[Security Solution] Application does not fail gracefully when navigating to a non existing rule from a case #124355

MadameSheema · 2022-02-02T15:20:33Z

Describe the bug:

Application does not fail gracefully when navigating to a non existing rule from a case

Kibana/Elasticsearch Stack version:
8.0-rc2 BC4

Steps to reproduce:

Export a case with an attached alert
Import the case into an instance or space where the alert and the rule does not exist
Open the imported case
Click on the rule name of the attached alert

Current behavior:

Expected behavior:

The application fails gracefully warning the user the rule does not eixst

Additional information:

If you manually update the URL modifying the id by another value, the application fails gracefully

elasticmachine · 2022-02-02T15:20:35Z

Pinging @elastic/security-solution (Team: SecuritySolution)

jonathan-buttner · 2022-02-02T16:20:58Z

I've been looking into this. I don't believe this is a cases issue. I can reproduce this without interacting with cases by doing the following:

Create a detection rule and have it create some alerts in the default space
Copy the URL for the rule page
Create a new space
Modify the URL copied in step 2 to use the new space and navigate to it in the browser

The rule page will begin to load and then crash the UI.

I think this has something to do with attempting to access a rule that does exist but is in a different space.

elasticmachine · 2022-02-07T11:15:09Z

Pinging @elastic/security-detections-response (Team:Detections and Resp)

spong · 2022-02-08T20:28:29Z

Also found in testing #124194 (comment), additional details from there include:

Came across an app crash in initial testing when visiting a Rule Details page for an id that has never existed.

And non-minified stacktrace -- looks like we're not short circuiting soon enough and trying to fill in the severityMappings with an empty mapping. Must be an underlying type issue lingering in there?

…le details page opened on non-existent rule #133867 ## Summary fixes #124355 In this PR, when results of fallback alerts search are empty, we return `undefined` for rule, instead of `{}` in helper method `transformRuleFromAlertHit`. Returning `{}` caused break in typings, allowed return types for that method are only `Rule` | `undefined` ### Before <img width="1623" alt="Screenshot 2022-06-08 at 11 49 31" src="https://user-images.githubusercontent.com/92328789/172598751-a8e85d66-d439-40a7-8b65-652c87373c07.png"> ### After <img width="1613" alt="Screenshot 2022-06-08 at 11 48 59" src="https://user-images.githubusercontent.com/92328789/172598768-d25b53c6-9deb-47d7-aff6-83bd66335fb3.png"> ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios

…le details page opened on non-existent rule #133867 ## Summary fixes #124355 In this PR, when results of fallback alerts search are empty, we return `undefined` for rule, instead of `{}` in helper method `transformRuleFromAlertHit`. Returning `{}` caused break in typings, allowed return types for that method are only `Rule` | `undefined` ### Before <img width="1623" alt="Screenshot 2022-06-08 at 11 49 31" src="https://user-images.githubusercontent.com/92328789/172598751-a8e85d66-d439-40a7-8b65-652c87373c07.png"> ### After <img width="1613" alt="Screenshot 2022-06-08 at 11 48 59" src="https://user-images.githubusercontent.com/92328789/172598768-d25b53c6-9deb-47d7-aff6-83bd66335fb3.png"> ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 1fd9a76)

banderror · 2022-06-08T19:17:44Z

@deepikakeshav-qasource @karanbirsingh-qasource @manishgupta-qasource could you please validate that this bug has been fixed? The fix should be available in the next 8.3.0 BC.

…le details page opened on non-existent rule #133867 (#133942) ## Summary fixes #124355 In this PR, when results of fallback alerts search are empty, we return `undefined` for rule, instead of `{}` in helper method `transformRuleFromAlertHit`. Returning `{}` caused break in typings, allowed return types for that method are only `Rule` | `undefined` ### Before <img width="1623" alt="Screenshot 2022-06-08 at 11 49 31" src="https://user-images.githubusercontent.com/92328789/172598751-a8e85d66-d439-40a7-8b65-652c87373c07.png"> ### After <img width="1613" alt="Screenshot 2022-06-08 at 11 48 59" src="https://user-images.githubusercontent.com/92328789/172598768-d25b53c6-9deb-47d7-aff6-83bd66335fb3.png"> ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 1fd9a76) Co-authored-by: Vitalii Dmyterko <92328789+vitaliidm@users.noreply.github.com>

ghost · 2022-06-13T07:42:19Z

Hi @banderror

we have validated this issue on 8.3.0 BC3 and found the issue to be not fixed ❌ . please find the observations below:

