]
+  );
+
   const onDetectorScheduleChange = useCallback(
     (schedule: PeriodSchedule) => {
       const newDetector: Detector = {
@@ -249,7 +268,7 @@ export const UpdateDetectorBasicDetails: React.FC<UpdateDetectorBasicDetailsProp
       <EuiTitle size={'m'}>
         <h3>Edit detector details</h3>
       </EuiTitle>
-      <EuiSpacer size="xxl" />
+      <EuiSpacer size="xl" />
 
       <EuiPanel>
         <DetectorBasicDetailsForm
@@ -259,7 +278,7 @@ export const UpdateDetectorBasicDetails: React.FC<UpdateDetectorBasicDetailsProp
           onDetectorNameChange={onDetectorNameChange}
           onDetectorInputDescriptionChange={onDetectorInputDescriptionChange}
         />
-        <EuiSpacer size="xl" />
+        <EuiSpacer size="l" />
 
         <DetectorDataSource
           isEdit={true}
@@ -270,10 +289,17 @@ export const UpdateDetectorBasicDetails: React.FC<UpdateDetectorBasicDetailsProp
           fieldMappingService={services?.fieldMappingService as FieldMappingService}
           onDetectorInputIndicesChange={onDetectorInputIndicesChange}
         />
-        <EuiSpacer size={'xl'} />
+        <EuiSpacer size={'l'} />
+
+        <ThreatIntelligence
+          threatIntelChecked={detector.threat_intel_enabled}
+          onThreatIntelChange={onThreatIntelFeedToggle}
+        />
+
+        <EuiSpacer size="l" />
 
         <DetectorSchedule detector={detector} onDetectorScheduleChange={onDetectorScheduleChange} />
-        <EuiSpacer size="xl" />
+        <EuiSpacer size="l" />
 
         {fieldMappingsIsVisible ? (
           <>
@@ -283,7 +309,7 @@ export const UpdateDetectorBasicDetails: React.FC<UpdateDetectorBasicDetailsProp
               fieldMappingService={services?.fieldMappingService}
               onFieldMappingChange={onFieldMappingChange}
             />
-            <EuiSpacer size="xl" />
+            <EuiSpacer size="l" />
           </>
         ) : null}
       </EuiPanel>
diff --git a/public/pages/Findings/components/FindingDetailsFlyout.tsx b/public/pages/Findings/components/FindingDetailsFlyout.tsx
index 166e1de1d..4558f9297 100644
--- a/public/pages/Findings/components/FindingDetailsFlyout.tsx
+++ b/public/pages/Findings/components/FindingDetailsFlyout.tsx
@@ -204,79 +204,81 @@ export default class FindingDetailsFlyout extends Component<
 
   renderRuleDetails = (rules: Query[] = []) => {
     const { allRules = {} } = this.state;
-    return rules.map((rule, key) => {
-      const fullRule = allRules[rule.id];
-      const severity = capitalizeFirstLetter(fullRule.level);
-      return (
-        <div key={key}>
-          <EuiAccordion
-            id={`${key}`}
-            buttonClassName="euiAccordionForm__button"
-            buttonContent={
-              <div data-test-subj={'finding-details-flyout-rule-accordion-button'}>
-                <EuiText size={'s'}>{fullRule.title}</EuiText>
-                <EuiText size={'s'} color={'subdued'}>
-                  Severity: {severity}
-                </EuiText>
-              </div>
-            }
-            initialIsOpen={rules.length === 1}
-            data-test-subj={`finding-details-flyout-rule-accordion-${key}`}
-          >
-            <EuiPanel color="subdued">
-              <EuiFlexGroup>
-                <EuiFlexItem>
-                  <EuiFormRow label={'Rule name'}>
-                    <EuiLink
-                      onClick={() => this.showRuleDetails(fullRule, rule.id)}
-                      data-test-subj={`finding-details-flyout-${fullRule.title}-details`}
+    return rules
+      .filter(({ id }) => !id.startsWith('threat_intel_'))
+      .map((rule, key) => {
+        const fullRule = allRules[rule.id];
+        const severity = capitalizeFirstLetter(fullRule.level);
+        return (
+          <div key={key}>
+            <EuiAccordion
+              id={`${key}`}
+              buttonClassName="euiAccordionForm__button"
+              buttonContent={
+                <div data-test-subj={'finding-details-flyout-rule-accordion-button'}>
+                  <EuiText size={'s'}>{fullRule.title}</EuiText>
+                  <EuiText size={'s'} color={'subdued'}>
+                    Severity: {severity}
+                  </EuiText>
+                </div>
+              }
+              initialIsOpen={rules.length === 1}
+              data-test-subj={`finding-details-flyout-rule-accordion-${key}`}
+            >
+              <EuiPanel color="subdued">
+                <EuiFlexGroup>
+                  <EuiFlexItem>
+                    <EuiFormRow label={'Rule name'}>
+                      <EuiLink
+                        onClick={() => this.showRuleDetails(fullRule, rule.id)}
+                        data-test-subj={`finding-details-flyout-${fullRule.title}-details`}
+                      >
+                        {fullRule.title || DEFAULT_EMPTY_DATA}
+                      </EuiLink>
+                    </EuiFormRow>
+                  </EuiFlexItem>
+
+                  <EuiFlexItem>
+                    <EuiFormRow
+                      label={'Rule severity'}
+                      data-test-subj={'finding-details-flyout-rule-severity'}
                     >
-                      {fullRule.title || DEFAULT_EMPTY_DATA}
-                    </EuiLink>
-                  </EuiFormRow>
-                </EuiFlexItem>
-
-                <EuiFlexItem>
-                  <EuiFormRow
-                    label={'Rule severity'}
-                    data-test-subj={'finding-details-flyout-rule-severity'}
-                  >
-                    <EuiText>{severity || DEFAULT_EMPTY_DATA}</EuiText>
-                  </EuiFormRow>
-                </EuiFlexItem>
-
-                <EuiFlexItem>
-                  <EuiFormRow
-                    label={'Log type'}
-                    data-test-subj={'finding-details-flyout-rule-category'}
-                  >
-                    <EuiText>
-                      {capitalizeFirstLetter(fullRule.category) || DEFAULT_EMPTY_DATA}
-                    </EuiText>
-                  </EuiFormRow>
-                </EuiFlexItem>
-              </EuiFlexGroup>
-
-              <EuiSpacer size={'m'} />
-
-              <EuiFormRow
-                label={'Description'}
-                data-test-subj={'finding-details-flyout-rule-description'}
-              >
-                <EuiText>{fullRule.description || DEFAULT_EMPTY_DATA}</EuiText>
-              </EuiFormRow>
-
-              <EuiSpacer size={'m'} />
-
-              <EuiFormRow label={'Tags'} data-test-subj={'finding-details-flyout-rule-tags'}>
-                <EuiText>{this.renderTags() || DEFAULT_EMPTY_DATA}</EuiText>
-              </EuiFormRow>
-            </EuiPanel>
-          </EuiAccordion>
-          {rules.length > 1 && <EuiHorizontalRule margin={'xs'} />}
-        </div>
-      );
-    });
+                      <EuiText>{severity || DEFAULT_EMPTY_DATA}</EuiText>
+                    </EuiFormRow>
+                  </EuiFlexItem>
+
+                  <EuiFlexItem>
+                    <EuiFormRow
+                      label={'Log type'}
+                      data-test-subj={'finding-details-flyout-rule-category'}
+                    >
+                      <EuiText>
+                        {capitalizeFirstLetter(fullRule.category) || DEFAULT_EMPTY_DATA}
+                      </EuiText>
+                    </EuiFormRow>
+                  </EuiFlexItem>
+                </EuiFlexGroup>
+
+                <EuiSpacer size={'m'} />
+
+                <EuiFormRow
+                  label={'Description'}
+                  data-test-subj={'finding-details-flyout-rule-description'}
+                >
+                  <EuiText>{fullRule.description || DEFAULT_EMPTY_DATA}</EuiText>
+                </EuiFormRow>
+
+                <EuiSpacer size={'m'} />
+
+                <EuiFormRow label={'Tags'} data-test-subj={'finding-details-flyout-rule-tags'}>
+                  <EuiText>{this.renderTags() || DEFAULT_EMPTY_DATA}</EuiText>
+                </EuiFormRow>
+              </EuiPanel>
+            </EuiAccordion>
+            {rules.length > 1 && <EuiHorizontalRule margin={'xs'} />}
+          </div>
+        );
+      });
   };
 
   getIndexPatternId = async () => {
diff --git a/public/utils/helpers.tsx b/public/utils/helpers.tsx
index ef30e0019..596717d4a 100644
--- a/public/utils/helpers.tsx
+++ b/public/utils/helpers.tsx
@@ -37,7 +37,7 @@ import { OpenSearchService } from '../services';
 import { ruleSeverity, ruleTypes } from '../pages/Rules/utils/constants';
 import { Handler } from 'vega-tooltip';
 import _ from 'lodash';
-import { LogType } from '../../types';
+import { AlertCondition, LogType } from '../../types';
 import { DataStore } from '../store/DataStore';
 import { LogCategoryOptionView } from '../components/Utility/LogCategoryOption';
 
@@ -387,3 +387,21 @@ export function getLogTypeCategoryOptions(): any[] {
     ),
   }));
 }
+
+export function removeDetectionTypeFromTrigger(
+  trigger: AlertCondition,
+  detectionType: 'rules' | 'threat_intel'
+): string[] {
+  const detectionTypes = new Set(trigger.detection_types);
+  detectionTypes.delete(detectionType);
+  return Array.from(detectionTypes);
+}
+
+export function addDetectionTypeToTrigger(
+  trigger: AlertCondition,
+  detectionType: 'rules' | 'threat_intel'
+): string[] {
+  const detectionTypes = new Set(trigger.detection_types);
+  detectionTypes.add(detectionType);
+  return Array.from(detectionTypes);
+}
diff --git a/server/models/interfaces/FieldMappings.ts b/server/models/interfaces/FieldMappings.ts
index c88e42c95..45e35550a 100644
--- a/server/models/interfaces/FieldMappings.ts
+++ b/server/models/interfaces/FieldMappings.ts
@@ -11,6 +11,7 @@ export interface GetFieldMapingsViewParams {
 export interface GetFieldMappingViewResponse extends FieldMappingPropertyMap {
   unmapped_index_fields?: string[];
   unmapped_field_aliases?: string[];
+  threat_intel_field_aliases: { ioc: string; fields: string[] }[];
 }
 
 export interface CreateMappingsParams {
diff --git a/types/Alert.ts b/types/Alert.ts
index 97b0d31b9..6428ac49e 100644
--- a/types/Alert.ts
+++ b/types/Alert.ts
@@ -15,11 +15,12 @@ export interface AlertCondition {
   sev_levels: string[];
   tags: string[];
   ids: string[];
-  threat_intel_enabled: boolean;
 
   // Alert related fields
   actions: TriggerAction[];
   severity: string;
+
+  detection_types: string[];
 }
 
 export interface TriggerAction {

From 23cd2ed6ce1c6c6b94b508a7cb2befdbc74430f8 Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Wed, 25 Oct 2023 10:19:06 -0700
Subject: [PATCH 5/9] updated snapshots, mocks

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 .../DetectorBasicDetailsView.test.tsx.snap    |  68 ++++++++++
 .../DetectorRulesView.test.tsx.snap           |   6 +
 .../UpdateAlertConditions.test.tsx.snap       |  30 +++++
 .../UpdateDetectorBasicDetails.test.tsx.snap  | 106 ++++++++++++++--
 .../AlertTriggersView.test.tsx.snap           |  24 ++++
 .../DetectorDetails.test.tsx.snap             | 117 ++++++++++++++++++
 .../DetectorDetailsView.test.tsx.snap         |  93 ++++++++++++++
 .../__snapshots__/Detectors.test.tsx.snap     |  12 ++
 .../EditFieldMappings.test.tsx.snap           |  12 ++
 .../AlertCondition/AlertCondition.mock.ts     |   1 +
 10 files changed, 461 insertions(+), 8 deletions(-)

diff --git a/public/pages/Detectors/components/DetectorBasicDetailsView/__snapshots__/DetectorBasicDetailsView.test.tsx.snap b/public/pages/Detectors/components/DetectorBasicDetailsView/__snapshots__/DetectorBasicDetailsView.test.tsx.snap
index d91290cfb..555614e67 100644
--- a/public/pages/Detectors/components/DetectorBasicDetailsView/__snapshots__/DetectorBasicDetailsView.test.tsx.snap
+++ b/public/pages/Detectors/components/DetectorBasicDetailsView/__snapshots__/DetectorBasicDetailsView.test.tsx.snap
@@ -426,6 +426,40 @@ Object {
           <div
             class="euiSpacer euiSpacer--xl"
           />
+          <div
+            class="euiFormRow euiFormRow--fullWidth"
+            id="some_html_id-row"
+          >
+            <div
+              class="euiFormRow__labelWrapper"
+            >
+              <label
+                class="euiFormLabel euiFormRow__label"
+                for="some_html_id"
+              >
+                <div
+                  class="euiText euiText--medium"
+                >
+                  <div
+                    class="euiTextColor euiTextColor--subdued"
+                  >
+                    Threat intelligence feed enabled
+                  </div>
+                </div>
+              </label>
+            </div>
+            <div
+              class="euiFormRow__fieldWrapper"
+            >
+              <div
+                class="euiText euiText--medium"
+                data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                id="some_html_id"
+              >
+                No
+              </div>
+            </div>
+          </div>
         </div>
       </div>
     </div>
@@ -852,6 +886,40 @@ Object {
         <div
           class="euiSpacer euiSpacer--xl"
         />
+        <div
+          class="euiFormRow euiFormRow--fullWidth"
+          id="some_html_id-row"
+        >
+          <div
+            class="euiFormRow__labelWrapper"
+          >
+            <label
+              class="euiFormLabel euiFormRow__label"
+              for="some_html_id"
+            >
+              <div
+                class="euiText euiText--medium"
+              >
+                <div
+                  class="euiTextColor euiTextColor--subdued"
+                >
+                  Threat intelligence feed enabled
+                </div>
+              </div>
+            </label>
+          </div>
+          <div
+            class="euiFormRow__fieldWrapper"
+          >
+            <div
+              class="euiText euiText--medium"
+              data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+              id="some_html_id"
+            >
+              No
+            </div>
+          </div>
+        </div>
       </div>
     </div>
   </div>,
diff --git a/public/pages/Detectors/components/DetectorRulesView/__snapshots__/DetectorRulesView.test.tsx.snap b/public/pages/Detectors/components/DetectorRulesView/__snapshots__/DetectorRulesView.test.tsx.snap
index b77140d07..5d189f5c0 100644
--- a/public/pages/Detectors/components/DetectorRulesView/__snapshots__/DetectorRulesView.test.tsx.snap
+++ b/public/pages/Detectors/components/DetectorRulesView/__snapshots__/DetectorRulesView.test.tsx.snap
@@ -103,6 +103,9 @@ exports[`<DetectorRulesView /> spec renders the component 1`] = `
               "throttle_enabled": true,
             },
           ],
+          "detection_types": Array [
+            "rules",
+          ],
           "id": "trigger_id_0",
           "ids": Array [
             "rule_id_1",
@@ -158,6 +161,9 @@ exports[`<DetectorRulesView /> spec renders the component 1`] = `
               "throttle_enabled": true,
             },
           ],
+          "detection_types": Array [
+            "rules",
+          ],
           "id": "trigger_id_1",
           "ids": Array [
             "rule_id_1",
diff --git a/public/pages/Detectors/components/UpdateAlertConditions/__snapshots__/UpdateAlertConditions.test.tsx.snap b/public/pages/Detectors/components/UpdateAlertConditions/__snapshots__/UpdateAlertConditions.test.tsx.snap
index 2079db8fd..94a33ae77 100644
--- a/public/pages/Detectors/components/UpdateAlertConditions/__snapshots__/UpdateAlertConditions.test.tsx.snap
+++ b/public/pages/Detectors/components/UpdateAlertConditions/__snapshots__/UpdateAlertConditions.test.tsx.snap
@@ -108,6 +108,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_0",
             "ids": Array [
               "rule_id_1",
@@ -163,6 +166,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_1",
             "ids": Array [
               "rule_id_1",
@@ -310,6 +316,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_0",
                 "ids": Array [
                   "rule_id_1",
@@ -365,6 +374,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_1",
                 "ids": Array [
                   "rule_id_1",
@@ -535,6 +547,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                   "throttle_enabled": true,
                 },
               ],
+              "detection_types": Array [
+                "rules",
+              ],
               "id": "trigger_id_0",
               "ids": Array [
                 "rule_id_1",
@@ -590,6 +605,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                   "throttle_enabled": true,
                 },
               ],
+              "detection_types": Array [
+                "rules",
+              ],
               "id": "trigger_id_1",
               "ids": Array [
                 "rule_id_1",
@@ -716,6 +734,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_0",
                 "ids": Array [
                   "rule_id_1",
@@ -771,6 +792,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_1",
                 "ids": Array [
                   "rule_id_1",
@@ -921,6 +945,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                         "throttle_enabled": true,
                       },
                     ],
+                    "detection_types": Array [
+                      "rules",
+                    ],
                     "id": "trigger_id_0",
                     "ids": Array [
                       "rule_id_1",
@@ -976,6 +1003,9 @@ exports[`<UpdateAlertConditions /> spec renders the component 1`] = `
                         "throttle_enabled": true,
                       },
                     ],
+                    "detection_types": Array [
+                      "rules",
+                    ],
                     "id": "trigger_id_1",
                     "ids": Array [
                       "rule_id_1",
diff --git a/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap b/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
index 9dd4cfda7..672ecf0e3 100644
--- a/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
+++ b/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
@@ -108,6 +108,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_0",
             "ids": Array [
               "rule_id_1",
@@ -163,6 +166,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_1",
             "ids": Array [
               "rule_id_1",
@@ -305,6 +311,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                               "throttle_enabled": true,
                             },
                           ],
+                          "detection_types": Array [
+                            "rules",
+                          ],
                           "id": "trigger_id_0",
                           "ids": Array [
                             "rule_id_1",
@@ -360,6 +369,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                               "throttle_enabled": true,
                             },
                           ],
+                          "detection_types": Array [
+                            "rules",
+                          ],
                           "id": "trigger_id_1",
                           "ids": Array [
                             "rule_id_1",
@@ -480,6 +492,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                             "throttle_enabled": true,
                           },
                         ],
+                        "detection_types": Array [
+                          "rules",
+                        ],
                         "id": "trigger_id_0",
                         "ids": Array [
                           "rule_id_1",
@@ -535,6 +550,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                             "throttle_enabled": true,
                           },
                         ],
+                        "detection_types": Array [
+                          "rules",
+                        ],
                         "id": "trigger_id_1",
                         "ids": Array [
                           "rule_id_1",
@@ -594,10 +612,10 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
     </h3>
   </EuiTitle>
   <EuiSpacer
-    size="xxl"
+    size="xl"
   >
     <div
-      className="euiSpacer euiSpacer--xxl"
+      className="euiSpacer euiSpacer--xl"
     />
   </EuiSpacer>
   <EuiPanel>
@@ -823,10 +841,10 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
         </EuiFormRow>
       </DetectorBasicDetailsForm>
       <EuiSpacer
-        size="xl"
+        size="l"
       >
         <div
-          className="euiSpacer euiSpacer--xl"
+          className="euiSpacer euiSpacer--l"
         />
       </EuiSpacer>
       <Component
@@ -859,10 +877,70 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
         />
       </Component>
       <EuiSpacer
-        size="xl"
+        size="l"
+      >
+        <div
+          className="euiSpacer euiSpacer--l"
+        />
+      </EuiSpacer>
+      <ThreatIntelligence
+        onThreatIntelChange={[Function]}
+      >
+        <EuiTitle
+          size="m"
+        >
+          <h3
+            className="euiTitle euiTitle--medium"
+          >
+            Threat intelligence feeds
+          </h3>
+        </EuiTitle>
+        <EuiText>
+          <div
+            className="euiText euiText--medium"
+          >
+            <p>
+              Match your data source against known malicious IP-addresses. Available for standard log types only. Learn more
+            </p>
+          </div>
+        </EuiText>
+        <EuiCheckbox
+          checked={false}
+          compressed={false}
+          disabled={false}
+          id="some_html_id"
+          indeterminate={false}
+          label="Enable threat intelligence-based detection"
+          onChange={[Function]}
+        >
+          <div
+            className="euiCheckbox"
+          >
+            <input
+              checked={false}
+              className="euiCheckbox__input"
+              disabled={false}
+              id="some_html_id"
+              onChange={[Function]}
+              type="checkbox"
+            />
+            <div
+              className="euiCheckbox__square"
+            />
+            <label
+              className="euiCheckbox__label"
+              htmlFor="some_html_id"
+            >
+              Enable threat intelligence-based detection
+            </label>
+          </div>
+        </EuiCheckbox>
+      </ThreatIntelligence>
+      <EuiSpacer
+        size="l"
       >
         <div
-          className="euiSpacer euiSpacer--xl"
+          className="euiSpacer euiSpacer--l"
         />
       </EuiSpacer>
       <DetectorSchedule
@@ -969,6 +1047,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_0",
                 "ids": Array [
                   "rule_id_1",
@@ -1024,6 +1105,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_1",
                 "ids": Array [
                   "rule_id_1",
@@ -1164,6 +1248,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                       "throttle_enabled": true,
                     },
                   ],
+                  "detection_types": Array [
+                    "rules",
+                  ],
                   "id": "trigger_id_0",
                   "ids": Array [
                     "rule_id_1",
@@ -1219,6 +1306,9 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
                       "throttle_enabled": true,
                     },
                   ],
+                  "detection_types": Array [
+                    "rules",
+                  ],
                   "id": "trigger_id_1",
                   "ids": Array [
                     "rule_id_1",
@@ -1495,10 +1585,10 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
         </Interval>
       </DetectorSchedule>
       <EuiSpacer
-        size="xl"
+        size="l"
       >
         <div
-          className="euiSpacer euiSpacer--xl"
+          className="euiSpacer euiSpacer--l"
         />
       </EuiSpacer>
     </div>
diff --git a/public/pages/Detectors/containers/AlertTriggersView/__snapshots__/AlertTriggersView.test.tsx.snap b/public/pages/Detectors/containers/AlertTriggersView/__snapshots__/AlertTriggersView.test.tsx.snap
index 3e04dbb4b..a68bac941 100644
--- a/public/pages/Detectors/containers/AlertTriggersView/__snapshots__/AlertTriggersView.test.tsx.snap
+++ b/public/pages/Detectors/containers/AlertTriggersView/__snapshots__/AlertTriggersView.test.tsx.snap
@@ -103,6 +103,9 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
               "throttle_enabled": true,
             },
           ],
+          "detection_types": Array [
+            "rules",
+          ],
           "id": "trigger_id_0",
           "ids": Array [
             "rule_id_1",
@@ -158,6 +161,9 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
               "throttle_enabled": true,
             },
           ],
+          "detection_types": Array [
+            "rules",
+          ],
           "id": "trigger_id_1",
           "ids": Array [
             "rule_id_1",
@@ -378,6 +384,9 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_0",
                 "ids": Array [
                   "rule_id_1",
@@ -496,6 +505,9 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                         "throttle_enabled": true,
                       },
                     ],
+                    "detection_types": Array [
+                      "rules",
+                    ],
                     "id": "trigger_id_0",
                     "ids": Array [
                       "rule_id_1",
@@ -551,6 +563,9 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                         "throttle_enabled": true,
                       },
                     ],
+                    "detection_types": Array [
+                      "rules",
+                    ],
                     "id": "trigger_id_1",
                     "ids": Array [
                       "rule_id_1",
@@ -1363,6 +1378,9 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_1",
                 "ids": Array [
                   "rule_id_1",
@@ -1481,6 +1499,9 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                         "throttle_enabled": true,
                       },
                     ],
+                    "detection_types": Array [
+                      "rules",
+                    ],
                     "id": "trigger_id_0",
                     "ids": Array [
                       "rule_id_1",
@@ -1536,6 +1557,9 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                         "throttle_enabled": true,
                       },
                     ],
+                    "detection_types": Array [
+                      "rules",
+                    ],
                     "id": "trigger_id_1",
                     "ids": Array [
                       "rule_id_1",
diff --git a/public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap b/public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap
index c65cd5c4a..8eb6716fa 100644
--- a/public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap
+++ b/public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap
@@ -108,6 +108,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_0",
             "ids": Array [
               "rule_id_1",
@@ -163,6 +166,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_1",
             "ids": Array [
               "rule_id_1",
@@ -623,6 +629,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_0",
             "ids": Array [
               "rule_id_1",
@@ -678,6 +687,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_1",
             "ids": Array [
               "rule_id_1",
@@ -804,6 +816,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                   "throttle_enabled": true,
                 },
               ],
+              "detection_types": Array [
+                "rules",
+              ],
               "id": "trigger_id_0",
               "ids": Array [
                 "rule_id_1",
@@ -859,6 +874,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                   "throttle_enabled": true,
                 },
               ],
+              "detection_types": Array [
+                "rules",
+              ],
               "id": "trigger_id_1",
               "ids": Array [
                 "rule_id_1",
@@ -1036,6 +1054,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                   "throttle_enabled": true,
                 },
               ],
+              "detection_types": Array [
+                "rules",
+              ],
               "id": "trigger_id_0",
               "ids": Array [
                 "rule_id_1",
@@ -1091,6 +1112,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                   "throttle_enabled": true,
                 },
               ],
+              "detection_types": Array [
+                "rules",
+              ],
               "id": "trigger_id_1",
               "ids": Array [
                 "rule_id_1",
@@ -1217,6 +1241,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_0",
                 "ids": Array [
                   "rule_id_1",
@@ -1272,6 +1299,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_1",
                 "ids": Array [
                   "rule_id_1",
@@ -2313,6 +2343,81 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                   className="euiSpacer euiSpacer--xl"
                 />
               </EuiSpacer>
+              <EuiFormRow
+                describedByIds={Array []}
+                display="row"
+                fullWidth={true}
+                hasChildLabel={true}
+                hasEmptyLabelSpace={false}
+                label={
+                  <EuiText
+                    color="subdued"
+                  >
+                    Threat intelligence feed enabled
+                  </EuiText>
+                }
+                labelType="label"
+              >
+                <div
+                  className="euiFormRow euiFormRow--fullWidth"
+                  id="some_html_id-row"
+                >
+                  <div
+                    className="euiFormRow__labelWrapper"
+                  >
+                    <EuiFormLabel
+                      className="euiFormRow__label"
+                      htmlFor="some_html_id"
+                      isFocused={false}
+                      type="label"
+                    >
+                      <label
+                        className="euiFormLabel euiFormRow__label"
+                        htmlFor="some_html_id"
+                      >
+                        <EuiText
+                          color="subdued"
+                        >
+                          <div
+                            className="euiText euiText--medium"
+                          >
+                            <EuiTextColor
+                              color="subdued"
+                              component="div"
+                            >
+                              <div
+                                className="euiTextColor euiTextColor--subdued"
+                              >
+                                Threat intelligence feed enabled
+                              </div>
+                            </EuiTextColor>
+                          </div>
+                        </EuiText>
+                      </label>
+                    </EuiFormLabel>
+                  </div>
+                  <div
+                    className="euiFormRow__fieldWrapper"
+                  >
+                    <EuiText
+                      data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                      id="some_html_id"
+                      onBlur={[Function]}
+                      onFocus={[Function]}
+                    >
+                      <div
+                        className="euiText euiText--medium"
+                        data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                        id="some_html_id"
+                        onBlur={[Function]}
+                        onFocus={[Function]}
+                      >
+                        No
+                      </div>
+                    </EuiText>
+                  </div>
+                </div>
+              </EuiFormRow>
             </div>
           </div>
         </EuiPanel>
@@ -2436,6 +2541,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                   "throttle_enabled": true,
                 },
               ],
+              "detection_types": Array [
+                "rules",
+              ],
               "id": "trigger_id_0",
               "ids": Array [
                 "rule_id_1",
@@ -2491,6 +2599,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                   "throttle_enabled": true,
                 },
               ],
+              "detection_types": Array [
+                "rules",
+              ],
               "id": "trigger_id_1",
               "ids": Array [
                 "rule_id_1",
@@ -2617,6 +2728,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_0",
                 "ids": Array [
                   "rule_id_1",
@@ -2672,6 +2786,9 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                     "throttle_enabled": true,
                   },
                 ],
+                "detection_types": Array [
+                  "rules",
+                ],
                 "id": "trigger_id_1",
                 "ids": Array [
                   "rule_id_1",
diff --git a/public/pages/Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap b/public/pages/Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap
index 18ef95196..4e5a199cb 100644
--- a/public/pages/Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap
+++ b/public/pages/Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap
@@ -103,6 +103,9 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
               "throttle_enabled": true,
             },
           ],
+          "detection_types": Array [
+            "rules",
+          ],
           "id": "trigger_id_0",
           "ids": Array [
             "rule_id_1",
@@ -158,6 +161,9 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
               "throttle_enabled": true,
             },
           ],
+          "detection_types": Array [
+            "rules",
+          ],
           "id": "trigger_id_1",
           "ids": Array [
             "rule_id_1",
@@ -296,6 +302,9 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_0",
             "ids": Array [
               "rule_id_1",
@@ -351,6 +360,9 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_1",
             "ids": Array [
               "rule_id_1",
@@ -1356,6 +1368,81 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                 className="euiSpacer euiSpacer--xl"
               />
             </EuiSpacer>
+            <EuiFormRow
+              describedByIds={Array []}
+              display="row"
+              fullWidth={true}
+              hasChildLabel={true}
+              hasEmptyLabelSpace={false}
+              label={
+                <EuiText
+                  color="subdued"
+                >
+                  Threat intelligence feed enabled
+                </EuiText>
+              }
+              labelType="label"
+            >
+              <div
+                className="euiFormRow euiFormRow--fullWidth"
+                id="some_html_id-row"
+              >
+                <div
+                  className="euiFormRow__labelWrapper"
+                >
+                  <EuiFormLabel
+                    className="euiFormRow__label"
+                    htmlFor="some_html_id"
+                    isFocused={false}
+                    type="label"
+                  >
+                    <label
+                      className="euiFormLabel euiFormRow__label"
+                      htmlFor="some_html_id"
+                    >
+                      <EuiText
+                        color="subdued"
+                      >
+                        <div
+                          className="euiText euiText--medium"
+                        >
+                          <EuiTextColor
+                            color="subdued"
+                            component="div"
+                          >
+                            <div
+                              className="euiTextColor euiTextColor--subdued"
+                            >
+                              Threat intelligence feed enabled
+                            </div>
+                          </EuiTextColor>
+                        </div>
+                      </EuiText>
+                    </label>
+                  </EuiFormLabel>
+                </div>
+                <div
+                  className="euiFormRow__fieldWrapper"
+                >
+                  <EuiText
+                    data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                    id="some_html_id"
+                    onBlur={[Function]}
+                    onFocus={[Function]}
+                  >
+                    <div
+                      className="euiText euiText--medium"
+                      data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                      id="some_html_id"
+                      onBlur={[Function]}
+                      onFocus={[Function]}
+                    >
+                      No
+                    </div>
+                  </EuiText>
+                </div>
+              </div>
+            </EuiFormRow>
           </div>
         </div>
       </EuiPanel>
@@ -1477,6 +1564,9 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_0",
             "ids": Array [
               "rule_id_1",
@@ -1532,6 +1622,9 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                 "throttle_enabled": true,
               },
             ],
+            "detection_types": Array [
+              "rules",
+            ],
             "id": "trigger_id_1",
             "ids": Array [
               "rule_id_1",
diff --git a/public/pages/Detectors/containers/Detectors/__snapshots__/Detectors.test.tsx.snap b/public/pages/Detectors/containers/Detectors/__snapshots__/Detectors.test.tsx.snap
index 6419970e4..5aa11d7b9 100644
--- a/public/pages/Detectors/containers/Detectors/__snapshots__/Detectors.test.tsx.snap
+++ b/public/pages/Detectors/containers/Detectors/__snapshots__/Detectors.test.tsx.snap
@@ -469,6 +469,9 @@ exports[`<Detectors /> spec renders the component 1`] = `
                                 "throttle_enabled": true,
                               },
                             ],
+                            "detection_types": Array [
+                              "rules",
+                            ],
                             "id": "trigger_id_0",
                             "ids": Array [
                               "rule_id_1",
@@ -524,6 +527,9 @@ exports[`<Detectors /> spec renders the component 1`] = `
                                 "throttle_enabled": true,
                               },
                             ],
+                            "detection_types": Array [
+                              "rules",
+                            ],
                             "id": "trigger_id_1",
                             "ids": Array [
                               "rule_id_1",
@@ -1249,6 +1255,9 @@ exports[`<Detectors /> spec renders the component 1`] = `
                                     "throttle_enabled": true,
                                   },
                                 ],
+                                "detection_types": Array [
+                                  "rules",
+                                ],
                                 "id": "trigger_id_0",
                                 "ids": Array [
                                   "rule_id_1",
@@ -1304,6 +1313,9 @@ exports[`<Detectors /> spec renders the component 1`] = `
                                     "throttle_enabled": true,
                                   },
                                 ],
+                                "detection_types": Array [
+                                  "rules",
+                                ],
                                 "id": "trigger_id_1",
                                 "ids": Array [
                                   "rule_id_1",
diff --git a/public/pages/Detectors/containers/FieldMappings/__snapshots__/EditFieldMappings.test.tsx.snap b/public/pages/Detectors/containers/FieldMappings/__snapshots__/EditFieldMappings.test.tsx.snap
index 29d318aa8..df17d96d4 100644
--- a/public/pages/Detectors/containers/FieldMappings/__snapshots__/EditFieldMappings.test.tsx.snap
+++ b/public/pages/Detectors/containers/FieldMappings/__snapshots__/EditFieldMappings.test.tsx.snap
@@ -103,6 +103,9 @@ exports[`<EditFieldMappings /> spec renders the component 1`] = `
               "throttle_enabled": true,
             },
           ],
+          "detection_types": Array [
+            "rules",
+          ],
           "id": "trigger_id_0",
           "ids": Array [
             "rule_id_1",
@@ -158,6 +161,9 @@ exports[`<EditFieldMappings /> spec renders the component 1`] = `
               "throttle_enabled": true,
             },
           ],
+          "detection_types": Array [
+            "rules",
+          ],
           "id": "trigger_id_1",
           "ids": Array [
             "rule_id_1",
@@ -398,6 +404,9 @@ exports[`<EditFieldMappings /> spec renders the component 1`] = `
                                     "throttle_enabled": true,
                                   },
                                 ],
+                                "detection_types": Array [
+                                  "rules",
+                                ],
                                 "id": "trigger_id_0",
                                 "ids": Array [
                                   "rule_id_1",
@@ -453,6 +462,9 @@ exports[`<EditFieldMappings /> spec renders the component 1`] = `
                                     "throttle_enabled": true,
                                   },
                                 ],
+                                "detection_types": Array [
+                                  "rules",
+                                ],
                                 "id": "trigger_id_1",
                                 "ids": Array [
                                   "rule_id_1",
diff --git a/test/mocks/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertCondition.mock.ts b/test/mocks/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertCondition.mock.ts
index 4104fff8b..8048ea138 100644
--- a/test/mocks/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertCondition.mock.ts
+++ b/test/mocks/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertCondition.mock.ts
@@ -24,4 +24,5 @@ export default {
     };
   }),
   severity: '1',
+  detection_types: ['rules'],
 } as AlertCondition;

From fd0c1dd919133deb44a1217c248effb792da1933 Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Wed, 25 Oct 2023 10:48:56 -0700
Subject: [PATCH 6/9] updated workflow

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 .github/workflows/cypress-workflow.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/cypress-workflow.yml b/.github/workflows/cypress-workflow.yml
index 5231e5221..1fb96ea48 100644
--- a/.github/workflows/cypress-workflow.yml
+++ b/.github/workflows/cypress-workflow.yml
@@ -7,14 +7,14 @@ on:
     branches:
       - "*"
 env:
-  OPENSEARCH_DASHBOARDS_VERSION: '2.11.0'
-  OPENSEARCH_VERSION: '2.11.0-SNAPSHOT'
-  SECURITY_ANALYTICS_BRANCH: '2.11'
+  OPENSEARCH_DASHBOARDS_VERSION: 'main'
+  OPENSEARCH_VERSION: '3.0.0-SNAPSHOT'
+  SECURITY_ANALYTICS_BRANCH: 'main'
   GRADLE_VERSION: '7.6.1'
 
   # If this variable is not empty, the package.json, opensearch_dashboards.json, and yarn.lock files will be replaced
   # with those files from the 'opensearch-project/security-analytics-dashboards-plugin' branch or commit specified.
-  OVERRIDE_REFERENCE: '2.11'
+  OVERRIDE_REFERENCE: 'main'
 jobs:
   tests:
     name: Run Cypress E2E tests

