Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Implement query filters diff algorithm #190241

Open
2 tasks
Tracked by #179907
jpdjere opened this issue Aug 9, 2024 · 3 comments
Open
2 tasks
Tracked by #179907

[Security Solution] Implement query filters diff algorithm #190241

jpdjere opened this issue Aug 9, 2024 · 3 comments
Assignees
@dplumlee
Labels
enhancement New value added to drive a business result Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@jpdjere
Copy link
Contributor

jpdjere commented Aug 9, 2024
edited by banderror
Loading

Epics: https://github.com/elastic/security-team/issues/1974 (internal), #174168

Summary

Implement an algorithm for diffing and merging changes in the array of filters which is used in the query fields: kql_query, eql_query, and esql_query. The array is currently diffed using a simple diffing approach.

Context from the Rule Customization RFC:

To do

  • Create a way to effectively merge three versions of the filters array that makes sense from the UX perspective.
  • Implement this new algorithm for diffing three versions of filters within the kql_query, eql_query, and esql_query algorithms.
@jpdjere jpdjere added triage_needed enhancement New value added to drive a business result Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area 8.17 candidate labels Aug 9, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

This was referenced Aug 9, 2024
Merged
Open
@banderror banderror changed the title [Security Solution] Implement diffing algorithm for filters array of query fields [Security Solution] Implement query filters diff algorithm Sep 13, 2024
@banderror banderror mentioned this issue Oct 9, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dplumlee dplumlee

Labels
enhancement New value added to drive a business result Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jpdjere @banderror @elasticmachine @dplumlee