[Security Solution] Add a way to filter rules on enabled or disabled state #132497
Assignees
Labels
8.7 candidate
enhancement
New value added to drive a business result
Feature:Rule Management
Security Solution Detection Rule Management area
needs design
Team:Detection Rule Management
Security Detection Rule Management Team
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Comments
banderror
added
Team:Detections and Resp
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
banderror
changed the title
7 tasks
7 tasks
maximpn
added a commit
that referenced
this issue
Feb 4, 2023
…0153) **Addresses:** #132497 ## Summary This PR adds a rules table filter for the enabled and disabled state. *Filter in action*: https://user-images.githubusercontent.com/3775283/216316405-27ad8b21-6392-4705-8af8-53c746a00acf.mov Since the added filter occupies some space the search field may shrink too much. To address this issue wrapping was enabled for the filter row. *Layout responsiveness:* https://user-images.githubusercontent.com/3775283/216380837-3bda2072-4f5b-4754-8e57-8978c5e2b0d5.mov ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] Any UI touched in this PR is usable by keyboard only (learn more about [keyboard accessibility](https://webaim.org/techniques/keyboard/)) - [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server)) - [x] This was checked for [cross-browser compatibility](https://www.elastic.co/support/matrix#matrix_browsers)
4 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature:
Within the Security Application's Rules Management page there should be an easy way to filter the display to show and select only the enabled or disabled rules.
Describe a specific use case for the feature:
Scenario 1: My manager asked me how many custom rules we have currently enabled on our SIEM. To find that answer I would select the custom rules and then filter to only display the enabled rules. Then I could easily see the answer to the question in the
Showing X Rulesfield of the table.Scenario 2: I need to add a tag in all currently disabled rules so I would use this filter to only show the disabled rules, then select all and do a bulk update of the tags.
The text was updated successfully, but these errors were encountered: