[Security Solution] Apply same defaults values in extractDiffableCommonFields as in convertCreateAPIToInternalSchema
#180165
Assignees
Labels
Feature:Prebuilt Detection Rules
Security Solution Prebuilt Detection Rules area
refactoring
Team:Detection Rule Management
Security Detection Rule Management Team
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Comments
jpdjere
added
triage_needed
Team:Detections and Resp
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
This was referenced Apr 5, 2024
banderror
changed the title
extractDiffableCommonFields as in convertCreateAPIToInternalSchemaextractDiffableCommonFields as in convertCreateAPIToInternalSchema (DRAFT)
jpdjere
changed the title
extractDiffableCommonFields as in convertCreateAPIToInternalSchema (DRAFT)extractDiffableCommonFields as in convertCreateAPIToInternalSchema
banderror
added
refactoring
8.15 candidate
8.16 candidate
v8.16.0
and removed
triage_needed
8.15 candidate
labels
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Epics: https://github.com/elastic/security-team/issues/1974 (internal), #179907
Summary
The default values for the fields defined in the functions
extractDiffableCommonFieldsandconvertCreateAPIToInternalSchemaare different for some fields. (Seenoteas an example).This has caused some fields to be returned as having diffs in the
/upgrade/_reviewendpoint when they shouldn't have had. As a workaround for this, we implemented normalization in the frontend code that displays the diffs. But this shouldn't be necessary and the data should be consistent server-side.In
extractDiffableCommonFields, apply the same default values to the rule as inconvertCreateAPIToInternalSchema, which means reuse the existing code.Create reusable code that ensures that the defaults provided by
extractDiffableCommonFieldsandconvertCreateAPIToInternalSchemado not diverge over time. (comment).The text was updated successfully, but these errors were encountered: