Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Detection engine] Some UX for rule creation #54471

Merged
merged 6 commits into from
Jan 10, 2020
Merged

[Detection engine] Some UX for rule creation #54471

merged 6 commits into from
Jan 10, 2020

Conversation

XavierM
Copy link
Contributor

@XavierM XavierM commented Jan 10, 2020
edited
Loading

Summary

  • Step headers should utilize sentence casing. Please change “Define Rule” to “Define rule”, “About Rule” to “About rule” and “Schedule Rule” to “Schedule rule”.
  • The “Index patterns” field validation text uses an incorrect plural. Suggest changing to “A minimum of one index pattern is required.”
  • I love your addition of the “Only favorites” filter button to the “Timeline template” field dropdown. Can we just alter the layout slightly and possibly add an indicator showing which timeline is favorited versus unfavorited in the list? I’ve updated my Figma design to reflect this request. (X)
    image
  • Selected check icons and subsequent text are not aligned as shown in the EuiSelectable documentation examples and the Figma design updates in the “Timeline template” field dropdown. Would it be possible to update the alignment as shown in the Figma designs? (X)
  • Can the “Add reference” button text for the “Reference URLs” field be changed to “Add reference URL”? (X)
  • Can the “False positives” field label be renamed to “False positive examples” and the subsequent “Add false positive” button text be changed to “Add false positive example”? (X)
  • For both the “Reference URLs” and “False positive examples” fields, if the user begins to type a string in the input and then goes back and deletes it, the entire input element is suddenly removed. This could be very confusing for a user who is just potentially editing their text. Can we leave the input element present, even if the user deletes text that they had in it? The field should only be removed when clicking the trash button icon. (X)
  • The subordinate actions for “Add reference URL” and “Add false positive example” do not appear to work unless the preceding field is filled. This confused me at first, as I thought it was broken when I attempted to add multiple at once. Can we allow users to add reference URLs and false positive examples without requiring they have the fields filled first? (X)
  • If a user has not yet selected a “MITRE ATT&CK tactic” for a given row, the related “MITRE ATT&CK technique” should be disabled without a placeholder, as indicated in the updated mockups. Only once a tactic has been selected, the technique field should be enabled with accompanying placeholder. (X)

Checklist

Use strikethroughs to remove checklist items you don't feel are applicable to this PR.

For maintainers

@XavierM
wip
dd5ed77
@XavierM
update timelien select to design
8db8900
@XavierM
Rename label to design
fea92fc 
Timeline Select match design with favorite
Now, you are able to add mutiple items for url and false positive
Add tm for Mitre Att&ck (tnaks Frank)
And match mitre selection to design
@XavierM XavierM added Team:SIEM v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.6.0 labels Jan 10, 2020
@XavierM XavierM self-assigned this Jan 10, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@XavierM
Copy link
Contributor Author

XavierM commented Jan 10, 2020

@elasticmachine merge upstream

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

MichaelMarcialis
MichaelMarcialis approved these changes Jan 10, 2020
View reviewed changes
Copy link
Contributor

@MichaelMarcialis MichaelMarcialis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good from my perspective. Thanks @XavierM!

@XavierM XavierM merged commit 51e51ca into elastic:master Jan 10, 2020
@XavierM XavierM mentioned this pull request Jan 10, 2020
Merged
XavierM added a commit to XavierM/kibana that referenced this pull request Jan 10, 2020
@XavierM @elasticmachine
[Detection engine] Some UX for rule creation (elastic#54471)
18e81ea 
* wip

* update timelien select to design

* Rename label to design
Timeline Select match design with favorite
Now, you are able to add mutiple items for url and false positive
Add tm for Mitre Att&ck (tnaks Frank)
And match mitre selection to design

* cleanup with michael

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
XavierM added a commit that referenced this pull request Jan 11, 2020
@XavierM @elasticmachine
[Detection engine] Some UX for rule creation (#54471) (#54519)
49f1c3b 
* wip

* update timelien select to design

* Rename label to design
Timeline Select match design with favorite
Now, you are able to add mutiple items for url and false positive
Add tm for Mitre Att&ck (tnaks Frank)
And match mitre selection to design

* cleanup with michael

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
thomasneirynck pushed a commit to thomasneirynck/kibana that referenced this pull request Jan 12, 2020
@XavierM @elasticmachine @thomasneirynck
[Detection engine] Some UX for rule creation (elastic#54471)
6c1686d 
* wip

