[Security Solution] Added guided onboarding for the rules area #144016
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
xcrzx
added
release_note:enhancement
Team:Detections and Resp
xcrzx
commented
Oct 26, 2022
...ib/detection_engine/prebuilt_rules/content/prepackaged_rules/apm_403_response_to_a_post.json
Outdated
Show resolved
Hide resolved
xcrzx
force-pushed
the
rules-guided-onboarding
branch
3 times, most recently
from
7f73dad
to
5a5c3c3
Compare
|
@elasticmachine merge upstream |
...tion/public/detection_engine/rule_management_ui/components/guided_onboarding/translations.ts
Show resolved
Hide resolved
xcrzx
force-pushed
the
rules-guided-onboarding
branch
from
68bf5c7
to
2bb0b7d
Compare
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
xcrzx
force-pushed
the
rules-guided-onboarding
branch
from
ddbb89f
to
37bbf51
Compare
3 tasks
💚 Build Succeeded
Metrics [docs]Module Count
Async chunks
Unknown metric groupsESLint disabled in files
ESLint disabled line counts
Total ESLint disabled count
History
To update your PR or re-run it, just comment with: cc @xcrzx |
@maximpn Initially, I was going to implement the tour logic based on cache invalidation. But it turned out to be not necessary. So I left the changes related to cache keys in this PR, which is a nice improvement disregarding the final implementation. |
|
@gavinwye I've merged this PR, but feel free to leave any feedback here. I'll address it in a follow-up PR. |
jloleysens
added a commit
to jloleysens/kibana
that referenced
this pull request
Oct 31, 2022
* main: Upgrade @elastic/makelogs from v6.0.0 to v6.1.1 (elastic#144231) [Files] move to src (elastic#144044) [Synthetics UI] Add pagination and date filtering to test runs table (elastic#144029) Update time range when opening timeline from Entity Analytics page (elastic#144024) [Security Solution] Added guided onboarding for the rules area (elastic#144016)
xcrzx
added a commit
that referenced
this pull request
Nov 15, 2022
…area (#145223) **Related to: #144016 ## Summary This follow-up PR addresses guided onboarding feedback mentioned [here](elastic/security-team#5386) and [here](#144458). To summarize: - We're keeping the first step (install prebuilt rules) intact, but most users wouldn't see it as the rules are installed automatically during previous stages. This step is needed to cover edge cases when rules were deleted for some reason. - We're splitting the second step into two: 1) search the first rule and 2) activate it. - We're adding "Next" buttons to these steps. - For the search step, the "Next" button will automatically filter the rules table, so the first rule becomes visible. - For the activate step, the "Next" button automatically activates the first rule. - The "Next" button stays optional; we still automatically progress the guide once user actions satisfy certain conditions, like the user filtered the rules table manually or activated the first rule by clicking its toggle.
benakansara
pushed a commit
to benakansara/kibana
that referenced
this pull request
Nov 17, 2022
…area (elastic#145223) **Related to: elastic#144016 ## Summary This follow-up PR addresses guided onboarding feedback mentioned [here](elastic/security-team#5386) and [here](elastic#144458). To summarize: - We're keeping the first step (install prebuilt rules) intact, but most users wouldn't see it as the rules are installed automatically during previous stages. This step is needed to cover edge cases when rules were deleted for some reason. - We're splitting the second step into two: 1) search the first rule and 2) activate it. - We're adding "Next" buttons to these steps. - For the search step, the "Next" button will automatically filter the rules table, so the first rule becomes visible. - For the activate step, the "Next" button automatically activates the first rule. - The "Next" button stays optional; we still automatically progress the guide once user actions satisfy certain conditions, like the user filtered the rules table manually or activated the first rule by clicking its toggle.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves: https://github.com/elastic/security-team/issues/5089
Related PR with other onboarding steps: #143598
Summary
Added Rules Area guided onboarding steps.
1. If no onboarding rules are installed - show the install rules tour step
We search for any prebuilt detection rules that have the "Guided Onboarding" tag on them. I there's no any, we will show the tour step. It works for both cases when the user has no rules at all or their rules are outdated. If the rules are already installed - skip to the next step.
2. If onboarding rules are installed - show the enable rule step
We check if any of the shipped onboarding rules are activated. If yes - skip to the end of the tour; otherwise, show the tour step. Once the user activates an onboarding rule, we automatically finish the current onboarding step.
Testing instructions
xpack.securitySolution.enableExperimental: ['guidedOnboarding']yarn start --run-examples/app/guidedOnboardingExamplesecurityand Step ID torules