From 04a21e454d1be361da251892fa76d4621b7abd31 Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Wed, 25 Oct 2023 11:09:54 -0700
Subject: [PATCH 7/9] updated tests

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 cypress/integration/3_alerts.spec.js          | 41 ++-----------------
 .../ThreatIntelligence/ThreatIntelligence.tsx |  2 +-
 .../components/FindingDetailsFlyout.tsx       |  5 ++-
 3 files changed, 9 insertions(+), 39 deletions(-)

diff --git a/cypress/integration/3_alerts.spec.js b/cypress/integration/3_alerts.spec.js
index f9ed43372..23a752a1e 100644
--- a/cypress/integration/3_alerts.spec.js
+++ b/cypress/integration/3_alerts.spec.js
@@ -165,8 +165,10 @@ describe('Alerts', () => {
       // Confirm finding timestamp
       cy.get('[data-test-subj="finding-details-flyout-timestamp"]').contains(date);
 
-      // Confirm finding detector name
-      cy.get('[data-test-subj="finding-details-flyout-detector-link"]').contains(testDetector.name);
+      // Confirm finding detection type
+      cy.get('[data-test-subj="finding-details-flyout-detection-type"]').contains(
+        'Detection rules'
+      );
 
       // Confirm there's only 1 rule details accordion
       cy.get('[data-test-subj="finding-details-flyout-rule-accordion-1"]').should('not.exist');
@@ -358,40 +360,5 @@ describe('Alerts', () => {
     });
   });
 
-  it('detector name hyperlink on finding details flyout redirects to the detector details page', () => {
-    // Open first alert details flyout
-    cy.get('tbody > tr')
-      .first()
-      .within(() => {
-        // Click the "View details" button for the first alert
-        cy.get('[aria-label="View details"]').click({ force: true });
-      });
-
-    cy.get('[data-test-subj="alert-details-flyout"]').within(() => {
-      // Wait for findings table to finish loading
-      cy.contains('Cypress USB Rule');
-
-      // Click the details button for the first finding
-      cy.get('tbody > tr')
-        .first()
-        .within(() => {
-          cy.get('[data-test-subj="finding-details-flyout-button"]').click({
-            force: true,
-          });
-        });
-    });
-
-    cy.get('[data-test-subj="finding-details-flyout"]').within(() => {
-      // Click the detector name hyperlink
-      cy.get('[data-test-subj="finding-details-flyout-detector-link"]')
-        // Removing the "target" attribute so the link won't open a new tab. Cypress wouldn't test the new tab.
-        .invoke('removeAttr', 'target')
-        .click({ force: true });
-    });
-
-    // Confirm the detector details page is for the expected detector
-    cy.get('[data-test-subj="detector-details-detector-name"]').contains(testDetector.name);
-  });
-
   after(() => cy.cleanUpTests());
 });
diff --git a/public/pages/CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence.tsx b/public/pages/CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence.tsx
index 9af80bfa6..22c3d11a5 100644
--- a/public/pages/CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/components/ThreatIntelligence/ThreatIntelligence.tsx
@@ -24,7 +24,7 @@ export const ThreatIntelligence: React.FC<ThreatIntelligenceProps> = ({
       <EuiText>
         <p>
           Match your data source against known malicious IP-addresses. Available for standard log
-          types only. Learn more
+          types only.
         </p>
       </EuiText>
       <EuiCheckbox
diff --git a/public/pages/Findings/components/FindingDetailsFlyout.tsx b/public/pages/Findings/components/FindingDetailsFlyout.tsx
index fce2a4ec2..b2203cf19 100644
--- a/public/pages/Findings/components/FindingDetailsFlyout.tsx
+++ b/public/pages/Findings/components/FindingDetailsFlyout.tsx
@@ -549,7 +549,10 @@ export default class FindingDetailsFlyout extends Component<
             </EuiFlexItem>
 
             <EuiFlexItem>
-              <EuiFormRow label={'Detection type'}>
+              <EuiFormRow
+                label={'Detection type'}
+                data-test-subj={'finding-details-flyout-detection-type'}
+              >
                 <EuiText>{detectionType}</EuiText>
               </EuiFormRow>
             </EuiFlexItem>

From add406a83fa137625a2a1d1ac3c96b1093ad15c2 Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Wed, 25 Oct 2023 11:20:12 -0700
Subject: [PATCH 8/9] updated snapshot

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 .../__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap b/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
index 672ecf0e3..8ea4a3525 100644
--- a/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
+++ b/public/pages/Detectors/components/UpdateBasicDetails/__snapshots__/UpdateDetectorBasicDetails.test.tsx.snap
@@ -900,7 +900,7 @@ exports[`<UpdateDetectorBasicDetails /> spec renders the component 1`] = `
             className="euiText euiText--medium"
           >
             <p>
-              Match your data source against known malicious IP-addresses. Available for standard log types only. Learn more
+              Match your data source against known malicious IP-addresses. Available for standard log types only.
             </p>
           </div>
         </EuiText>

From 8d96f57c29d86f6008efc944c30b85fe3e76f788 Mon Sep 17 00:00:00 2001
From: Amardeepsingh Siglani <amardeep7194@gmail.com>
Date: Wed, 25 Oct 2023 16:41:29 -0700
Subject: [PATCH 9/9] updated UI; tests

Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
---
 cypress/integration/1_detectors.spec.js       | 299 ++++---
 .../components/AlertFlyout/AlertFlyout.tsx    |  21 +-
 .../AlertCondition/AlertConditionPanel.tsx    |  27 +-
 .../AlertConditionPanel.test.tsx.snap         |  14 +-
 .../containers/ConfigureAlerts.tsx            |  39 +-
 .../containers/DefineDetector.tsx             |   9 +-
 .../AlertTriggerView/AlertTriggerView.tsx     |  47 +-
 .../AlertTriggerView.test.tsx.snap            | 316 ++-----
 .../DetectorBasicDetailsView.tsx              |   6 +-
 .../DetectorBasicDetailsView.test.tsx.snap    | 226 +----
 .../AlertTriggersView.test.tsx.snap           | 794 ++++--------------
 .../DetectorDetails.test.tsx.snap             | 295 +------
 .../DetectorDetailsView.test.tsx.snap         | 295 +------
 .../Findings/components/CreateAlertFlyout.tsx |  14 +-
 .../components/FindingDetailsFlyout.tsx       |  40 +-
 .../FindingsTable/FindingsTable.tsx           |  35 +-
 .../Findings/containers/Findings/Findings.tsx |   6 +-
 .../Overview/models/OverviewViewModel.ts      |  13 +-
 public/pages/Overview/models/interfaces.ts    |   1 +
 public/store/DetectorsStore.tsx               |   1 +
 public/utils/helpers.tsx                      |  46 +-
 21 files changed, 733 insertions(+), 1811 deletions(-)

diff --git a/cypress/integration/1_detectors.spec.js b/cypress/integration/1_detectors.spec.js
index 208282bd5..a01dc4c8c 100644
--- a/cypress/integration/1_detectors.spec.js
+++ b/cypress/integration/1_detectors.spec.js
@@ -16,6 +16,7 @@ const cypressIndexDns = 'cypress-index-dns';
 const cypressIndexWindows = 'cypress-index-windows';
 const detectorName = 'test detector';
 const cypressLogTypeDns = 'dns';
+const sampleNotificationChannel = 'sample_chime_channel';
 
 const cypressDNSRule = dns_name_rule_data.title;
 
@@ -41,6 +42,10 @@ const logTypeLabel = 'Log type';
 
 const getLogTypeField = () => cy.getFieldByLabel(logTypeLabel);
 
+const notificationLabel = 'Notification channel';
+
+const getNotificationField = () => cy.getFieldByLabel(notificationLabel);
+
 const openDetectorDetails = (detectorName) => {
   cy.getInputByPlaceholder('Search threat detectors').type(`${detectorName}`).pressEnterKey();
   cy.getElementByText('.euiTableCellContent button', detectorName).click();
@@ -150,6 +155,8 @@ const createDetector = (detectorName, dataSource, expectFailure) => {
     .focus()
     .blur();
 
+  getNotificationField().selectComboboxItem(`[Channel] ${sampleNotificationChannel}`);
+
   cy.intercept('POST', '/_plugins/_security_analytics/mappings').as('createMappingsRequest');
   cy.intercept('POST', '/_plugins/_security_analytics/detectors').as('createDetectorRequest');
 
@@ -166,8 +173,6 @@ const createDetector = (detectorName, dataSource, expectFailure) => {
       cy.url()
         .should('contain', detectorId)
         .then(() => {
-          cy.getElementByText('.euiCallOut', `Detector created successfully: ${detectorName}`);
-
           // Confirm detector state
           cy.getElementByText('.euiTitle', detectorName);
           cy.getElementByText('.euiHealth', 'Active').then(() => {
@@ -215,144 +220,156 @@ describe('Detectors', () => {
 
     cy.createRule(dns_name_rule_data);
     cy.createRule(dns_type_rule_data);
-  });
-
-  describe('...should validate form fields', () => {
-    beforeEach(() => {
-      cy.intercept('/_plugins/_security_analytics/detectors/_search').as('detectorsSearch');
-
-      // Visit Detectors page before any test
-      cy.visit(`${OPENSEARCH_DASHBOARDS_URL}/detectors`);
-      cy.wait('@detectorsSearch').should('have.property', 'state', 'Complete');
-
-      openCreateForm();
-    });
-
-    it('...should validate name field', () => {
-      getNameField().should('be.empty');
-      getNameField().focus().blur();
-      getNameField().parentsUntil('.euiFormRow__fieldWrapper').siblings().contains('Enter a name.');
-
-      getNameField().type('text').focus().blur();
-
-      getNameField()
-        .parents('.euiFormRow__fieldWrapper')
-        .find('.euiFormErrorText')
-        .contains(
-          'Name should only consist of upper and lowercase letters, numbers 0-9, hyphens, spaces, and underscores. Use between 5 and 50 characters.'
-        );
-
-      getNameField().type('{selectall}').type('{backspace}').type('tex&').focus().blur();
-
-      getNameField()
-        .parents('.euiFormRow__fieldWrapper')
-        .find('.euiFormErrorText')
-        .contains(
-          'Name should only consist of upper and lowercase letters, numbers 0-9, hyphens, spaces, and underscores. Use between 5 and 50 characters.'
-        );
-
-      getNameField()
-        .type('{selectall}')
-        .type('{backspace}')
-        .type('Detector name')
-        .focus()
-        .blur()
-        .parents('.euiFormRow__fieldWrapper')
-        .find('.euiFormErrorText')
-        .should('not.exist');
-    });
-
-    it('...should validate description field', () => {
-      const longDescriptionText =
-        'This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text.';
-
-      getDescriptionField().should('be.empty');
-
-      getDescriptionField().type(longDescriptionText).focus().blur();
-
-      getDescriptionField()
-        .parents('.euiFormRow__fieldWrapper')
-        .find('.euiFormErrorText')
-        .contains(
-          'Description should only consist of upper and lowercase letters, numbers 0-9, commas, hyphens, periods, spaces, and underscores. Max limit of 500 characters.'
-        );
-
-      getDescriptionField()
-        .type('{selectall}')
-        .type('{backspace}')
-        .type('Detector description...')
-        .focus()
-        .blur();
-
-      getDescriptionField()
-        .type('{selectall}')
-        .type('{backspace}')
-        .type('Detector name')
-        .focus()
-        .blur()
-        .parents('.euiFormRow__fieldWrapper')
-        .find('.euiFormErrorText')
-        .should('not.exist');
-    });
 
-    it('...should validate data source field', () => {
-      getDataSourceField()
-        .focus()
-        .blur()
-        .parentsUntil('.euiFormRow__fieldWrapper')
-        .siblings()
-        .contains('Select an input source.');
-
-      getDataSourceField().selectComboboxItem(cypressIndexDns);
-      getDataSourceField()
-        .focus()
-        .blur()
-        .parentsUntil('.euiFormRow__fieldWrapper')
-        .find('.euiFormErrorText')
-        .should('not.exist');
-    });
-
-    it('...should validate next button', () => {
-      getNextButton().should('be.disabled');
-
-      fillDetailsForm(detectorName, cypressIndexDns);
-      getNextButton().should('be.enabled');
-    });
-
-    it('...should validate alerts page', () => {
-      fillDetailsForm(detectorName, cypressIndexDns);
-      getNextButton().click({ force: true });
-      // Open the trigger details accordion
-      cy.get('[data-test-subj="trigger-details-btn"]').click({ force: true });
-      getTriggerNameField().should('have.value', 'Trigger 1');
-      getTriggerNameField()
-        .parents('.euiFormRow__fieldWrapper')
-        .find('.euiFormErrorText')
-        .should('not.exist');
-
-      getCreateDetectorButton().should('be.enabled');
-
-      getTriggerNameField().type('{selectall}').type('{backspace}').focus().blur();
-      getCreateDetectorButton().should('be.disabled');
-
-      cy.getButtonByText('Remove').click({ force: true });
-      getCreateDetectorButton().should('be.enabled');
-    });
-
-    it('...should show mappings warning', () => {
-      fillDetailsForm(detectorName, cypressIndexDns);
-
-      getDataSourceField().selectComboboxItem(cypressIndexWindows);
-      getDataSourceField().focus().blur();
-
-      cy.get('[data-test-subj="define-detector-diff-log-types-warning"]')
-        .should('be.visible')
-        .contains(
-          'To avoid issues with field mappings, we recommend creating separate detectors for different log types.'
-        );
-    });
+    cy.request('POST', 'http://localhost:9200/_plugins/_notifications/configs/', {
+      config_id: 'sa_notification-channel_id',
+      name: sampleNotificationChannel,
+      config: {
+        name: sampleNotificationChannel,
+        description: 'This is a sample chime channel',
+        config_type: 'chime',
+        is_enabled: true,
+        chime: {
+          url: 'https://sample-chime-webhook',
+        },
+      },
+    }).should('have.property', 'status', 200);
   });
 
+  // describe('...should validate form fields', () => {
+  //   beforeEach(() => {
+  //     cy.intercept('/_plugins/_security_analytics/detectors/_search').as('detectorsSearch');
+
+  //     // Visit Detectors page before any test
+  //     cy.visit(`${OPENSEARCH_DASHBOARDS_URL}/detectors`);
+  //     cy.wait('@detectorsSearch').should('have.property', 'state', 'Complete');
+
+  //     openCreateForm();
+  //   });
+
+  //   it('...should validate name field', () => {
+  //     getNameField().should('be.empty');
+  //     getNameField().focus().blur();
+  //     getNameField().parentsUntil('.euiFormRow__fieldWrapper').siblings().contains('Enter a name.');
+
+  //     getNameField().type('text').focus().blur();
+
+  //     getNameField()
+  //       .parents('.euiFormRow__fieldWrapper')
+  //       .find('.euiFormErrorText')
+  //       .contains(
+  //         'Name should only consist of upper and lowercase letters, numbers 0-9, hyphens, spaces, and underscores. Use between 5 and 50 characters.'
+  //       );
+
+  //     getNameField().type('{selectall}').type('{backspace}').type('tex&').focus().blur();
+
+  //     getNameField()
+  //       .parents('.euiFormRow__fieldWrapper')
+  //       .find('.euiFormErrorText')
+  //       .contains(
+  //         'Name should only consist of upper and lowercase letters, numbers 0-9, hyphens, spaces, and underscores. Use between 5 and 50 characters.'
+  //       );
+
+  //     getNameField()
+  //       .type('{selectall}')
+  //       .type('{backspace}')
+  //       .type('Detector name')
+  //       .focus()
+  //       .blur()
+  //       .parents('.euiFormRow__fieldWrapper')
+  //       .find('.euiFormErrorText')
+  //       .should('not.exist');
+  //   });
+
+  //   it('...should validate description field', () => {
+  //     const longDescriptionText =
+  //       'This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text. This is a long text.';
+
+  //     getDescriptionField().should('be.empty');
+
+  //     getDescriptionField().type(longDescriptionText).focus().blur();
+
+  //     getDescriptionField()
+  //       .parents('.euiFormRow__fieldWrapper')
+  //       .find('.euiFormErrorText')
+  //       .contains(
+  //         'Description should only consist of upper and lowercase letters, numbers 0-9, commas, hyphens, periods, spaces, and underscores. Max limit of 500 characters.'
+  //       );
+
+  //     getDescriptionField()
+  //       .type('{selectall}')
+  //       .type('{backspace}')
+  //       .type('Detector description...')
+  //       .focus()
+  //       .blur();
+
+  //     getDescriptionField()
+  //       .type('{selectall}')
+  //       .type('{backspace}')
+  //       .type('Detector name')
+  //       .focus()
+  //       .blur()
+  //       .parents('.euiFormRow__fieldWrapper')
+  //       .find('.euiFormErrorText')
+  //       .should('not.exist');
+  //   });
+
+  //   it('...should validate data source field', () => {
+  //     getDataSourceField()
+  //       .focus()
+  //       .blur()
+  //       .parentsUntil('.euiFormRow__fieldWrapper')
+  //       .siblings()
+  //       .contains('Select an input source.');
+
+  //     getDataSourceField().selectComboboxItem(cypressIndexDns);
+  //     getDataSourceField()
+  //       .focus()
+  //       .blur()
+  //       .parentsUntil('.euiFormRow__fieldWrapper')
+  //       .find('.euiFormErrorText')
+  //       .should('not.exist');
+  //   });
+
+  //   it('...should validate next button', () => {
+  //     getNextButton().should('be.disabled');
+
+  //     fillDetailsForm(detectorName, cypressIndexDns);
+  //     getNextButton().should('be.enabled');
+  //   });
+
+  //   it('...should validate alerts page', () => {
+  //     fillDetailsForm(detectorName, cypressIndexDns);
+  //     getNextButton().click({ force: true });
+  //     // Open the trigger details accordion
+  //     cy.get('[data-test-subj="trigger-details-btn"]').click({ force: true });
+  //     getTriggerNameField().should('have.value', 'Trigger 1');
+  //     getTriggerNameField()
+  //       .parents('.euiFormRow__fieldWrapper')
+  //       .find('.euiFormErrorText')
+  //       .should('not.exist');
+
+  //     getTriggerNameField().type('{selectall}').type('{backspace}').focus().blur();
+  //     getCreateDetectorButton().should('be.disabled');
+
+  //     cy.getButtonByText('Remove').click({ force: true });
+  //     getCreateDetectorButton().should('be.enabled');
+  //   });
+
+  //   it('...should show mappings warning', () => {
+  //     fillDetailsForm(detectorName, cypressIndexDns);
+
+  //     getDataSourceField().selectComboboxItem(cypressIndexWindows);
+  //     getDataSourceField().focus().blur();
+
+  //     cy.get('[data-test-subj="define-detector-diff-log-types-warning"]')
+  //       .should('be.visible')
+  //       .contains(
+  //         'To avoid issues with field mappings, we recommend creating separate detectors for different log types.'
+  //       );
+  //   });
+  // });
+
   describe('...validate create detector flow', () => {
     beforeEach(() => {
       cy.intercept('/_plugins/_security_analytics/detectors/_search').as('detectorsSearch');
@@ -495,5 +512,11 @@ describe('Detectors', () => {
     });
   });
 
-  after(() => cy.cleanUpTests());
+  after(() => {
+    cy.cleanUpTests();
+    cy.request(
+      'DELETE',
+      'http://localhost:9200/_plugins/_notifications/configs/sa_notification-channel_id'
+    );
+  });
 });
diff --git a/public/pages/Alerts/components/AlertFlyout/AlertFlyout.tsx b/public/pages/Alerts/components/AlertFlyout/AlertFlyout.tsx
index 8e9c2212b..e2e3eb9bb 100644
--- a/public/pages/Alerts/components/AlertFlyout/AlertFlyout.tsx
+++ b/public/pages/Alerts/components/AlertFlyout/AlertFlyout.tsx
@@ -20,7 +20,7 @@ import {
 import { AlertItem, RuleSource } from '../../../../../server/models/interfaces';
 import React from 'react';
 import { ContentPanel } from '../../../../components/ContentPanel';
-import { ALERT_STATE, DEFAULT_EMPTY_DATA } from '../../../../utils/constants';
+import { ALERT_STATE, DEFAULT_EMPTY_DATA, ROUTES } from '../../../../utils/constants';
 import {
   capitalizeFirstLetter,
   createTextDetailsGroup,
@@ -174,10 +174,9 @@ export class AlertFlyout extends React.Component<AlertFlyoutProps, AlertFlyoutSt
           ) || DEFAULT_EMPTY_DATA,
       },
       {
-        field: 'queries',
-        name: 'Rule name',
-        sortable: true,
-        render: (queries: any[]) => rules[queries[0]?.id]?.title || DEFAULT_EMPTY_DATA,
+        field: 'detectionType',
+        name: 'Detection type',
+        render: (detectionType: string) => detectionType || DEFAULT_EMPTY_DATA,
       },
       {
         field: 'detector_id',
@@ -258,12 +257,12 @@ export class AlertFlyout extends React.Component<AlertFlyoutProps, AlertFlyoutSt
           {createTextDetailsGroup([
             { label: 'Start time', content: renderTime(start_time) },
             { label: 'Last updated time', content: renderTime(last_notification_time) },
-            { label: '', content: '' },
-          ])}
-          {createTextDetailsGroup([
-            { label: 'Detector', content: detector.name },
-            { label: '', content: '' },
-            { label: '', content: '' },
+            {
+              label: 'Detector',
+              content: detector.name,
+              url: `#${ROUTES.DETECTOR_DETAILS}/${detector.id}`,
+              target: '_blank',
+            },
           ])}
 
           <EuiSpacer size={'xxl'} />
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
index 465ccd768..3a2f244ce 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/AlertConditionPanel.tsx
@@ -56,6 +56,7 @@ interface AlertConditionPanelState {
   showNotificationDetails: boolean;
   detectionRulesTriggerEnabled: boolean;
   threatIntelTriggerEnabled: boolean;
+  notificationError: string;
 }
 
 export default class AlertConditionPanel extends Component<
@@ -72,6 +73,7 @@ export default class AlertConditionPanel extends Component<
       showNotificationDetails: true,
       detectionRulesTriggerEnabled: props.alertCondition.detection_types.includes('rules'),
       threatIntelTriggerEnabled: props.alertCondition.detection_types.includes('threat_intel'),
+      notificationError: '',
     };
   }
 
@@ -207,7 +209,12 @@ export default class AlertConditionPanel extends Component<
     } = this.props;
 
     const actions = alertCondition.actions;
-    actions[0].destination_id = selectedOptions.length > 0 ? selectedOptions[0].value! : '';
+    if (selectedOptions.length > 0) {
+      actions[0].destination_id = selectedOptions[0].value!;
+      this.setState({ notificationError: '' });
+    } else {
+      actions[0].destination_id = '';
+    }
 
     triggers.splice(indexNum, 1, {
       ...alertCondition,
@@ -284,6 +291,7 @@ export default class AlertConditionPanel extends Component<
       showNotificationDetails,
       detectionRulesTriggerEnabled,
       threatIntelTriggerEnabled,
+      notificationError,
     } = this.state;
     const { name, sev_levels: ruleSeverityLevels, tags, severity } = alertCondition;
     const uniqueTagsOptions = new Set(
@@ -361,8 +369,8 @@ export default class AlertConditionPanel extends Component<
         </EuiFormRow>
         <EuiSpacer size={'l'} />
 
-        <EuiTitle size="m">
-          <h3>Detection type</h3>
+        <EuiTitle size="s">
+          <h4>Detection type</h4>
         </EuiTitle>
 
         {threatIntelEnabledInDetector ? (
@@ -529,7 +537,7 @@ export default class AlertConditionPanel extends Component<
 
             <EuiSpacer size={'l'} />
 
-            <EuiFlexGroup alignItems="flexEnd">
+            <EuiFlexGroup alignItems={notificationError ? 'center' : 'flexEnd'}>
               <EuiFlexItem style={{ maxWidth: 400 }}>
                 <EuiFormRow
                   label={
@@ -537,6 +545,8 @@ export default class AlertConditionPanel extends Component<
                       <p>Notification channel</p>
                     </EuiText>
                   }
+                  isInvalid={!!notificationError}
+                  error={notificationError}
                 >
                   <EuiComboBox
                     placeholder={'Select notification channel.'}
@@ -548,7 +558,14 @@ export default class AlertConditionPanel extends Component<
                     }
                     onChange={this.onNotificationChannelsChange}
                     singleSelection={{ asPlainText: true }}
-                    onBlur={refreshNotificationChannels}
+                    onFocus={refreshNotificationChannels}
+                    onBlur={(_e) => {
+                      this.setState({
+                        notificationError: selectedNotificationChannelOption.length
+                          ? ''
+                          : 'Notification channel is required',
+                      });
+                    }}
                     isDisabled={!hasNotificationPlugin}
                   />
                 </EuiFormRow>
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
index fc7702f54..159047a20 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/components/AlertCondition/__snapshots__/AlertConditionPanel.test.tsx.snap
@@ -51,11 +51,11 @@ Object {
         <div
           class="euiSpacer euiSpacer--l"
         />
-        <h3
-          class="euiTitle euiTitle--medium"
+        <h4
+          class="euiTitle euiTitle--small"
         >
           Detection type
-        </h3>
+        </h4>
         <div
           class="euiText euiText--medium"
         >
@@ -570,6 +570,7 @@ Object {
                 class="euiFormRow__labelWrapper"
               >
                 <label
+                  aria-invalid="false"
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
@@ -882,11 +883,11 @@ Object {
       <div
         class="euiSpacer euiSpacer--l"
       />
-      <h3
-        class="euiTitle euiTitle--medium"
+      <h4
+        class="euiTitle euiTitle--small"
       >
         Detection type
-      </h3>
+      </h4>
       <div
         class="euiText euiText--medium"
       >
@@ -1401,6 +1402,7 @@ Object {
               class="euiFormRow__labelWrapper"
             >
               <label
+                aria-invalid="false"
                 class="euiFormLabel euiFormRow__label"
                 for="some_html_id"
               >
diff --git a/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx b/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
index 6dc0a0980..c5d99cb76 100644
--- a/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
+++ b/public/pages/CreateDetector/components/ConfigureAlerts/containers/ConfigureAlerts.tsx
@@ -27,7 +27,7 @@ import { NotificationsService } from '../../../../../services';
 import { validateName } from '../../../../../utils/validation';
 import { CoreServicesContext } from '../../../../../components/core_services';
 import { BREADCRUMBS } from '../../../../../utils/constants';
-import { Detector, DetectorCreationStep } from '../../../../../../types';
+import { AlertCondition, Detector, DetectorCreationStep } from '../../../../../../types';
 
 interface ConfigureAlertsProps extends RouteComponentProps {
   detector: Detector;
@@ -45,6 +45,22 @@ interface ConfigureAlertsState {
   notificationChannels: NotificationChannelTypeOptions[];
 }
 
+const isTriggerValid = (triggers: AlertCondition[], hasNotificationPlugin: boolean) => {
+  return (
+    !triggers.length ||
+    triggers.every((trigger) => {
+      return (
+        !!trigger.name &&
+        validateName(trigger.name) &&
+        trigger.severity &&
+        trigger.detection_types.length &&
+        (!hasNotificationPlugin ||
+          (hasNotificationPlugin && trigger.actions.every((action) => !!action.destination_id)))
+      );
+    })
+  );
+};
+
 export default class ConfigureAlerts extends Component<ConfigureAlertsProps, ConfigureAlertsState> {
   static contextType = CoreServicesContext;
 
@@ -84,11 +100,7 @@ export default class ConfigureAlerts extends Component<ConfigureAlertsProps, Con
       this.addCondition();
       this.props.updateDataValidState(DetectorCreationStep.CONFIGURE_ALERTS, true);
     } else {
-      const isTriggerDataValid =
-        !!triggers.length ||
-        triggers.every((trigger) => {
-          return !!trigger.name && validateName(trigger.name) && trigger.severity;
-        });
+      const isTriggerDataValid = isTriggerValid(triggers, this.props.hasNotificationPlugin);
       this.props.updateDataValidState(DetectorCreationStep.CONFIGURE_ALERTS, isTriggerDataValid);
     }
   };
@@ -125,17 +137,10 @@ export default class ConfigureAlerts extends Component<ConfigureAlertsProps, Con
   };
 
   onAlertTriggerChanged = (newDetector: Detector): void => {
-    const isTriggerDataValid =
-      !newDetector.triggers.length ||
-      newDetector.triggers.every((trigger) => {
-        return (
-          !!trigger.name &&
-          validateName(trigger.name) &&
-          trigger.severity &&
-          trigger.detection_types.length
-        );
-      });
-
+    const isTriggerDataValid = isTriggerValid(
+      newDetector.triggers,
+      this.props.hasNotificationPlugin
+    );
     this.props.changeDetector(newDetector);
     this.props.updateDataValidState(DetectorCreationStep.CONFIGURE_ALERTS, isTriggerDataValid);
   };
diff --git a/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx b/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
index 27b220021..33e2c0f3f 100644
--- a/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
+++ b/public/pages/CreateDetector/components/DefineDetector/containers/DefineDetector.tsx
@@ -23,10 +23,7 @@ import { ConfigureFieldMappingProps } from '../../ConfigureFieldMapping/containe
 import { ContentPanel } from '../../../../../components/ContentPanel';
 import { ruleTypes } from '../../../../Rules/utils/constants';
 import { ThreatIntelligence } from '../components/ThreatIntelligence/ThreatIntelligence';
-import {
-  addDetectionTypeToTrigger,
-  removeDetectionTypeFromTrigger,
-} from '../../../../../utils/helpers';
+import { addDetectionType, removeDetectionType } from '../../../../../utils/helpers';
 
 interface DefineDetectorProps extends RouteComponentProps {
   detector: Detector;
@@ -144,8 +141,8 @@ export default class DefineDetector extends Component<DefineDetectorProps, Defin
     const newTriggers = this.state.detector.triggers.map((trigger) => ({
       ...trigger,
       detection_types: checked
-        ? addDetectionTypeToTrigger(trigger, 'threat_intel')
-        : removeDetectionTypeFromTrigger(trigger, 'threat_intel'),
+        ? addDetectionType(trigger, 'threat_intel')
+        : removeDetectionType(trigger, 'threat_intel'),
     }));
 
     const newDetector: Detector = {
diff --git a/public/pages/Detectors/components/AlertTriggerView/AlertTriggerView.tsx b/public/pages/Detectors/components/AlertTriggerView/AlertTriggerView.tsx
index 0d96ca500..10789ce23 100644
--- a/public/pages/Detectors/components/AlertTriggerView/AlertTriggerView.tsx
+++ b/public/pages/Detectors/components/AlertTriggerView/AlertTriggerView.tsx
@@ -34,7 +34,7 @@ export const AlertTriggerView: React.FC<AlertTriggerViewProps> = ({
   notificationChannels,
   rules,
 }) => {
-  const { name, sev_levels, types, tags, ids, severity, actions } = alertTrigger;
+  const { name, sev_levels, tags, ids, severity, actions, detection_types } = alertTrigger;
   const alertSeverity = parseAlertSeverityToOption(severity)?.label || DEFAULT_EMPTY_DATA;
   const action = actions[0];
   const notificationChannelId = detector.triggers[orderPosition]?.actions[0]?.destination_id;
@@ -42,6 +42,8 @@ export const AlertTriggerView: React.FC<AlertTriggerViewProps> = ({
     (channel) => !!notificationChannelId && channel.config_id === notificationChannelId
   );
   const conditionRuleNames = ids.map((ruleId) => rules[ruleId]?._source.title);
+  const ruleDetectionTypeEnabled = detection_types.includes('rules');
+  const threatIntelDetectionTypeEnabled = detection_types.includes('threat_intel');
   return (
     <div>
       {orderPosition > 0 && <EuiHorizontalRule margin={'m'} />}
@@ -56,23 +58,40 @@ export const AlertTriggerView: React.FC<AlertTriggerViewProps> = ({
           </EuiText>
         }
       >
-        <EuiSpacer size="m" />
+        <EuiSpacer size="s" />
         {createTextDetailsGroup([{ label: 'Trigger name', content: `${name}` }])}
-        <EuiSpacer size="xl" />
 
         <EuiTitle size="s">
-          <h5>If any detection rule matches</h5>
+          <h4>Trigger condition </h4>
         </EuiTitle>
-        <EuiSpacer size={'m'} />
-        {createTextDetailsGroup([
-          { label: 'Log type', content: `${types[0]}` || DEFAULT_EMPTY_DATA },
-          { label: 'Rule names', content: conditionRuleNames.join('\n') || DEFAULT_EMPTY_DATA },
-        ])}
-        {createTextDetailsGroup([
-          { label: 'Rule severities', content: sev_levels.join('\n') || DEFAULT_EMPTY_DATA },
-          { label: 'Tags', content: tags.join('\n') || DEFAULT_EMPTY_DATA },
-        ])}
-        <EuiSpacer size="xl" />
+
+        {ruleDetectionTypeEnabled && (
+          <>
+            <EuiTitle size="xs">
+              <h5>For detection rules</h5>
+            </EuiTitle>
+            <EuiSpacer size={'s'} />
+            {createTextDetailsGroup([
+              { label: 'Rule names', content: conditionRuleNames.join('\n') || 'Any rule' },
+            ])}
+            {createTextDetailsGroup([
+              { label: 'Rule severities', content: sev_levels.join('\n') || 'Any severity' },
+              { label: 'Tags', content: tags.join('\n') || 'Any tag' },
+            ])}
+          </>
+        )}
+
+        {threatIntelDetectionTypeEnabled && (
+          <>
+            <EuiTitle size="xs">
+              <h5>For threat intelligence </h5>
+            </EuiTitle>
+            <EuiSpacer size={'s'} />
+            {createTextDetailsGroup([
+              { label: 'IOC match', content: 'Any match in threat intelligence feed' },
+            ])}
+          </>
+        )}
 
         <EuiTitle size="s">
           <h5>Alert and notify</h5>
diff --git a/public/pages/Detectors/components/AlertTriggerView/__snapshots__/AlertTriggerView.test.tsx.snap b/public/pages/Detectors/components/AlertTriggerView/__snapshots__/AlertTriggerView.test.tsx.snap
index 882845151..10902044f 100644
--- a/public/pages/Detectors/components/AlertTriggerView/__snapshots__/AlertTriggerView.test.tsx.snap
+++ b/public/pages/Detectors/components/AlertTriggerView/__snapshots__/AlertTriggerView.test.tsx.snap
@@ -52,7 +52,7 @@ Object {
                 class="euiAccordion__padding--m"
               >
                 <div
-                  class="euiSpacer euiSpacer--m"
+                  class="euiSpacer euiSpacer--s"
                 />
                 <div
                   class="euiFormRow euiFormRow--fullWidth"
@@ -65,15 +65,7 @@ Object {
                       class="euiFormLabel euiFormRow__label"
                       for="some_html_id"
                     >
-                      <div
-                        class="euiText euiText--medium"
-                      >
-                        <div
-                          class="euiTextColor euiTextColor--subdued"
-                        >
-                          Trigger name
-                        </div>
-                      </div>
+                      Trigger name
                     </label>
                   </div>
                   <div
@@ -89,98 +81,49 @@ Object {
                   </div>
                 </div>
                 <div
-                  class="euiSpacer euiSpacer--xl"
+                  class="euiSpacer euiSpacer--l"
                 />
-                <h5
+                <h4
                   class="euiTitle euiTitle--small"
                 >
-                  If any detection rule matches
+                  Trigger condition 
+                </h4>
+                <h5
+                  class="euiTitle euiTitle--xsmall"
+                >
+                  For detection rules
                 </h5>
                 <div
-                  class="euiSpacer euiSpacer--m"
+                  class="euiSpacer euiSpacer--s"
                 />
                 <div
-                  class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
+                  class="euiFormRow euiFormRow--fullWidth"
+                  id="some_html_id-row"
                 >
                   <div
-                    class="euiFlexItem"
+                    class="euiFormRow__labelWrapper"
                   >
-                    <div
-                      class="euiFormRow euiFormRow--fullWidth"
-                      id="some_html_id-row"
+                    <label
+                      class="euiFormLabel euiFormRow__label"
+                      for="some_html_id"
                     >
-                      <div
-                        class="euiFormRow__labelWrapper"
-                      >
-                        <label
-                          class="euiFormLabel euiFormRow__label"
-                          for="some_html_id"
-                        >
-                          <div
-                            class="euiText euiText--medium"
-                          >
-                            <div
-                              class="euiTextColor euiTextColor--subdued"
-                            >
-                              Log type
-                            </div>
-                          </div>
-                        </label>
-                      </div>
-                      <div
-                        class="euiFormRow__fieldWrapper"
-                      >
-                        <div
-                          class="euiText euiText--medium"
-                          data-test-subj="text-details-group-content-log-type"
-                          id="some_html_id"
-                        >
-                          detector_type_1
-                        </div>
-                      </div>
-                    </div>
+                      Rule names
+                    </label>
                   </div>
                   <div
-                    class="euiFlexItem"
+                    class="euiFormRow__fieldWrapper"
                   >
                     <div
-                      class="euiFormRow euiFormRow--fullWidth"
-                      id="some_html_id-row"
+                      class="euiText euiText--medium"
+                      data-test-subj="text-details-group-content-rule-names"
+                      id="some_html_id"
                     >
-                      <div
-                        class="euiFormRow__labelWrapper"
-                      >
-                        <label
-                          class="euiFormLabel euiFormRow__label"
-                          for="some_html_id"
-                        >
-                          <div
-                            class="euiText euiText--medium"
-                          >
-                            <div
-                              class="euiTextColor euiTextColor--subdued"
-                            >
-                              Rule names
-                            </div>
-                          </div>
-                        </label>
-                      </div>
-                      <div
-                        class="euiFormRow__fieldWrapper"
-                      >
-                        <div
-                          class="euiText euiText--medium"
-                          data-test-subj="text-details-group-content-rule-names"
-                          id="some_html_id"
-                        >
-                          -
-                        </div>
-                      </div>
+                      Any rule
                     </div>
                   </div>
                 </div>
                 <div
-                  class="euiSpacer euiSpacer--xl"
+                  class="euiSpacer euiSpacer--l"
                 />
                 <div
                   class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
@@ -199,15 +142,7 @@ Object {
                           class="euiFormLabel euiFormRow__label"
                           for="some_html_id"
                         >
-                          <div
-                            class="euiText euiText--medium"
-                          >
-                            <div
-                              class="euiTextColor euiTextColor--subdued"
-                            >
-                              Rule severities
-                            </div>
-                          </div>
+                          Rule severities
                         </label>
                       </div>
                       <div
@@ -237,15 +172,7 @@ Object {
                           class="euiFormLabel euiFormRow__label"
                           for="some_html_id"
                         >
-                          <div
-                            class="euiText euiText--medium"
-                          >
-                            <div
-                              class="euiTextColor euiTextColor--subdued"
-                            >
-                              Tags
-                            </div>
-                          </div>
+                          Tags
                         </label>
                       </div>
                       <div
@@ -263,10 +190,7 @@ Object {
                   </div>
                 </div>
                 <div
-                  class="euiSpacer euiSpacer--xl"
-                />
-                <div
-                  class="euiSpacer euiSpacer--xl"
+                  class="euiSpacer euiSpacer--l"
                 />
                 <h5
                   class="euiTitle euiTitle--small"
@@ -287,15 +211,7 @@ Object {
                       class="euiFormLabel euiFormRow__label"
                       for="some_html_id"
                     >
-                      <div
-                        class="euiText euiText--medium"
-                      >
-                        <div
-                          class="euiTextColor euiTextColor--subdued"
-                        >
-                          Trigger alerts with severity
-                        </div>
-                      </div>
+                      Trigger alerts with severity
                     </label>
                   </div>
                   <div
@@ -313,6 +229,9 @@ Object {
                 <div
                   class="euiSpacer euiSpacer--l"
                 />
+                <div
+                  class="euiSpacer euiSpacer--l"
+                />
                 <div
                   class="euiFormRow euiFormRow--fullWidth"
                   id="some_html_id-row"
@@ -324,15 +243,7 @@ Object {
                       class="euiFormLabel euiFormRow__label"
                       for="some_html_id"
                     >
-                      <div
-                        class="euiText euiText--medium"
-                      >
-                        <div
-                          class="euiTextColor euiTextColor--subdued"
-                        >
-                          Notify channel
-                        </div>
-                      </div>
+                      Notify channel
                     </label>
                   </div>
                   <div
@@ -351,6 +262,9 @@ Object {
                     </div>
                   </div>
                 </div>
+                <div
+                  class="euiSpacer euiSpacer--l"
+                />
               </div>
             </div>
           </div>
@@ -406,7 +320,7 @@ Object {
               class="euiAccordion__padding--m"
             >
               <div
-                class="euiSpacer euiSpacer--m"
+                class="euiSpacer euiSpacer--s"
               />
               <div
                 class="euiFormRow euiFormRow--fullWidth"
@@ -419,15 +333,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Trigger name
-                      </div>
-                    </div>
+                    Trigger name
                   </label>
                 </div>
                 <div
@@ -443,98 +349,49 @@ Object {
                 </div>
               </div>
               <div
-                class="euiSpacer euiSpacer--xl"
+                class="euiSpacer euiSpacer--l"
               />
-              <h5
+              <h4
                 class="euiTitle euiTitle--small"
               >
-                If any detection rule matches
+                Trigger condition 
+              </h4>
+              <h5
+                class="euiTitle euiTitle--xsmall"
+              >
+                For detection rules
               </h5>
               <div
-                class="euiSpacer euiSpacer--m"
+                class="euiSpacer euiSpacer--s"
               />
               <div
-                class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
+                class="euiFormRow euiFormRow--fullWidth"
+                id="some_html_id-row"
               >
                 <div
-                  class="euiFlexItem"
+                  class="euiFormRow__labelWrapper"
                 >
-                  <div
-                    class="euiFormRow euiFormRow--fullWidth"
-                    id="some_html_id-row"
+                  <label
+                    class="euiFormLabel euiFormRow__label"
+                    for="some_html_id"
                   >
-                    <div
-                      class="euiFormRow__labelWrapper"
-                    >
-                      <label
-                        class="euiFormLabel euiFormRow__label"
-                        for="some_html_id"
-                      >
-                        <div
-                          class="euiText euiText--medium"
-                        >
-                          <div
-                            class="euiTextColor euiTextColor--subdued"
-                          >
-                            Log type
-                          </div>
-                        </div>
-                      </label>
-                    </div>
-                    <div
-                      class="euiFormRow__fieldWrapper"
-                    >
-                      <div
-                        class="euiText euiText--medium"
-                        data-test-subj="text-details-group-content-log-type"
-                        id="some_html_id"
-                      >
-                        detector_type_1
-                      </div>
-                    </div>
-                  </div>
+                    Rule names
+                  </label>
                 </div>
                 <div
-                  class="euiFlexItem"
+                  class="euiFormRow__fieldWrapper"
                 >
                   <div
-                    class="euiFormRow euiFormRow--fullWidth"
-                    id="some_html_id-row"
+                    class="euiText euiText--medium"
+                    data-test-subj="text-details-group-content-rule-names"
+                    id="some_html_id"
                   >
-                    <div
-                      class="euiFormRow__labelWrapper"
-                    >
-                      <label
-                        class="euiFormLabel euiFormRow__label"
-                        for="some_html_id"
-                      >
-                        <div
-                          class="euiText euiText--medium"
-                        >
-                          <div
-                            class="euiTextColor euiTextColor--subdued"
-                          >
-                            Rule names
-                          </div>
-                        </div>
-                      </label>
-                    </div>
-                    <div
-                      class="euiFormRow__fieldWrapper"
-                    >
-                      <div
-                        class="euiText euiText--medium"
-                        data-test-subj="text-details-group-content-rule-names"
-                        id="some_html_id"
-                      >
-                        -
-                      </div>
-                    </div>
+                    Any rule
                   </div>
                 </div>
               </div>
               <div
-                class="euiSpacer euiSpacer--xl"
+                class="euiSpacer euiSpacer--l"
               />
               <div
                 class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
@@ -553,15 +410,7 @@ Object {
                         class="euiFormLabel euiFormRow__label"
                         for="some_html_id"
                       >
-                        <div
-                          class="euiText euiText--medium"
-                        >
-                          <div
-                            class="euiTextColor euiTextColor--subdued"
-                          >
-                            Rule severities
-                          </div>
-                        </div>
+                        Rule severities
                       </label>
                     </div>
                     <div
@@ -591,15 +440,7 @@ Object {
                         class="euiFormLabel euiFormRow__label"
                         for="some_html_id"
                       >
-                        <div
-                          class="euiText euiText--medium"
-                        >
-                          <div
-                            class="euiTextColor euiTextColor--subdued"
-                          >
-                            Tags
-                          </div>
-                        </div>
+                        Tags
                       </label>
                     </div>
                     <div
@@ -617,10 +458,7 @@ Object {
                 </div>
               </div>
               <div
-                class="euiSpacer euiSpacer--xl"
-              />
-              <div
-                class="euiSpacer euiSpacer--xl"
+                class="euiSpacer euiSpacer--l"
               />
               <h5
                 class="euiTitle euiTitle--small"
@@ -641,15 +479,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Trigger alerts with severity
-                      </div>
-                    </div>
+                    Trigger alerts with severity
                   </label>
                 </div>
                 <div
@@ -667,6 +497,9 @@ Object {
               <div
                 class="euiSpacer euiSpacer--l"
               />
+              <div
+                class="euiSpacer euiSpacer--l"
+              />
               <div
                 class="euiFormRow euiFormRow--fullWidth"
                 id="some_html_id-row"
@@ -678,15 +511,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Notify channel
-                      </div>
-                    </div>
+                    Notify channel
                   </label>
                 </div>
                 <div
@@ -705,6 +530,9 @@ Object {
                   </div>
                 </div>
               </div>
+              <div
+                class="euiSpacer euiSpacer--l"
+              />
             </div>
           </div>
         </div>
diff --git a/public/pages/Detectors/components/DetectorBasicDetailsView/DetectorBasicDetailsView.tsx b/public/pages/Detectors/components/DetectorBasicDetailsView/DetectorBasicDetailsView.tsx
index 201cc26d1..56bd96e53 100644
--- a/public/pages/Detectors/components/DetectorBasicDetailsView/DetectorBasicDetailsView.tsx
+++ b/public/pages/Detectors/components/DetectorBasicDetailsView/DetectorBasicDetailsView.tsx
@@ -81,7 +81,7 @@ export const DetectorBasicDetailsView: React.FC<DetectorBasicDetailsViewProps> =
         { label: 'Log type', content: getLogTypeLabel(detector_type.toLowerCase()) },
         {
           label: 'Detector dashboard',
-          content: (dashboardId ? (
+          content: dashboardId ? (
             <EuiLink onClick={() => window.open(`dashboards#/view/${dashboardId}`, '_blank')}>
               {`${name} summary`}
               <EuiIcon type={'popout'} />
@@ -90,7 +90,7 @@ export const DetectorBasicDetailsView: React.FC<DetectorBasicDetailsViewProps> =
             'Not available for this log type'
           ) : (
             '-'
-          )) as any,
+          ),
         },
       ])}
       {createTextDetailsGroup([
@@ -99,7 +99,7 @@ export const DetectorBasicDetailsView: React.FC<DetectorBasicDetailsViewProps> =
         { label: 'Last updated time', content: lastUpdated || DEFAULT_EMPTY_DATA },
       ])}
       {createTextDetailsGroup([
-        { label: 'Threat intelligence feed enabled', content: threat_intel_enabled ? 'Yes' : 'No' },
+        { label: 'Threat intelligence', content: threat_intel_enabled ? 'Enabled' : 'Disabled' },
       ])}
       {rulesCanFold ? children : null}
     </ContentPanel>
diff --git a/public/pages/Detectors/components/DetectorBasicDetailsView/__snapshots__/DetectorBasicDetailsView.test.tsx.snap b/public/pages/Detectors/components/DetectorBasicDetailsView/__snapshots__/DetectorBasicDetailsView.test.tsx.snap
index 1edc1241d..6af3411d7 100644
--- a/public/pages/Detectors/components/DetectorBasicDetailsView/__snapshots__/DetectorBasicDetailsView.test.tsx.snap
+++ b/public/pages/Detectors/components/DetectorBasicDetailsView/__snapshots__/DetectorBasicDetailsView.test.tsx.snap
@@ -76,15 +76,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Detector name
-                      </div>
-                    </div>
+                    Detector name
                   </label>
                 </div>
                 <div
@@ -114,15 +106,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Description
-                      </div>
-                    </div>
+                    Description
                   </label>
                 </div>
                 <div
@@ -152,15 +136,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Detector schedule
-                      </div>
-                    </div>
+                    Detector schedule
                   </label>
                 </div>
                 <div
@@ -178,7 +154,7 @@ Object {
             </div>
           </div>
           <div
-            class="euiSpacer euiSpacer--xl"
+            class="euiSpacer euiSpacer--l"
           />
           <div
             class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
@@ -197,15 +173,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Data source
-                      </div>
-                    </div>
+                    Data source
                   </label>
                 </div>
                 <div
@@ -239,15 +207,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Log type
-                      </div>
-                    </div>
+                    Log type
                   </label>
                 </div>
                 <div
@@ -277,15 +237,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Detector dashboard
-                      </div>
-                    </div>
+                    Detector dashboard
                   </label>
                 </div>
                 <div
@@ -303,7 +255,7 @@ Object {
             </div>
           </div>
           <div
-            class="euiSpacer euiSpacer--xl"
+            class="euiSpacer euiSpacer--l"
           />
           <div
             class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
@@ -322,15 +274,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Detection rules
-                      </div>
-                    </div>
+                    Detection rules
                   </label>
                 </div>
                 <div
@@ -360,15 +304,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Created at
-                      </div>
-                    </div>
+                    Created at
                   </label>
                 </div>
                 <div
@@ -398,15 +334,7 @@ Object {
                     class="euiFormLabel euiFormRow__label"
                     for="some_html_id"
                   >
-                    <div
-                      class="euiText euiText--medium"
-                    >
-                      <div
-                        class="euiTextColor euiTextColor--subdued"
-                      >
-                        Last updated time
-                      </div>
-                    </div>
+                    Last updated time
                   </label>
                 </div>
                 <div
@@ -424,7 +352,7 @@ Object {
             </div>
           </div>
           <div
-            class="euiSpacer euiSpacer--xl"
+            class="euiSpacer euiSpacer--l"
           />
           <div
             class="euiFormRow euiFormRow--fullWidth"
@@ -437,15 +365,7 @@ Object {
                 class="euiFormLabel euiFormRow__label"
                 for="some_html_id"
               >
-                <div
-                  class="euiText euiText--medium"
-                >
-                  <div
-                    class="euiTextColor euiTextColor--subdued"
-                  >
-                    Threat intelligence feed enabled
-                  </div>
-                </div>
+                Threat intelligence
               </label>
             </div>
             <div
@@ -453,13 +373,16 @@ Object {
             >
               <div
                 class="euiText euiText--medium"
-                data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                data-test-subj="text-details-group-content-threat-intelligence"
                 id="some_html_id"
               >
-                No
+                Disabled
               </div>
             </div>
           </div>
+          <div
+            class="euiSpacer euiSpacer--l"
+          />
         </div>
       </div>
     </div>
@@ -536,15 +459,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Detector name
-                    </div>
-                  </div>
+                  Detector name
                 </label>
               </div>
               <div
@@ -574,15 +489,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Description
-                    </div>
-                  </div>
+                  Description
                 </label>
               </div>
               <div
@@ -612,15 +519,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Detector schedule
-                    </div>
-                  </div>
+                  Detector schedule
                 </label>
               </div>
               <div
@@ -638,7 +537,7 @@ Object {
           </div>
         </div>
         <div
-          class="euiSpacer euiSpacer--xl"
+          class="euiSpacer euiSpacer--l"
         />
         <div
           class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
@@ -657,15 +556,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Data source
-                    </div>
-                  </div>
+                  Data source
                 </label>
               </div>
               <div
@@ -699,15 +590,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Log type
-                    </div>
-                  </div>
+                  Log type
                 </label>
               </div>
               <div
@@ -737,15 +620,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Detector dashboard
-                    </div>
-                  </div>
+                  Detector dashboard
                 </label>
               </div>
               <div
@@ -763,7 +638,7 @@ Object {
           </div>
         </div>
         <div
-          class="euiSpacer euiSpacer--xl"
+          class="euiSpacer euiSpacer--l"
         />
         <div
           class="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
@@ -782,15 +657,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Detection rules
-                    </div>
-                  </div>
+                  Detection rules
                 </label>
               </div>
               <div
@@ -820,15 +687,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Created at
-                    </div>
-                  </div>
+                  Created at
                 </label>
               </div>
               <div
@@ -858,15 +717,7 @@ Object {
                   class="euiFormLabel euiFormRow__label"
                   for="some_html_id"
                 >
-                  <div
-                    class="euiText euiText--medium"
-                  >
-                    <div
-                      class="euiTextColor euiTextColor--subdued"
-                    >
-                      Last updated time
-                    </div>
-                  </div>
+                  Last updated time
                 </label>
               </div>
               <div
@@ -884,7 +735,7 @@ Object {
           </div>
         </div>
         <div
-          class="euiSpacer euiSpacer--xl"
+          class="euiSpacer euiSpacer--l"
         />
         <div
           class="euiFormRow euiFormRow--fullWidth"
@@ -897,15 +748,7 @@ Object {
               class="euiFormLabel euiFormRow__label"
               for="some_html_id"
             >
-              <div
-                class="euiText euiText--medium"
-              >
-                <div
-                  class="euiTextColor euiTextColor--subdued"
-                >
-                  Threat intelligence feed enabled
-                </div>
-              </div>
+              Threat intelligence
             </label>
           </div>
           <div
@@ -913,13 +756,16 @@ Object {
           >
             <div
               class="euiText euiText--medium"
-              data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+              data-test-subj="text-details-group-content-threat-intelligence"
               id="some_html_id"
             >
-              No
+              Disabled
             </div>
           </div>
         </div>
+        <div
+          class="euiSpacer euiSpacer--l"
+        />
       </div>
     </div>
   </div>,
diff --git a/public/pages/Detectors/containers/AlertTriggersView/__snapshots__/AlertTriggersView.test.tsx.snap b/public/pages/Detectors/containers/AlertTriggersView/__snapshots__/AlertTriggersView.test.tsx.snap
index a68bac941..b154e2ee3 100644
--- a/public/pages/Detectors/containers/AlertTriggersView/__snapshots__/AlertTriggersView.test.tsx.snap
+++ b/public/pages/Detectors/containers/AlertTriggersView/__snapshots__/AlertTriggersView.test.tsx.snap
@@ -673,10 +673,10 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                           className="euiAccordion__padding--m"
                         >
                           <EuiSpacer
-                            size="m"
+                            size="s"
                           >
                             <div
-                              className="euiSpacer euiSpacer--m"
+                              className="euiSpacer euiSpacer--s"
                             />
                           </EuiSpacer>
                           <EuiFormRow
@@ -685,13 +685,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                             fullWidth={true}
                             hasChildLabel={true}
                             hasEmptyLabelSpace={false}
-                            label={
-                              <EuiText
-                                color="subdued"
-                              >
-                                Trigger name
-                              </EuiText>
-                            }
+                            label="Trigger name"
                             labelType="label"
                           >
                             <div
@@ -711,24 +705,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     className="euiFormLabel euiFormRow__label"
                                     htmlFor="some_html_id"
                                   >
-                                    <EuiText
-                                      color="subdued"
-                                    >
-                                      <div
-                                        className="euiText euiText--medium"
-                                      >
-                                        <EuiTextColor
-                                          color="subdued"
-                                          component="div"
-                                        >
-                                          <div
-                                            className="euiTextColor euiTextColor--subdued"
-                                          >
-                                            Trigger name
-                                          </div>
-                                        </EuiTextColor>
-                                      </div>
-                                    </EuiText>
+                                    Trigger name
                                   </label>
                                 </EuiFormLabel>
                               </div>
@@ -755,209 +732,94 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                             </div>
                           </EuiFormRow>
                           <EuiSpacer
-                            size="xl"
+                            size="l"
                           >
                             <div
-                              className="euiSpacer euiSpacer--xl"
+                              className="euiSpacer euiSpacer--l"
                             />
                           </EuiSpacer>
                           <EuiTitle
                             size="s"
                           >
-                            <h5
+                            <h4
                               className="euiTitle euiTitle--small"
                             >
-                              If any detection rule matches
+                              Trigger condition 
+                            </h4>
+                          </EuiTitle>
+                          <EuiTitle
+                            size="xs"
+                          >
+                            <h5
+                              className="euiTitle euiTitle--xsmall"
+                            >
+                              For detection rules
                             </h5>
                           </EuiTitle>
                           <EuiSpacer
-                            size="m"
+                            size="s"
                           >
                             <div
-                              className="euiSpacer euiSpacer--m"
+                              className="euiSpacer euiSpacer--s"
                             />
                           </EuiSpacer>
-                          <EuiFlexGroup
-                            className="detailsFormRow"
+                          <EuiFormRow
+                            describedByIds={Array []}
+                            display="row"
+                            fullWidth={true}
+                            hasChildLabel={true}
+                            hasEmptyLabelSpace={false}
+                            label="Rule names"
+                            labelType="label"
                           >
                             <div
-                              className="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
+                              className="euiFormRow euiFormRow--fullWidth"
+                              id="some_html_id-row"
                             >
-                              <EuiFlexItem
-                                grow={true}
-                                key="0"
+                              <div
+                                className="euiFormRow__labelWrapper"
                               >
-                                <div
-                                  className="euiFlexItem"
+                                <EuiFormLabel
+                                  className="euiFormRow__label"
+                                  htmlFor="some_html_id"
+                                  isFocused={false}
+                                  type="label"
                                 >
-                                  <EuiFormRow
-                                    describedByIds={Array []}
-                                    display="row"
-                                    fullWidth={true}
-                                    hasChildLabel={true}
-                                    hasEmptyLabelSpace={false}
-                                    label={
-                                      <EuiText
-                                        color="subdued"
-                                      >
-                                        Log type
-                                      </EuiText>
-                                    }
-                                    labelType="label"
+                                  <label
+                                    className="euiFormLabel euiFormRow__label"
+                                    htmlFor="some_html_id"
                                   >
-                                    <div
-                                      className="euiFormRow euiFormRow--fullWidth"
-                                      id="some_html_id-row"
-                                    >
-                                      <div
-                                        className="euiFormRow__labelWrapper"
-                                      >
-                                        <EuiFormLabel
-                                          className="euiFormRow__label"
-                                          htmlFor="some_html_id"
-                                          isFocused={false}
-                                          type="label"
-                                        >
-                                          <label
-                                            className="euiFormLabel euiFormRow__label"
-                                            htmlFor="some_html_id"
-                                          >
-                                            <EuiText
-                                              color="subdued"
-                                            >
-                                              <div
-                                                className="euiText euiText--medium"
-                                              >
-                                                <EuiTextColor
-                                                  color="subdued"
-                                                  component="div"
-                                                >
-                                                  <div
-                                                    className="euiTextColor euiTextColor--subdued"
-                                                  >
-                                                    Log type
-                                                  </div>
-                                                </EuiTextColor>
-                                              </div>
-                                            </EuiText>
-                                          </label>
-                                        </EuiFormLabel>
-                                      </div>
-                                      <div
-                                        className="euiFormRow__fieldWrapper"
-                                      >
-                                        <EuiText
-                                          data-test-subj="text-details-group-content-log-type"
-                                          id="some_html_id"
-                                          onBlur={[Function]}
-                                          onFocus={[Function]}
-                                        >
-                                          <div
-                                            className="euiText euiText--medium"
-                                            data-test-subj="text-details-group-content-log-type"
-                                            id="some_html_id"
-                                            onBlur={[Function]}
-                                            onFocus={[Function]}
-                                          >
-                                            detector_type_1
-                                          </div>
-                                        </EuiText>
-                                      </div>
-                                    </div>
-                                  </EuiFormRow>
-                                </div>
-                              </EuiFlexItem>
-                              <EuiFlexItem
-                                grow={true}
-                                key="1"
+                                    Rule names
+                                  </label>
+                                </EuiFormLabel>
+                              </div>
+                              <div
+                                className="euiFormRow__fieldWrapper"
                               >
-                                <div
-                                  className="euiFlexItem"
+                                <EuiText
+                                  data-test-subj="text-details-group-content-rule-names"
+                                  id="some_html_id"
+                                  onBlur={[Function]}
+                                  onFocus={[Function]}
                                 >
-                                  <EuiFormRow
-                                    describedByIds={Array []}
-                                    display="row"
-                                    fullWidth={true}
-                                    hasChildLabel={true}
-                                    hasEmptyLabelSpace={false}
-                                    label={
-                                      <EuiText
-                                        color="subdued"
-                                      >
-                                        Rule names
-                                      </EuiText>
-                                    }
-                                    labelType="label"
+                                  <div
+                                    className="euiText euiText--medium"
+                                    data-test-subj="text-details-group-content-rule-names"
+                                    id="some_html_id"
+                                    onBlur={[Function]}
+                                    onFocus={[Function]}
                                   >
-                                    <div
-                                      className="euiFormRow euiFormRow--fullWidth"
-                                      id="some_html_id-row"
-                                    >
-                                      <div
-                                        className="euiFormRow__labelWrapper"
-                                      >
-                                        <EuiFormLabel
-                                          className="euiFormRow__label"
-                                          htmlFor="some_html_id"
-                                          isFocused={false}
-                                          type="label"
-                                        >
-                                          <label
-                                            className="euiFormLabel euiFormRow__label"
-                                            htmlFor="some_html_id"
-                                          >
-                                            <EuiText
-                                              color="subdued"
-                                            >
-                                              <div
-                                                className="euiText euiText--medium"
-                                              >
-                                                <EuiTextColor
-                                                  color="subdued"
-                                                  component="div"
-                                                >
-                                                  <div
-                                                    className="euiTextColor euiTextColor--subdued"
-                                                  >
-                                                    Rule names
-                                                  </div>
-                                                </EuiTextColor>
-                                              </div>
-                                            </EuiText>
-                                          </label>
-                                        </EuiFormLabel>
-                                      </div>
-                                      <div
-                                        className="euiFormRow__fieldWrapper"
-                                      >
-                                        <EuiText
-                                          data-test-subj="text-details-group-content-rule-names"
-                                          id="some_html_id"
-                                          onBlur={[Function]}
-                                          onFocus={[Function]}
-                                        >
-                                          <div
-                                            className="euiText euiText--medium"
-                                            data-test-subj="text-details-group-content-rule-names"
-                                            id="some_html_id"
-                                            onBlur={[Function]}
-                                            onFocus={[Function]}
-                                          >
-                                            -
-                                          </div>
-                                        </EuiText>
-                                      </div>
-                                    </div>
-                                  </EuiFormRow>
-                                </div>
-                              </EuiFlexItem>
+                                    Any rule
+                                  </div>
+                                </EuiText>
+                              </div>
                             </div>
-                          </EuiFlexGroup>
+                          </EuiFormRow>
                           <EuiSpacer
-                            size="xl"
+                            size="l"
                           >
                             <div
-                              className="euiSpacer euiSpacer--xl"
+                              className="euiSpacer euiSpacer--l"
                             />
                           </EuiSpacer>
                           <EuiFlexGroup
@@ -979,13 +841,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     fullWidth={true}
                                     hasChildLabel={true}
                                     hasEmptyLabelSpace={false}
-                                    label={
-                                      <EuiText
-                                        color="subdued"
-                                      >
-                                        Rule severities
-                                      </EuiText>
-                                    }
+                                    label="Rule severities"
                                     labelType="label"
                                   >
                                     <div
@@ -1005,24 +861,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                             className="euiFormLabel euiFormRow__label"
                                             htmlFor="some_html_id"
                                           >
-                                            <EuiText
-                                              color="subdued"
-                                            >
-                                              <div
-                                                className="euiText euiText--medium"
-                                              >
-                                                <EuiTextColor
-                                                  color="subdued"
-                                                  component="div"
-                                                >
-                                                  <div
-                                                    className="euiTextColor euiTextColor--subdued"
-                                                  >
-                                                    Rule severities
-                                                  </div>
-                                                </EuiTextColor>
-                                              </div>
-                                            </EuiText>
+                                            Rule severities
                                           </label>
                                         </EuiFormLabel>
                                       </div>
@@ -1063,13 +902,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     fullWidth={true}
                                     hasChildLabel={true}
                                     hasEmptyLabelSpace={false}
-                                    label={
-                                      <EuiText
-                                        color="subdued"
-                                      >
-                                        Tags
-                                      </EuiText>
-                                    }
+                                    label="Tags"
                                     labelType="label"
                                   >
                                     <div
@@ -1089,24 +922,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                             className="euiFormLabel euiFormRow__label"
                                             htmlFor="some_html_id"
                                           >
-                                            <EuiText
-                                              color="subdued"
-                                            >
-                                              <div
-                                                className="euiText euiText--medium"
-                                              >
-                                                <EuiTextColor
-                                                  color="subdued"
-                                                  component="div"
-                                                >
-                                                  <div
-                                                    className="euiTextColor euiTextColor--subdued"
-                                                  >
-                                                    Tags
-                                                  </div>
-                                                </EuiTextColor>
-                                              </div>
-                                            </EuiText>
+                                            Tags
                                           </label>
                                         </EuiFormLabel>
                                       </div>
@@ -1137,17 +953,10 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                             </div>
                           </EuiFlexGroup>
                           <EuiSpacer
-                            size="xl"
-                          >
-                            <div
-                              className="euiSpacer euiSpacer--xl"
-                            />
-                          </EuiSpacer>
-                          <EuiSpacer
-                            size="xl"
+                            size="l"
                           >
                             <div
-                              className="euiSpacer euiSpacer--xl"
+                              className="euiSpacer euiSpacer--l"
                             />
                           </EuiSpacer>
                           <EuiTitle
@@ -1172,13 +981,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                             fullWidth={true}
                             hasChildLabel={true}
                             hasEmptyLabelSpace={false}
-                            label={
-                              <EuiText
-                                color="subdued"
-                              >
-                                Trigger alerts with severity
-                              </EuiText>
-                            }
+                            label="Trigger alerts with severity"
                             labelType="label"
                           >
                             <div
@@ -1198,24 +1001,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     className="euiFormLabel euiFormRow__label"
                                     htmlFor="some_html_id"
                                   >
-                                    <EuiText
-                                      color="subdued"
-                                    >
-                                      <div
-                                        className="euiText euiText--medium"
-                                      >
-                                        <EuiTextColor
-                                          color="subdued"
-                                          component="div"
-                                        >
-                                          <div
-                                            className="euiTextColor euiTextColor--subdued"
-                                          >
-                                            Trigger alerts with severity
-                                          </div>
-                                        </EuiTextColor>
-                                      </div>
-                                    </EuiText>
+                                    Trigger alerts with severity
                                   </label>
                                 </EuiFormLabel>
                               </div>
@@ -1248,19 +1034,20 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                               className="euiSpacer euiSpacer--l"
                             />
                           </EuiSpacer>
+                          <EuiSpacer
+                            size="l"
+                          >
+                            <div
+                              className="euiSpacer euiSpacer--l"
+                            />
+                          </EuiSpacer>
                           <EuiFormRow
                             describedByIds={Array []}
                             display="row"
                             fullWidth={true}
                             hasChildLabel={true}
                             hasEmptyLabelSpace={false}
-                            label={
-                              <EuiText
-                                color="subdued"
-                              >
-                                Notify channel
-                              </EuiText>
-                            }
+                            label="Notify channel"
                             labelType="label"
                           >
                             <div
@@ -1280,24 +1067,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     className="euiFormLabel euiFormRow__label"
                                     htmlFor="some_html_id"
                                   >
-                                    <EuiText
-                                      color="subdued"
-                                    >
-                                      <div
-                                        className="euiText euiText--medium"
-                                      >
-                                        <EuiTextColor
-                                          color="subdued"
-                                          component="div"
-                                        >
-                                          <div
-                                            className="euiTextColor euiTextColor--subdued"
-                                          >
-                                            Notify channel
-                                          </div>
-                                        </EuiTextColor>
-                                      </div>
-                                    </EuiText>
+                                    Notify channel
                                   </label>
                                 </EuiFormLabel>
                               </div>
@@ -1329,6 +1099,13 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                               </div>
                             </div>
                           </EuiFormRow>
+                          <EuiSpacer
+                            size="l"
+                          >
+                            <div
+                              className="euiSpacer euiSpacer--l"
+                            />
+                          </EuiSpacer>
                         </div>
                       </div>
                     </EuiResizeObserver>
@@ -1667,10 +1444,10 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                           className="euiAccordion__padding--m"
                         >
                           <EuiSpacer
-                            size="m"
+                            size="s"
                           >
                             <div
-                              className="euiSpacer euiSpacer--m"
+                              className="euiSpacer euiSpacer--s"
                             />
                           </EuiSpacer>
                           <EuiFormRow
@@ -1679,13 +1456,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                             fullWidth={true}
                             hasChildLabel={true}
                             hasEmptyLabelSpace={false}
-                            label={
-                              <EuiText
-                                color="subdued"
-                              >
-                                Trigger name
-                              </EuiText>
-                            }
+                            label="Trigger name"
                             labelType="label"
                           >
                             <div
@@ -1705,24 +1476,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     className="euiFormLabel euiFormRow__label"
                                     htmlFor="some_html_id"
                                   >
-                                    <EuiText
-                                      color="subdued"
-                                    >
-                                      <div
-                                        className="euiText euiText--medium"
-                                      >
-                                        <EuiTextColor
-                                          color="subdued"
-                                          component="div"
-                                        >
-                                          <div
-                                            className="euiTextColor euiTextColor--subdued"
-                                          >
-                                            Trigger name
-                                          </div>
-                                        </EuiTextColor>
-                                      </div>
-                                    </EuiText>
+                                    Trigger name
                                   </label>
                                 </EuiFormLabel>
                               </div>
@@ -1749,209 +1503,94 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                             </div>
                           </EuiFormRow>
                           <EuiSpacer
-                            size="xl"
+                            size="l"
                           >
                             <div
-                              className="euiSpacer euiSpacer--xl"
+                              className="euiSpacer euiSpacer--l"
                             />
                           </EuiSpacer>
                           <EuiTitle
                             size="s"
                           >
-                            <h5
+                            <h4
                               className="euiTitle euiTitle--small"
                             >
-                              If any detection rule matches
+                              Trigger condition 
+                            </h4>
+                          </EuiTitle>
+                          <EuiTitle
+                            size="xs"
+                          >
+                            <h5
+                              className="euiTitle euiTitle--xsmall"
+                            >
+                              For detection rules
                             </h5>
                           </EuiTitle>
                           <EuiSpacer
-                            size="m"
+                            size="s"
                           >
                             <div
-                              className="euiSpacer euiSpacer--m"
+                              className="euiSpacer euiSpacer--s"
                             />
                           </EuiSpacer>
-                          <EuiFlexGroup
-                            className="detailsFormRow"
+                          <EuiFormRow
+                            describedByIds={Array []}
+                            display="row"
+                            fullWidth={true}
+                            hasChildLabel={true}
+                            hasEmptyLabelSpace={false}
+                            label="Rule names"
+                            labelType="label"
                           >
                             <div
-                              className="euiFlexGroup euiFlexGroup--gutterLarge euiFlexGroup--directionRow euiFlexGroup--responsive detailsFormRow"
+                              className="euiFormRow euiFormRow--fullWidth"
+                              id="some_html_id-row"
                             >
-                              <EuiFlexItem
-                                grow={true}
-                                key="0"
+                              <div
+                                className="euiFormRow__labelWrapper"
                               >
-                                <div
-                                  className="euiFlexItem"
+                                <EuiFormLabel
+                                  className="euiFormRow__label"
+                                  htmlFor="some_html_id"
+                                  isFocused={false}
+                                  type="label"
                                 >
-                                  <EuiFormRow
-                                    describedByIds={Array []}
-                                    display="row"
-                                    fullWidth={true}
-                                    hasChildLabel={true}
-                                    hasEmptyLabelSpace={false}
-                                    label={
-                                      <EuiText
-                                        color="subdued"
-                                      >
-                                        Log type
-                                      </EuiText>
-                                    }
-                                    labelType="label"
+                                  <label
+                                    className="euiFormLabel euiFormRow__label"
+                                    htmlFor="some_html_id"
                                   >
-                                    <div
-                                      className="euiFormRow euiFormRow--fullWidth"
-                                      id="some_html_id-row"
-                                    >
-                                      <div
-                                        className="euiFormRow__labelWrapper"
-                                      >
-                                        <EuiFormLabel
-                                          className="euiFormRow__label"
-                                          htmlFor="some_html_id"
-                                          isFocused={false}
-                                          type="label"
-                                        >
-                                          <label
-                                            className="euiFormLabel euiFormRow__label"
-                                            htmlFor="some_html_id"
-                                          >
-                                            <EuiText
-                                              color="subdued"
-                                            >
-                                              <div
-                                                className="euiText euiText--medium"
-                                              >
-                                                <EuiTextColor
-                                                  color="subdued"
-                                                  component="div"
-                                                >
-                                                  <div
-                                                    className="euiTextColor euiTextColor--subdued"
-                                                  >
-                                                    Log type
-                                                  </div>
-                                                </EuiTextColor>
-                                              </div>
-                                            </EuiText>
-                                          </label>
-                                        </EuiFormLabel>
-                                      </div>
-                                      <div
-                                        className="euiFormRow__fieldWrapper"
-                                      >
-                                        <EuiText
-                                          data-test-subj="text-details-group-content-log-type"
-                                          id="some_html_id"
-                                          onBlur={[Function]}
-                                          onFocus={[Function]}
-                                        >
-                                          <div
-                                            className="euiText euiText--medium"
-                                            data-test-subj="text-details-group-content-log-type"
-                                            id="some_html_id"
-                                            onBlur={[Function]}
-                                            onFocus={[Function]}
-                                          >
-                                            detector_type_1
-                                          </div>
-                                        </EuiText>
-                                      </div>
-                                    </div>
-                                  </EuiFormRow>
-                                </div>
-                              </EuiFlexItem>
-                              <EuiFlexItem
-                                grow={true}
-                                key="1"
+                                    Rule names
+                                  </label>
+                                </EuiFormLabel>
+                              </div>
+                              <div
+                                className="euiFormRow__fieldWrapper"
                               >
-                                <div
-                                  className="euiFlexItem"
+                                <EuiText
+                                  data-test-subj="text-details-group-content-rule-names"
+                                  id="some_html_id"
+                                  onBlur={[Function]}
+                                  onFocus={[Function]}
                                 >
-                                  <EuiFormRow
-                                    describedByIds={Array []}
-                                    display="row"
-                                    fullWidth={true}
-                                    hasChildLabel={true}
-                                    hasEmptyLabelSpace={false}
-                                    label={
-                                      <EuiText
-                                        color="subdued"
-                                      >
-                                        Rule names
-                                      </EuiText>
-                                    }
-                                    labelType="label"
+                                  <div
+                                    className="euiText euiText--medium"
+                                    data-test-subj="text-details-group-content-rule-names"
+                                    id="some_html_id"
+                                    onBlur={[Function]}
+                                    onFocus={[Function]}
                                   >
-                                    <div
-                                      className="euiFormRow euiFormRow--fullWidth"
-                                      id="some_html_id-row"
-                                    >
-                                      <div
-                                        className="euiFormRow__labelWrapper"
-                                      >
-                                        <EuiFormLabel
-                                          className="euiFormRow__label"
-                                          htmlFor="some_html_id"
-                                          isFocused={false}
-                                          type="label"
-                                        >
-                                          <label
-                                            className="euiFormLabel euiFormRow__label"
-                                            htmlFor="some_html_id"
-                                          >
-                                            <EuiText
-                                              color="subdued"
-                                            >
-                                              <div
-                                                className="euiText euiText--medium"
-                                              >
-                                                <EuiTextColor
-                                                  color="subdued"
-                                                  component="div"
-                                                >
-                                                  <div
-                                                    className="euiTextColor euiTextColor--subdued"
-                                                  >