Build details:

Version:8.3.0-BC3
Commit:7a0df2bca36ced2a898420cbb193a9dba0782a7a
Build:53272

Steps:

Create Build 1
Generated Alert from Rule
Attached Alert to case
Exported above case from SO
Create new build where the alert and the rule does not exist
Import the case and checked the navigation , it breaks and red banner got shown to user

Screen-Cast:

Elastic.Mozilla.Firefox.2022-06-13.13-06-06.mp4

banderror · 2022-06-13T13:04:54Z

@karanbirsingh-qasource It should be available in BC4. It's scheduled for tomorrow June 14th (https://github.com/elastic/dev/issues/2022). Thanks!

ghost · 2022-06-15T09:37:13Z

Hi @banderror

We have validated above issue on 8.3.0 BC4 and observed that issue is Fixed. 🟢

Please find the below testing details

Build info:

Version : 8.3.0 BC4
Build : 53413
Commit : 875ea184462f73a04410981ac9eaf799db28b4f0

Screenshots/Screencast:

case.import.mp4

Hence, We are closing this issue and marking this as QA Validated.

Thanks!

MadameSheema added bug Fixes for quality problems that affect the customer experience triage_needed Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Feb 2, 2022

MadameSheema assigned banderror Feb 2, 2022

MadameSheema added Team:Detection Rule Management Security Detection Rule Management Team impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. v8.0.1 v8.1.0 and removed triage_needed labels Feb 2, 2022

banderror removed their assignment Feb 7, 2022

banderror added the Team:Detections and Resp Security Detection Response Team label Feb 7, 2022

banderror self-assigned this Feb 9, 2022

MadameSheema mentioned this issue Feb 11, 2022

[Security Solution]Rule Navigation breaking on imported case on different cloud build #125338

Closed

banderror added v8.2.0 8.2 candidate considered, but not committed, for 8.2 release and removed v8.1.0 v8.0.1 labels Feb 14, 2022

peluja1012 added the Feature:Detection Rules Anything related to Security Solution's Detection Rules label Apr 4, 2022

banderror added 8.3 candidate and removed v8.2.0 8.2 candidate considered, but not committed, for 8.2 release labels Apr 11, 2022

banderror removed their assignment Apr 27, 2022

vitaliidm self-assigned this Jun 7, 2022

vitaliidm mentioned this issue Jun 8, 2022

[Security Solution][Detection rules] fixes ungraceful failure when rule details page opened on non-existent rule #133867

Merged

1 task

vitaliidm closed this as completed in #133867 Jun 8, 2022

banderror added the v8.3.0 label Jun 8, 2022

banderror reopened this Jun 8, 2022

banderror linked a pull request Jun 8, 2022 that will close this issue

[8.3] [Security Solution][Detection rules] fixes ungraceful failure when rule details page opened on non-existent rule #133867 #133942

Merged

banderror added the fixed label Jun 8, 2022

ghost added the QA:Validated Issue has been validated by QA label Jun 15, 2022

ghost closed this as completed Jun 15, 2022

This issue was closed.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Security Solution] Application does not fail gracefully when navigating to a non existing rule from a case #124355

[Security Solution] Application does not fail gracefully when navigating to a non existing rule from a case #124355

MadameSheema commented Feb 2, 2022

elasticmachine commented Feb 2, 2022

jonathan-buttner commented Feb 2, 2022 •

edited

Loading

elasticmachine commented Feb 7, 2022

spong commented Feb 8, 2022

banderror commented Jun 8, 2022

ghost commented Jun 13, 2022

banderror commented Jun 13, 2022

ghost commented Jun 15, 2022

[Security Solution] Application does not fail gracefully when navigating to a non existing rule from a case #124355

[Security Solution] Application does not fail gracefully when navigating to a non existing rule from a case #124355

Comments

MadameSheema commented Feb 2, 2022

elasticmachine commented Feb 2, 2022

jonathan-buttner commented Feb 2, 2022 • edited Loading

elasticmachine commented Feb 7, 2022

spong commented Feb 8, 2022

banderror commented Jun 8, 2022

ghost commented Jun 13, 2022

banderror commented Jun 13, 2022

ghost commented Jun 15, 2022

jonathan-buttner commented Feb 2, 2022 •

edited

Loading