[SIEM][Detections Engine] - Add rule markdown to timeline global notes (

elastic#61026) [SIEM][Detections Engine] - Add rule markdown to timeline global notes * added functionality of new global timeline note created on init timeline creation if signal.rule.note exists Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
yctercero · Mar 30, 2020 · e72950e · e72950e
1 parent e146ae0
commit e72950e
Show file tree

Hide file tree

Showing 31 changed files with 1,229 additions and 48 deletions.
diff --git a/x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules_custom.spec.ts b/x-pack/legacy/plugins/siem/cypress/integration/signal_detection_rules_custom.spec.ts
@@ -8,6 +8,7 @@ import { newRule, totalNumberOfPrebuiltRules } from '../objects/rule';
 
 import {
   ABOUT_FALSE_POSITIVES,
+  ABOUT_INVESTIGATION_NOTES,
   ABOUT_MITRE,
   ABOUT_RISK,
   ABOUT_RULE_DESCRIPTION,
@@ -19,6 +20,9 @@ import {
   DEFINITION_INDEX_PATTERNS,
   DEFINITION_TIMELINE,
   DEFINITION_STEP,
+  INVESTIGATION_NOTES_MARKDOWN,
+  INVESTIGATION_NOTES_TOGGLE,
+  RULE_ABOUT_DETAILS_HEADER_TOGGLE,
   RULE_NAME_HEADER,
   SCHEDULE_LOOPBACK,
   SCHEDULE_RUNS,
@@ -170,6 +174,13 @@ describe('Signal detection rules, custom', () => {
       .invoke('text')
       .should('eql', expectedTags);
 
+    cy.get(RULE_ABOUT_DETAILS_HEADER_TOGGLE)
+      .eq(INVESTIGATION_NOTES_TOGGLE)
+      .click({ force: true });
+    cy.get(ABOUT_INVESTIGATION_NOTES)
+      .invoke('text')
+      .should('eql', INVESTIGATION_NOTES_MARKDOWN);
+
     cy.get(DEFINITION_INDEX_PATTERNS).then(patterns => {
       cy.wrap(patterns).each((pattern, index) => {
         cy.wrap(pattern)

diff --git a/x-pack/legacy/plugins/siem/cypress/objects/rule.ts b/x-pack/legacy/plugins/siem/cypress/objects/rule.ts
@@ -22,6 +22,7 @@ export interface CustomRule {
   referenceUrls: string[];
   falsePositivesExamples: string[];
   mitre: Mitre[];
+  note: string;
 }
 
 export interface MachineLearningRule {
@@ -36,6 +37,7 @@ export interface MachineLearningRule {
   referenceUrls: string[];
   falsePositivesExamples: string[];
   mitre: Mitre[];
+  note: string;
 }
 
 const mitre1: Mitre = {
@@ -58,6 +60,7 @@ export const newRule: CustomRule = {
   referenceUrls: ['https://www.google.com/', 'https://elastic.co/'],
   falsePositivesExamples: ['False1', 'False2'],
   mitre: [mitre1, mitre2],
+  note: '# test markdown',
 };
 
 export const machineLearningRule: MachineLearningRule = {
@@ -71,4 +74,5 @@ export const machineLearningRule: MachineLearningRule = {
   referenceUrls: ['https://elastic.co/'],
   falsePositivesExamples: ['False1'],
   mitre: [mitre1],
+  note: '# test markdown',
 };
diff --git a/x-pack/legacy/plugins/siem/cypress/screens/create_new_rule.ts b/x-pack/legacy/plugins/siem/cypress/screens/create_new_rule.ts
@@ -24,7 +24,8 @@ export const CUSTOM_QUERY_INPUT = '[data-test-subj="queryInput"]';
 
 export const DEFINE_CONTINUE_BUTTON = '[data-test-subj="define-continue"]';
 
-export const SCHEDULE_CONTINUE_BUTTON = '[data-test-subj="schedule-continue"]';
+export const INVESTIGATION_NOTES_TEXTAREA =
+  '[data-test-subj="detectionEngineStepAboutRuleNote"] textarea';
 
 export const FALSE_POSITIVES_INPUT =
   '[data-test-subj="detectionEngineStepAboutRuleFalsePositives"] input';
@@ -53,6 +54,8 @@ export const RULE_DESCRIPTION_INPUT =
 export const RULE_NAME_INPUT =
   '[data-test-subj="detectionEngineStepAboutRuleName"] [data-test-subj="input"]';
 
+export const SCHEDULE_CONTINUE_BUTTON = '[data-test-subj="schedule-continue"]';
+
 export const SEVERITY_DROPDOWN =
   '[data-test-subj="detectionEngineStepAboutRuleSeverity"] [data-test-subj="select"]';
 

diff --git a/x-pack/legacy/plugins/siem/cypress/screens/rule_details.ts b/x-pack/legacy/plugins/siem/cypress/screens/rule_details.ts
@@ -6,6 +6,8 @@
 
 export const ABOUT_FALSE_POSITIVES = 3;
 
+export const ABOUT_INVESTIGATION_NOTES = '[data-test-subj="stepAboutDetailsNoteContent"]';
+
 export const ABOUT_MITRE = 4;
 
 export const ABOUT_RULE_DESCRIPTION = '[data-test-subj=stepAboutRuleDetailsToggleDescriptionText]';
@@ -32,10 +34,16 @@ export const DEFINITION_INDEX_PATTERNS =
 export const DEFINITION_STEP =
   '[data-test-subj=definitionRule] [data-test-subj="listItemColumnStepRuleDescription"] .euiDescriptionList__description';
 
+export const INVESTIGATION_NOTES_MARKDOWN = 'test markdown';
+
+export const INVESTIGATION_NOTES_TOGGLE = 1;
+
 export const MACHINE_LEARNING_JOB_ID = '[data-test-subj="machineLearningJobId"]';
 
 export const MACHINE_LEARNING_JOB_STATUS = '[data-test-subj="machineLearningJobStatus"  ]';
 
+export const RULE_ABOUT_DETAILS_HEADER_TOGGLE = '[data-test-subj="stepAboutDetailsToggle"]';
+
 export const RULE_NAME_HEADER = '[data-test-subj="header-page-title"]';
 
 export const RULE_TYPE = 0;

diff --git a/x-pack/legacy/plugins/siem/cypress/tasks/create_new_rule.ts b/x-pack/legacy/plugins/siem/cypress/tasks/create_new_rule.ts
@@ -14,6 +14,7 @@ import {
   CUSTOM_QUERY_INPUT,
   DEFINE_CONTINUE_BUTTON,
   FALSE_POSITIVES_INPUT,
+  INVESTIGATION_NOTES_TEXTAREA,
   MACHINE_LEARNING_DROPDOWN,
   MACHINE_LEARNING_LIST,
   MACHINE_LEARNING_TYPE,
@@ -82,6 +83,8 @@ export const fillAboutRuleAndContinue = (rule: CustomRule | MachineLearningRule)
     cy.get(MITRE_BTN).click({ force: true });
   });
 
+  cy.get(INVESTIGATION_NOTES_TEXTAREA).type(rule.note, { force: true });
+
   cy.get(ABOUT_CONTINUE_BTN)
     .should('exist')
     .click({ force: true });