-                                                    Rule names
-                                                  </div>
-                                                </EuiTextColor>
-                                              </div>
-                                            </EuiText>
-                                          </label>
-                                        </EuiFormLabel>
-                                      </div>
-                                      <div
-                                        className="euiFormRow__fieldWrapper"
-                                      >
-                                        <EuiText
-                                          data-test-subj="text-details-group-content-rule-names"
-                                          id="some_html_id"
-                                          onBlur={[Function]}
-                                          onFocus={[Function]}
-                                        >
-                                          <div
-                                            className="euiText euiText--medium"
-                                            data-test-subj="text-details-group-content-rule-names"
-                                            id="some_html_id"
-                                            onBlur={[Function]}
-                                            onFocus={[Function]}
-                                          >
-                                            -
-                                          </div>
-                                        </EuiText>
-                                      </div>
-                                    </div>
-                                  </EuiFormRow>
-                                </div>
-                              </EuiFlexItem>
+                                    Any rule
+                                  </div>
+                                </EuiText>
+                              </div>
                             </div>
-                          </EuiFlexGroup>
+                          </EuiFormRow>
                           <EuiSpacer
-                            size="xl"
+                            size="l"
                           >
                             <div
-                              className="euiSpacer euiSpacer--xl"
+                              className="euiSpacer euiSpacer--l"
                             />
                           </EuiSpacer>
                           <EuiFlexGroup
@@ -1973,13 +1612,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     fullWidth={true}
                                     hasChildLabel={true}
                                     hasEmptyLabelSpace={false}
-                                    label={
-                                      <EuiText
-                                        color="subdued"
-                                      >
-                                        Rule severities
-                                      </EuiText>
-                                    }
+                                    label="Rule severities"
                                     labelType="label"
                                   >
                                     <div
@@ -1999,24 +1632,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                             className="euiFormLabel euiFormRow__label"
                                             htmlFor="some_html_id"
                                           >
-                                            <EuiText
-                                              color="subdued"
-                                            >
-                                              <div
-                                                className="euiText euiText--medium"
-                                              >
-                                                <EuiTextColor
-                                                  color="subdued"
-                                                  component="div"
-                                                >
-                                                  <div
-                                                    className="euiTextColor euiTextColor--subdued"
-                                                  >
-                                                    Rule severities
-                                                  </div>
-                                                </EuiTextColor>
-                                              </div>
-                                            </EuiText>
+                                            Rule severities
                                           </label>
                                         </EuiFormLabel>
                                       </div>
@@ -2057,13 +1673,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     fullWidth={true}
                                     hasChildLabel={true}
                                     hasEmptyLabelSpace={false}
-                                    label={
-                                      <EuiText
-                                        color="subdued"
-                                      >
-                                        Tags
-                                      </EuiText>
-                                    }
+                                    label="Tags"
                                     labelType="label"
                                   >
                                     <div
@@ -2083,24 +1693,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                             className="euiFormLabel euiFormRow__label"
                                             htmlFor="some_html_id"
                                           >
-                                            <EuiText
-                                              color="subdued"
-                                            >
-                                              <div
-                                                className="euiText euiText--medium"
-                                              >
-                                                <EuiTextColor
-                                                  color="subdued"
-                                                  component="div"
-                                                >
-                                                  <div
-                                                    className="euiTextColor euiTextColor--subdued"
-                                                  >
-                                                    Tags
-                                                  </div>
-                                                </EuiTextColor>
-                                              </div>
-                                            </EuiText>
+                                            Tags
                                           </label>
                                         </EuiFormLabel>
                                       </div>
@@ -2131,17 +1724,10 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                             </div>
                           </EuiFlexGroup>
                           <EuiSpacer
-                            size="xl"
-                          >
-                            <div
-                              className="euiSpacer euiSpacer--xl"
-                            />
-                          </EuiSpacer>
-                          <EuiSpacer
-                            size="xl"
+                            size="l"
                           >
                             <div
-                              className="euiSpacer euiSpacer--xl"
+                              className="euiSpacer euiSpacer--l"
                             />
                           </EuiSpacer>
                           <EuiTitle
@@ -2166,13 +1752,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                             fullWidth={true}
                             hasChildLabel={true}
                             hasEmptyLabelSpace={false}
-                            label={
-                              <EuiText
-                                color="subdued"
-                              >
-                                Trigger alerts with severity
-                              </EuiText>
-                            }
+                            label="Trigger alerts with severity"
                             labelType="label"
                           >
                             <div
@@ -2192,24 +1772,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     className="euiFormLabel euiFormRow__label"
                                     htmlFor="some_html_id"
                                   >
-                                    <EuiText
-                                      color="subdued"
-                                    >
-                                      <div
-                                        className="euiText euiText--medium"
-                                      >
-                                        <EuiTextColor
-                                          color="subdued"
-                                          component="div"
-                                        >
-                                          <div
-                                            className="euiTextColor euiTextColor--subdued"
-                                          >
-                                            Trigger alerts with severity
-                                          </div>
-                                        </EuiTextColor>
-                                      </div>
-                                    </EuiText>
+                                    Trigger alerts with severity
                                   </label>
                                 </EuiFormLabel>
                               </div>
@@ -2242,19 +1805,20 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                               className="euiSpacer euiSpacer--l"
                             />
                           </EuiSpacer>
+                          <EuiSpacer
+                            size="l"
+                          >
+                            <div
+                              className="euiSpacer euiSpacer--l"
+                            />
+                          </EuiSpacer>
                           <EuiFormRow
                             describedByIds={Array []}
                             display="row"
                             fullWidth={true}
                             hasChildLabel={true}
                             hasEmptyLabelSpace={false}
-                            label={
-                              <EuiText
-                                color="subdued"
-                              >
-                                Notify channel
-                              </EuiText>
-                            }
+                            label="Notify channel"
                             labelType="label"
                           >
                             <div
@@ -2274,24 +1838,7 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                                     className="euiFormLabel euiFormRow__label"
                                     htmlFor="some_html_id"
                                   >
-                                    <EuiText
-                                      color="subdued"
-                                    >
-                                      <div
-                                        className="euiText euiText--medium"
-                                      >
-                                        <EuiTextColor
-                                          color="subdued"
-                                          component="div"
-                                        >
-                                          <div
-                                            className="euiTextColor euiTextColor--subdued"
-                                          >
-                                            Notify channel
-                                          </div>
-                                        </EuiTextColor>
-                                      </div>
-                                    </EuiText>
+                                    Notify channel
                                   </label>
                                 </EuiFormLabel>
                               </div>
@@ -2323,6 +1870,13 @@ exports[`<AlertTriggersView /> spec renders the component 1`] = `
                               </div>
                             </div>
                           </EuiFormRow>
+                          <EuiSpacer
+                            size="l"
+                          >
+                            <div
+                              className="euiSpacer euiSpacer--l"
+                            />
+                          </EuiSpacer>
                         </div>
                       </div>
                     </EuiResizeObserver>
diff --git a/public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap b/public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap
index 4dbcc56e5..40877b4b9 100644
--- a/public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap
+++ b/public/pages/Detectors/containers/Detector/__snapshots__/DetectorDetails.test.tsx.snap
@@ -1553,13 +1553,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Detector name
-                          </EuiText>
-                        }
+                        label="Detector name"
                         labelType="label"
                       >
                         <div
@@ -1579,24 +1573,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Detector name
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Detector name
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -1637,13 +1614,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Description
-                          </EuiText>
-                        }
+                        label="Description"
                         labelType="label"
                       >
                         <div
@@ -1663,24 +1634,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Description
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Description
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -1721,13 +1675,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Detector schedule
-                          </EuiText>
-                        }
+                        label="Detector schedule"
                         labelType="label"
                       >
                         <div
@@ -1747,24 +1695,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Detector schedule
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Detector schedule
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -1795,10 +1726,10 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                 </div>
               </EuiFlexGroup>
               <EuiSpacer
-                size="xl"
+                size="l"
               >
                 <div
-                  className="euiSpacer euiSpacer--xl"
+                  className="euiSpacer euiSpacer--l"
                 />
               </EuiSpacer>
               <EuiFlexGroup
@@ -1820,13 +1751,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Data source
-                          </EuiText>
-                        }
+                        label="Data source"
                         labelType="label"
                       >
                         <div
@@ -1846,24 +1771,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Data source
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Data source
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -1912,13 +1820,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Log type
-                          </EuiText>
-                        }
+                        label="Log type"
                         labelType="label"
                       >
                         <div
@@ -1938,24 +1840,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Log type
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Log type
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -1996,13 +1881,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Detector dashboard
-                          </EuiText>
-                        }
+                        label="Detector dashboard"
                         labelType="label"
                       >
                         <div
@@ -2022,24 +1901,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Detector dashboard
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Detector dashboard
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -2070,10 +1932,10 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                 </div>
               </EuiFlexGroup>
               <EuiSpacer
-                size="xl"
+                size="l"
               >
                 <div
-                  className="euiSpacer euiSpacer--xl"
+                  className="euiSpacer euiSpacer--l"
                 />
               </EuiSpacer>
               <EuiFlexGroup
@@ -2095,13 +1957,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Detection rules
-                          </EuiText>
-                        }
+                        label="Detection rules"
                         labelType="label"
                       >
                         <div
@@ -2121,24 +1977,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Detection rules
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Detection rules
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -2179,13 +2018,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Created at
-                          </EuiText>
-                        }
+                        label="Created at"
                         labelType="label"
                       >
                         <div
@@ -2205,24 +2038,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Created at
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Created at
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -2263,13 +2079,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         fullWidth={true}
                         hasChildLabel={true}
                         hasEmptyLabelSpace={false}
-                        label={
-                          <EuiText
-                            color="subdued"
-                          >
-                            Last updated time
-                          </EuiText>
-                        }
+                        label="Last updated time"
                         labelType="label"
                       >
                         <div
@@ -2289,24 +2099,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                                 className="euiFormLabel euiFormRow__label"
                                 htmlFor="some_html_id"
                               >
-                                <EuiText
-                                  color="subdued"
-                                >
-                                  <div
-                                    className="euiText euiText--medium"
-                                  >
-                                    <EuiTextColor
-                                      color="subdued"
-                                      component="div"
-                                    >
-                                      <div
-                                        className="euiTextColor euiTextColor--subdued"
-                                      >
-                                        Last updated time
-                                      </div>
-                                    </EuiTextColor>
-                                  </div>
-                                </EuiText>
+                                Last updated time
                               </label>
                             </EuiFormLabel>
                           </div>
@@ -2337,10 +2130,10 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                 </div>
               </EuiFlexGroup>
               <EuiSpacer
-                size="xl"
+                size="l"
               >
                 <div
-                  className="euiSpacer euiSpacer--xl"
+                  className="euiSpacer euiSpacer--l"
                 />
               </EuiSpacer>
               <EuiFormRow
@@ -2349,13 +2142,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                 fullWidth={true}
                 hasChildLabel={true}
                 hasEmptyLabelSpace={false}
-                label={
-                  <EuiText
-                    color="subdued"
-                  >
-                    Threat intelligence feed enabled
-                  </EuiText>
-                }
+                label="Threat intelligence"
                 labelType="label"
               >
                 <div
@@ -2375,24 +2162,7 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                         className="euiFormLabel euiFormRow__label"
                         htmlFor="some_html_id"
                       >
-                        <EuiText
-                          color="subdued"
-                        >
-                          <div
-                            className="euiText euiText--medium"
-                          >
-                            <EuiTextColor
-                              color="subdued"
-                              component="div"
-                            >
-                              <div
-                                className="euiTextColor euiTextColor--subdued"
-                              >
-                                Threat intelligence feed enabled
-                              </div>
-                            </EuiTextColor>
-                          </div>
-                        </EuiText>
+                        Threat intelligence
                       </label>
                     </EuiFormLabel>
                   </div>
@@ -2400,24 +2170,31 @@ exports[`<DetectorDetails /> spec renders the component 1`] = `
                     className="euiFormRow__fieldWrapper"
                   >
                     <EuiText
-                      data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                      data-test-subj="text-details-group-content-threat-intelligence"
                       id="some_html_id"
                       onBlur={[Function]}
                       onFocus={[Function]}
                     >
                       <div
                         className="euiText euiText--medium"
-                        data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                        data-test-subj="text-details-group-content-threat-intelligence"
                         id="some_html_id"
                         onBlur={[Function]}
                         onFocus={[Function]}
                       >
-                        No
+                        Disabled
                       </div>
                     </EuiText>
                   </div>
                 </div>
               </EuiFormRow>
+              <EuiSpacer
+                size="l"
+              >
+                <div
+                  className="euiSpacer euiSpacer--l"
+                />
+              </EuiSpacer>
             </div>
           </div>
         </EuiPanel>
diff --git a/public/pages/Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap b/public/pages/Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap
index 88e03a3e0..bc7a33d54 100644
--- a/public/pages/Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap
+++ b/public/pages/Detectors/containers/DetectorDetailsView/__snapshots__/DetectorDetailsView.test.tsx.snap
@@ -578,13 +578,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Detector name
-                        </EuiText>
-                      }
+                      label="Detector name"
                       labelType="label"
                     >
                       <div
@@ -604,24 +598,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Detector name
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Detector name
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -662,13 +639,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Description
-                        </EuiText>
-                      }
+                      label="Description"
                       labelType="label"
                     >
                       <div
@@ -688,24 +659,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Description
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Description
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -746,13 +700,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Detector schedule
-                        </EuiText>
-                      }
+                      label="Detector schedule"
                       labelType="label"
                     >
                       <div
@@ -772,24 +720,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Detector schedule
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Detector schedule
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -820,10 +751,10 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
               </div>
             </EuiFlexGroup>
             <EuiSpacer
-              size="xl"
+              size="l"
             >
               <div
-                className="euiSpacer euiSpacer--xl"
+                className="euiSpacer euiSpacer--l"
               />
             </EuiSpacer>
             <EuiFlexGroup
@@ -845,13 +776,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Data source
-                        </EuiText>
-                      }
+                      label="Data source"
                       labelType="label"
                     >
                       <div
@@ -871,24 +796,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Data source
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Data source
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -937,13 +845,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Log type
-                        </EuiText>
-                      }
+                      label="Log type"
                       labelType="label"
                     >
                       <div
@@ -963,24 +865,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Log type
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Log type
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -1021,13 +906,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Detector dashboard
-                        </EuiText>
-                      }
+                      label="Detector dashboard"
                       labelType="label"
                     >
                       <div
@@ -1047,24 +926,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Detector dashboard
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Detector dashboard
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -1095,10 +957,10 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
               </div>
             </EuiFlexGroup>
             <EuiSpacer
-              size="xl"
+              size="l"
             >
               <div
-                className="euiSpacer euiSpacer--xl"
+                className="euiSpacer euiSpacer--l"
               />
             </EuiSpacer>
             <EuiFlexGroup
@@ -1120,13 +982,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Detection rules
-                        </EuiText>
-                      }
+                      label="Detection rules"
                       labelType="label"
                     >
                       <div
@@ -1146,24 +1002,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Detection rules
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Detection rules
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -1204,13 +1043,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Created at
-                        </EuiText>
-                      }
+                      label="Created at"
                       labelType="label"
                     >
                       <div
@@ -1230,24 +1063,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Created at
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Created at
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -1288,13 +1104,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       fullWidth={true}
                       hasChildLabel={true}
                       hasEmptyLabelSpace={false}
-                      label={
-                        <EuiText
-                          color="subdued"
-                        >
-                          Last updated time
-                        </EuiText>
-                      }
+                      label="Last updated time"
                       labelType="label"
                     >
                       <div
@@ -1314,24 +1124,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                               className="euiFormLabel euiFormRow__label"
                               htmlFor="some_html_id"
                             >
-                              <EuiText
-                                color="subdued"
-                              >
-                                <div
-                                  className="euiText euiText--medium"
-                                >
-                                  <EuiTextColor
-                                    color="subdued"
-                                    component="div"
-                                  >
-                                    <div
-                                      className="euiTextColor euiTextColor--subdued"
-                                    >
-                                      Last updated time
-                                    </div>
-                                  </EuiTextColor>
-                                </div>
-                              </EuiText>
+                              Last updated time
                             </label>
                           </EuiFormLabel>
                         </div>
@@ -1362,10 +1155,10 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
               </div>
             </EuiFlexGroup>
             <EuiSpacer
-              size="xl"
+              size="l"
             >
               <div
-                className="euiSpacer euiSpacer--xl"
+                className="euiSpacer euiSpacer--l"
               />
             </EuiSpacer>
             <EuiFormRow
@@ -1374,13 +1167,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
               fullWidth={true}
               hasChildLabel={true}
               hasEmptyLabelSpace={false}
-              label={
-                <EuiText
-                  color="subdued"
-                >
-                  Threat intelligence feed enabled
-                </EuiText>
-              }
+              label="Threat intelligence"
               labelType="label"
             >
               <div
@@ -1400,24 +1187,7 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                       className="euiFormLabel euiFormRow__label"
                       htmlFor="some_html_id"
                     >
-                      <EuiText
-                        color="subdued"
-                      >
-                        <div
-                          className="euiText euiText--medium"
-                        >
-                          <EuiTextColor
-                            color="subdued"
-                            component="div"
-                          >
-                            <div
-                              className="euiTextColor euiTextColor--subdued"
-                            >
-                              Threat intelligence feed enabled
-                            </div>
-                          </EuiTextColor>
-                        </div>
-                      </EuiText>
+                      Threat intelligence
                     </label>
                   </EuiFormLabel>
                 </div>
@@ -1425,24 +1195,31 @@ exports[`<DetectorDetailsView /> spec renders the component 1`] = `
                   className="euiFormRow__fieldWrapper"
                 >
                   <EuiText
-                    data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                    data-test-subj="text-details-group-content-threat-intelligence"
                     id="some_html_id"
                     onBlur={[Function]}
                     onFocus={[Function]}
                   >
                     <div
                       className="euiText euiText--medium"
-                      data-test-subj="text-details-group-content-threat-intelligence-feed-enabled"
+                      data-test-subj="text-details-group-content-threat-intelligence"
                       id="some_html_id"
                       onBlur={[Function]}
                       onFocus={[Function]}
                     >
-                      No
+                      Disabled
                     </div>
                   </EuiText>
                 </div>
               </div>
             </EuiFormRow>
+            <EuiSpacer
+              size="l"
+            >
+              <div
+                className="euiSpacer euiSpacer--l"
+              />
+            </EuiSpacer>
           </div>
         </div>
       </EuiPanel>
diff --git a/public/pages/Findings/components/CreateAlertFlyout.tsx b/public/pages/Findings/components/CreateAlertFlyout.tsx
index c0c99eb18..c84f8f27a 100644
--- a/public/pages/Findings/components/CreateAlertFlyout.tsx
+++ b/public/pages/Findings/components/CreateAlertFlyout.tsx
@@ -18,7 +18,7 @@ import {
   EuiTitle,
 } from '@elastic/eui';
 import AlertConditionPanel from '../../CreateDetector/components/ConfigureAlerts/components/AlertCondition';
-import { AlertCondition, Detector } from '../../../../models/interfaces';
+import { AlertCondition } from '../../../../models/interfaces';
 import { DetectorsService } from '../../../services';
 import { RulesSharedState } from '../../../models/interfaces';
 import { DEFAULT_EMPTY_DATA } from '../../../utils/constants';
@@ -26,6 +26,8 @@ import { NotificationChannelTypeOptions } from '../../CreateDetector/components/
 import { Finding } from '../models/interfaces';
 import { getEmptyAlertCondition } from '../../CreateDetector/components/ConfigureAlerts/utils/helpers';
 import { validateName } from '../../../utils/validation';
+import { addDetectionType } from '../../../utils/helpers';
+import { Detector } from '../../../../types';
 