* update timelien select to design

* Rename label to design
Timeline Select match design with favorite
Now, you are able to add mutiple items for url and false positive
Add tm for Mitre Att&ck (tnaks Frank)
And match mitre selection to design

* cleanup with michael

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jan 13, 2020
@gmmorris
Merge branch 'master' into task-manager/schema-config
4173614 
* master: (69 commits)
  [Graph] Fix various a11y issues (elastic#54097)
  Add ApplicationService app status management (elastic#50223)
  logs in one time (elastic#54447)
  Deprecate using `elasticsearch.ssl.certificate` without `elasticsearch.ssl.key` and vice versa (elastic#54392)
  [Optimizer] Fix a stack overflow with watch_cache when it attempts to delete very large folders. (elastic#54457)
  Security - Role Mappings UI (elastic#53620)
  [SIEM] [Detection engine] Permission II (elastic#54292)
  Allow User to Cleanup Repository from UI  (elastic#53047)
  [Detection engine] Some UX for rule creation (elastic#54471)
  share specific instances of some ui packages (elastic#54079)
  [ML] APM modules configs for RUM Javascript and NodeJS (elastic#53792)
  [APM] Delay rendering invalid license notification (elastic#53924)
  [Graph] Improve error message on graph requests (elastic#54230)
  [ILM] Kibana should allow a min_age setting of 0ms in ILM policy phases (elastic#53719)
  Unit Tests for common/lib (elastic#53736)
  [Graph] Only show explorable fields (elastic#54101)
  remove linting rule exception for markdown (elastic#54232)
  [Monitoring] Fetch shard data more efficiently (elastic#54028)
  [Maps] Add hiddenLayers option to embeddable map input (elastic#54355)
  Pass termOrder and hasTermsAgg properties to serializeThresholdWatch function (elastic#54391)
  ...
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jan 13, 2020
@gmmorris
Merge branch 'master' into alerting/zombie-redux
0ce6ed5 
* master: (69 commits)
  [Graph] Fix various a11y issues (elastic#54097)
  Add ApplicationService app status management (elastic#50223)
  logs in one time (elastic#54447)
  Deprecate using `elasticsearch.ssl.certificate` without `elasticsearch.ssl.key` and vice versa (elastic#54392)
  [Optimizer] Fix a stack overflow with watch_cache when it attempts to delete very large folders. (elastic#54457)
  Security - Role Mappings UI (elastic#53620)
  [SIEM] [Detection engine] Permission II (elastic#54292)
  Allow User to Cleanup Repository from UI  (elastic#53047)
  [Detection engine] Some UX for rule creation (elastic#54471)
  share specific instances of some ui packages (elastic#54079)
  [ML] APM modules configs for RUM Javascript and NodeJS (elastic#53792)
  [APM] Delay rendering invalid license notification (elastic#53924)
  [Graph] Improve error message on graph requests (elastic#54230)
  [ILM] Kibana should allow a min_age setting of 0ms in ILM policy phases (elastic#53719)
  Unit Tests for common/lib (elastic#53736)
  [Graph] Only show explorable fields (elastic#54101)
  remove linting rule exception for markdown (elastic#54232)
  [Monitoring] Fetch shard data more efficiently (elastic#54028)
  [Maps] Add hiddenLayers option to embeddable map input (elastic#54355)
  Pass termOrder and hasTermsAgg properties to serializeThresholdWatch function (elastic#54391)
  ...
chrisronline pushed a commit to chrisronline/kibana that referenced this pull request Jan 13, 2020
@XavierM @elasticmachine @chrisronline
[Detection engine] Some UX for rule creation (elastic#54471)
e1a0e0d 
* wip

* update timelien select to design

* Rename label to design
Timeline Select match design with favorite
Now, you are able to add mutiple items for url and false positive
Add tm for Mitre Att&ck (tnaks Frank)
And match mitre selection to design

* cleanup with michael

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
@XavierM XavierM deleted the detection-engine-match-design branch June 4, 2020 16:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MichaelMarcialis MichaelMarcialis MichaelMarcialis approved these changes

@patrykkopycinski patrykkopycinski Awaiting requested review from patrykkopycinski

Assignees

@XavierM XavierM

Labels
release_note:skip Skip the PR/issue when compiling release notes Team:SIEM v7.6.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@XavierM @elasticmachine @kibanamachine @MichaelMarcialis