 interface CreateAlertFlyoutProps extends RouteComponentProps {
   closeFlyout: (refreshPage?: boolean) => void;
@@ -67,9 +69,17 @@ export default class CreateAlertFlyout extends Component<
 
   prepareAlertCondition = async () => {
     const { rulesOptions } = this.props;
-    const { alertCondition } = this.state;
+    const { alertCondition, detector } = this.state;
     const newAlertCondition = { ...alertCondition };
 
+    if (rulesOptions.length) {
+      newAlertCondition.detection_types = addDetectionType(newAlertCondition, 'rules');
+    }
+
+    if (detector.threat_intel_enabled) {
+      newAlertCondition.detection_types = addDetectionType(newAlertCondition, 'threat_intel');
+    }
+
     const selectedRuleNames = new Set<string>();
     const selectedRuleSeverities = new Set<string>();
     const selectedTags = new Set<string>();
diff --git a/public/pages/Findings/components/FindingDetailsFlyout.tsx b/public/pages/Findings/components/FindingDetailsFlyout.tsx
index b2203cf19..ac30c8470 100644
--- a/public/pages/Findings/components/FindingDetailsFlyout.tsx
+++ b/public/pages/Findings/components/FindingDetailsFlyout.tsx
@@ -32,8 +32,13 @@ import {
   EuiTab,
   EuiLoadingContent,
 } from '@elastic/eui';
-import { capitalizeFirstLetter, renderTime } from '../../../utils/helpers';
-import { DEFAULT_EMPTY_DATA, ROUTES } from '../../../utils/constants';
+import {
+  capitalizeFirstLetter,
+  createTextDetailsGroup,
+  isThreatIntelQuery,
+  renderTime,
+} from '../../../utils/helpers';
+import { DEFAULT_EMPTY_DATA } from '../../../utils/constants';
 import { Query } from '../models/interfaces';
 import { RuleViewerFlyout } from '../../Rules/components/RuleViewerFlyout/RuleViewerFlyout';
 import { RuleSource } from '../../../../server/models/interfaces';
@@ -167,9 +172,7 @@ export default class FindingDetailsFlyout extends Component<
     });
   }
 
-  renderTags = () => {
-    const { finding } = this.props;
-    const tags = finding.queries[0].tags || [];
+  renderTags = (tags: string[]) => {
     return (
       tags && (
         <EuiBadgeGroup gutterSize={'s'}>
@@ -206,7 +209,7 @@ export default class FindingDetailsFlyout extends Component<
   renderRuleDetails = (rules: Query[] = []) => {
     const { allRules = {} } = this.state;
     return rules
-      .filter(({ id }) => !id.startsWith('threat_intel_'))
+      .filter(({ id }) => !isThreatIntelQuery(id))
       .map((rule, key) => {
         const fullRule = allRules[rule.id];
         const severity = capitalizeFirstLetter(fullRule.level);
@@ -268,7 +271,7 @@ export default class FindingDetailsFlyout extends Component<
                 <EuiSpacer size={'m'} />
 
                 <EuiFormRow label={'Tags'} data-test-subj={'finding-details-flyout-rule-tags'}>
-                  <EuiText>{this.renderTags() || DEFAULT_EMPTY_DATA}</EuiText>
+                  <EuiText>{this.renderTags(rule.tags) || DEFAULT_EMPTY_DATA}</EuiText>
                 </EuiFormRow>
               </EuiPanel>
             </EuiAccordion>
@@ -444,14 +447,26 @@ export default class FindingDetailsFlyout extends Component<
       finding: { queries, detectionType },
     } = this.props;
 
-    const showThreatDetectionInfo = detectionType.includes('Threat');
     const showRuleDetailsInfo = detectionType.includes('Detection');
     const severity = 'High';
     const { background, text } = getSeverityColor(severity);
+    const threatIntelQuery = queries.find(({ id }) => isThreatIntelQuery(id));
+    let threatIntelQueryData: { [key: string]: string } = {};
+    if (threatIntelQuery) {
+      threatIntelQuery.tags.forEach((tag) => {
+        if (tag.startsWith('field:')) {
+          threatIntelQueryData['field'] = tag.split(':')[1];
+        }
+
+        if (tag.startsWith('feed_name:')) {
+          threatIntelQueryData['feedName'] = tag.split(':')[1];
+        }
+      });
+    }
 
     return (
       <>
-        {showThreatDetectionInfo && (
+        {threatIntelQuery && (
           <>
             <EuiTitle size={'s'}>
               <h3>Threat intelligence feed</h3>
@@ -468,6 +483,13 @@ export default class FindingDetailsFlyout extends Component<
               <p>This finding is generated from a threat intelligence feed IOCs.</p>
             </EuiText>
             <EuiSpacer size={'l'} />
+            {createTextDetailsGroup([
+              { label: 'Field', content: threatIntelQueryData['field'] || DEFAULT_EMPTY_DATA },
+              {
+                label: 'Feed name',
+                content: threatIntelQueryData['feedName'] || DEFAULT_EMPTY_DATA,
+              },
+            ])}
           </>
         )}
         {showRuleDetailsInfo && (
diff --git a/public/pages/Findings/components/FindingsTable/FindingsTable.tsx b/public/pages/Findings/components/FindingsTable/FindingsTable.tsx
index 73be83969..cc9ec9713 100644
--- a/public/pages/Findings/components/FindingsTable/FindingsTable.tsx
+++ b/public/pages/Findings/components/FindingsTable/FindingsTable.tsx
@@ -17,7 +17,12 @@ import {
 } from '@elastic/eui';
 import { FieldValueSelectionFilterConfigType } from '@elastic/eui/src/components/search_bar/filters/field_value_selection_filter';
 import dateMath from '@elastic/datemath';
-import { capitalizeFirstLetter, formatRuleType, renderTime } from '../../../../utils/helpers';
+import {
+  capitalizeFirstLetter,
+  formatRuleType,
+  isThreatIntelQuery,
+  renderTime,
+} from '../../../../utils/helpers';
 import { DEFAULT_EMPTY_DATA } from '../../../../utils/constants';
 import {
   DetectorsService,
@@ -119,15 +124,17 @@ export default class FindingsTable extends Component<FindingsTableProps, Finding
   renderCreateAlertFlyout = (finding: Finding) => {
     if (this.state.flyoutOpen) this.closeFlyout();
     else {
-      const ruleOptions = finding.queries.map((query) => {
-        const rule = this.props.rules[query.id];
-        return {
-          name: rule.title,
-          id: query.id,
-          severity: rule.level,
-          tags: rule.tags.map((tag: any) => tag.value),
-        };
-      });
+      const ruleOptions = finding.queries
+        .filter(({ id }) => !isThreatIntelQuery(id))
+        .map((query) => {
+          const rule = this.props.rules[query.id];
+          return {
+            name: rule.title,
+            id: query.id,
+            severity: rule.level,
+            tags: rule.tags.map((tag: any) => tag.value),
+          };
+        });
       this.setState({
         flyout: (
           <CreateAlertFlyout
@@ -253,9 +260,11 @@ export default class FindingsTable extends Component<FindingsTableProps, Finding
     const severities = new Set<string>();
     filteredFindings.forEach((finding) => {
       if (finding) {
-        const queryId = finding.queries[0].id;
-        logTypes.add(rules[queryId].category);
-        severities.add(rules[queryId].level);
+        const queryId = finding.queries.find(({ id }) => !isThreatIntelQuery(id))?.id;
+        if (queryId && rules[queryId]) {
+          logTypes.add(rules[queryId].category);
+          severities.add(rules[queryId].level);
+        }
       }
     });
 
diff --git a/public/pages/Findings/containers/Findings/Findings.tsx b/public/pages/Findings/containers/Findings/Findings.tsx
index 4468d3f12..f8016f8f3 100644
--- a/public/pages/Findings/containers/Findings/Findings.tsx
+++ b/public/pages/Findings/containers/Findings/Findings.tsx
@@ -256,7 +256,11 @@ class Findings extends Component<FindingsProps, FindingsState> {
       const findingTime = new Date(finding.timestamp);
       findingTime.setMilliseconds(0);
       findingTime.setSeconds(0);
-      const ruleLevel = this.state.rules[finding.queries[0].id].level;
+      finding.detectionType === 'Threat intelligence';
+      const ruleLevel =
+        finding.detectionType === 'Threat intelligence'
+          ? 'high'
+          : this.state.rules[finding.queries[0].id].level;
       visData.push({
         finding: 1,
         time: findingTime.getTime(),
diff --git a/public/pages/Overview/models/OverviewViewModel.ts b/public/pages/Overview/models/OverviewViewModel.ts
index dad186e4e..fb0ba83d2 100644
--- a/public/pages/Overview/models/OverviewViewModel.ts
+++ b/public/pages/Overview/models/OverviewViewModel.ts
@@ -8,7 +8,7 @@ import { DetectorHit, RuleSource } from '../../../../server/models/interfaces';
 import { AlertItem, FindingItem } from './interfaces';
 import { DEFAULT_DATE_RANGE, DEFAULT_EMPTY_DATA } from '../../../utils/constants';
 import { NotificationsStart } from 'opensearch-dashboards/public';
-import { errorNotificationToast } from '../../../utils/helpers';
+import { errorNotificationToast, isThreatIntelQuery } from '../../../utils/helpers';
 import dateMath from '@elastic/datemath';
 import moment from 'moment';
 import { DataStore } from '../../../store/DataStore';
@@ -84,7 +84,8 @@ export class OverviewViewModelActor {
           const logType = detectorInfo.get(id)?.logType;
           const detectorName = detectorInfo.get(id)?.name || '';
           const detectorFindings: any[] = findingRes.response.findings.map((finding) => {
-            const ids = finding.queries.map((query) => query.id);
+            const ruleQueries = finding.queries.filter(({ id }) => !isThreatIntelQuery(id));
+            const ids = ruleQueries.map((query) => query.id);
             ids.forEach((id) => ruleIds.add(id));
 
             const findingTime = new Date(finding.timestamp);
@@ -96,9 +97,10 @@ export class OverviewViewModelActor {
               id: finding.id,
               time: findingTime,
               logType: logType || '',
-              ruleId: finding.queries[0].id,
+              ruleId: ruleQueries[0]?.id || finding.queries[0].id,
               ruleName: '',
               ruleSeverity: '',
+              isThreatIntelOnlyFinding: finding.detectionType === 'Threat intelligence',
             };
           });
           findingItems = findingItems.concat(detectorFindings);
@@ -117,7 +119,10 @@ export class OverviewViewModelActor {
 
       return {
         ...item,
-        ruleName: rulesRes[item.ruleId]?.title || DEFAULT_EMPTY_DATA,
+        ruleName:
+          (item.isThreatIntelOnlyFinding
+            ? 'Threat intelligence feed'
+            : rulesRes[item.ruleId]?.title) || DEFAULT_EMPTY_DATA,
         ruleSeverity: severity || DEFAULT_EMPTY_DATA,
       };
     });
diff --git a/public/pages/Overview/models/interfaces.ts b/public/pages/Overview/models/interfaces.ts
index 2b4a5293f..a54c1f0ab 100644
--- a/public/pages/Overview/models/interfaces.ts
+++ b/public/pages/Overview/models/interfaces.ts
@@ -34,6 +34,7 @@ export interface FindingItem {
   ruleId: string;
   ruleName: string;
   ruleSeverity: string;
+  isThreatIntelOnlyFinding: boolean;
 }
 
 export interface AlertItem {
diff --git a/public/store/DetectorsStore.tsx b/public/store/DetectorsStore.tsx
index e292a8b61..e050eaae5 100644
--- a/public/store/DetectorsStore.tsx
+++ b/public/store/DetectorsStore.tsx
@@ -270,6 +270,7 @@ export class DetectorsStore implements IDetectorsStore {
         'View detector',
         goToDetectorDetails
       );
+      setTimeout(() => this.hideCallout(), 3000);
 
       return Promise.resolve({
         detectorId: detectorId,
diff --git a/public/utils/helpers.tsx b/public/utils/helpers.tsx
index aa497a769..5baa727cc 100644
--- a/public/utils/helpers.tsx
+++ b/public/utils/helpers.tsx
@@ -52,13 +52,24 @@ export const renderTime = (time: number | string) => {
   return DEFAULT_EMPTY_DATA;
 };
 
-export function createTextDetailsGroup(data: { label: string; content: any; url?: string }[]) {
-  const createFormRow = (label: string, content: string, url?: string) => {
+export function createTextDetailsGroup(
+  data: { label: string; content: any; url?: string; target?: string }[]
+) {
+  const createFormRow = (
+    label: string,
+    content: string,
+    url?: string,
+    target: string = '_self'
+  ) => {
     const dataTestSubj = label.toLowerCase().replace(/ /g, '-');
     return (
-      <EuiFormRow fullWidth label={<EuiText color={'subdued'}>{label}</EuiText>}>
+      <EuiFormRow fullWidth label={label}>
         {url ? (
-          <EuiLink data-test-subj={`text-details-group-content-${dataTestSubj}`}>
+          <EuiLink
+            href={url}
+            data-test-subj={`text-details-group-content-${dataTestSubj}`}
+            target={target}
+          >
             {content ?? DEFAULT_EMPTY_DATA}
           </EuiLink>
         ) : (
@@ -71,20 +82,23 @@ export function createTextDetailsGroup(data: { label: string; content: any; url?
   };
   return data.length <= 1 ? (
     !data.length ? null : (
-      createFormRow(data[0].label, data[0].content, data[0].url)
+      <>
+        {createFormRow(data[0].label, data[0].content, data[0].url, data[0].target)}
+        <EuiSpacer size={'l'} />
+      </>
     )
   ) : (
     <>
       <EuiFlexGroup className={'detailsFormRow'}>
-        {data.map(({ label, content, url }, index) => {
+        {data.map(({ label, content, url, target }, index) => {
           return (
             <EuiFlexItem key={index} grow={true}>
-              {createFormRow(label, content, url)}
+              {createFormRow(label, content, url, target)}
             </EuiFlexItem>
           );
         })}
       </EuiFlexGroup>
-      <EuiSpacer size={'xl'} />
+      <EuiSpacer size={'l'} />
     </>
   );
 }
@@ -389,7 +403,11 @@ export function getLogTypeCategoryOptions(): any[] {
   }));
 }
 
-export function removeDetectionTypeFromTrigger(
+/**
+ * Removes the given detectionType from the list of types inside the given trigger
+ * and returns the new list of detectionTypes
+ */
+export function removeDetectionType(
   trigger: AlertCondition,
   detectionType: 'rules' | 'threat_intel'
 ): string[] {
@@ -398,7 +416,11 @@ export function removeDetectionTypeFromTrigger(
   return Array.from(detectionTypes);
 }
 
-export function addDetectionTypeToTrigger(
+/**
+ * Add the given detectionType to the list of types inside the given trigger
+ * and returns the new list of detectionTypes
+ */
+export function addDetectionType(
   trigger: AlertCondition,
   detectionType: 'rules' | 'threat_intel'
 ): string[] {
@@ -406,3 +428,7 @@ export function addDetectionTypeToTrigger(
   detectionTypes.add(detectionType);
   return Array.from(detectionTypes);
 }
+
+export function isThreatIntelQuery(queryId: string) {
+  return queryId?.startsWith('threat_intel_');
+}