diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_type_dependents.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_type_dependents.ts index 6a51f724fc9e6..c244b9aca9ad0 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_type_dependents.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/add_prepackaged_rules_type_dependents.ts @@ -4,10 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ +import { isMlRule } from '../../../machine_learning/helpers'; +import { isThresholdRule } from '../../utils'; import { AddPrepackagedRulesSchema } from './add_prepackaged_rules_schema'; export const validateAnomalyThreshold = (rule: AddPrepackagedRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.anomaly_threshold == null) { return ['when "type" is "machine_learning" anomaly_threshold is required']; } else { @@ -19,7 +21,7 @@ export const validateAnomalyThreshold = (rule: AddPrepackagedRulesSchema): strin }; export const validateQuery = (rule: AddPrepackagedRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.query != null) { return ['when "type" is "machine_learning", "query" cannot be set']; } else { @@ -31,7 +33,7 @@ export const validateQuery = (rule: AddPrepackagedRulesSchema): string[] => { }; export const validateLanguage = (rule: AddPrepackagedRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.language != null) { return ['when "type" is "machine_learning", "language" cannot be set']; } else { @@ -55,7 +57,7 @@ export const validateSavedId = (rule: AddPrepackagedRulesSchema): string[] => { }; export const validateMachineLearningJobId = (rule: AddPrepackagedRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.machine_learning_job_id == null) { return ['when "type" is "machine_learning", "machine_learning_job_id" is required']; } else { @@ -93,7 +95,7 @@ export const validateTimelineTitle = (rule: AddPrepackagedRulesSchema): string[] }; export const validateThreshold = (rule: AddPrepackagedRulesSchema): string[] => { - if (rule.type === 'threshold') { + if (isThresholdRule(rule.type)) { if (!rule.threshold) { return ['when "type" is "threshold", "threshold" is required']; } else if (rule.threshold.value <= 0) { diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_type_dependents.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_type_dependents.ts index af665ff8c81d2..91b14fa9b999c 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_type_dependents.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/create_rules_type_dependents.ts @@ -4,10 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ +import { isMlRule } from '../../../machine_learning/helpers'; +import { isThresholdRule } from '../../utils'; import { CreateRulesSchema } from './create_rules_schema'; export const validateAnomalyThreshold = (rule: CreateRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.anomaly_threshold == null) { return ['when "type" is "machine_learning" anomaly_threshold is required']; } else { @@ -19,7 +21,7 @@ export const validateAnomalyThreshold = (rule: CreateRulesSchema): string[] => { }; export const validateQuery = (rule: CreateRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.query != null) { return ['when "type" is "machine_learning", "query" cannot be set']; } else { @@ -31,7 +33,7 @@ export const validateQuery = (rule: CreateRulesSchema): string[] => { }; export const validateLanguage = (rule: CreateRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.language != null) { return ['when "type" is "machine_learning", "language" cannot be set']; } else { @@ -55,7 +57,7 @@ export const validateSavedId = (rule: CreateRulesSchema): string[] => { }; export const validateMachineLearningJobId = (rule: CreateRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.machine_learning_job_id == null) { return ['when "type" is "machine_learning", "machine_learning_job_id" is required']; } else { @@ -93,7 +95,7 @@ export const validateTimelineTitle = (rule: CreateRulesSchema): string[] => { }; export const validateThreshold = (rule: CreateRulesSchema): string[] => { - if (rule.type === 'threshold') { + if (isThresholdRule(rule.type)) { if (!rule.threshold) { return ['when "type" is "threshold", "threshold" is required']; } else if (rule.threshold.value <= 0) { diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_type_dependents.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_type_dependents.ts index 269181449e9e9..87264d84fd73a 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_type_dependents.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/import_rules_type_dependents.ts @@ -4,10 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ +import { isMlRule } from '../../../machine_learning/helpers'; +import { isThresholdRule } from '../../utils'; import { ImportRulesSchema } from './import_rules_schema'; export const validateAnomalyThreshold = (rule: ImportRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.anomaly_threshold == null) { return ['when "type" is "machine_learning" anomaly_threshold is required']; } else { @@ -19,7 +21,7 @@ export const validateAnomalyThreshold = (rule: ImportRulesSchema): string[] => { }; export const validateQuery = (rule: ImportRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.query != null) { return ['when "type" is "machine_learning", "query" cannot be set']; } else { @@ -31,7 +33,7 @@ export const validateQuery = (rule: ImportRulesSchema): string[] => { }; export const validateLanguage = (rule: ImportRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.language != null) { return ['when "type" is "machine_learning", "language" cannot be set']; } else { @@ -55,7 +57,7 @@ export const validateSavedId = (rule: ImportRulesSchema): string[] => { }; export const validateMachineLearningJobId = (rule: ImportRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.machine_learning_job_id == null) { return ['when "type" is "machine_learning", "machine_learning_job_id" is required']; } else { @@ -93,7 +95,7 @@ export const validateTimelineTitle = (rule: ImportRulesSchema): string[] => { }; export const validateThreshold = (rule: ImportRulesSchema): string[] => { - if (rule.type === 'threshold') { + if (isThresholdRule(rule.type)) { if (!rule.threshold) { return ['when "type" is "threshold", "threshold" is required']; } else if (rule.threshold.value <= 0) { diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_type_dependents.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_type_dependents.ts index a229771a7c05c..c974f73926c21 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_type_dependents.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/patch_rules_type_dependents.ts @@ -4,10 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ +import { isMlRule } from '../../../machine_learning/helpers'; +import { isThresholdRule } from '../../utils'; import { PatchRulesSchema } from './patch_rules_schema'; export const validateQuery = (rule: PatchRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.query != null) { return ['when "type" is "machine_learning", "query" cannot be set']; } else { @@ -19,7 +21,7 @@ export const validateQuery = (rule: PatchRulesSchema): string[] => { }; export const validateLanguage = (rule: PatchRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.language != null) { return ['when "type" is "machine_learning", "language" cannot be set']; } else { @@ -67,7 +69,7 @@ export const validateId = (rule: PatchRulesSchema): string[] => { }; export const validateThreshold = (rule: PatchRulesSchema): string[] => { - if (rule.type === 'threshold') { + if (isThresholdRule(rule.type)) { if (!rule.threshold) { return ['when "type" is "threshold", "threshold" is required']; } else if (rule.threshold.value <= 0) { diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_type_dependents.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_type_dependents.ts index 44182d250c801..5f297fb9688fc 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_type_dependents.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/request/update_rules_type_dependents.ts @@ -4,10 +4,12 @@ * you may not use this file except in compliance with the Elastic License. */ +import { isMlRule } from '../../../machine_learning/helpers'; +import { isThresholdRule } from '../../utils'; import { UpdateRulesSchema } from './update_rules_schema'; export const validateAnomalyThreshold = (rule: UpdateRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.anomaly_threshold == null) { return ['when "type" is "machine_learning" anomaly_threshold is required']; } else { @@ -19,7 +21,7 @@ export const validateAnomalyThreshold = (rule: UpdateRulesSchema): string[] => { }; export const validateQuery = (rule: UpdateRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.query != null) { return ['when "type" is "machine_learning", "query" cannot be set']; } else { @@ -31,7 +33,7 @@ export const validateQuery = (rule: UpdateRulesSchema): string[] => { }; export const validateLanguage = (rule: UpdateRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.language != null) { return ['when "type" is "machine_learning", "language" cannot be set']; } else { @@ -55,7 +57,7 @@ export const validateSavedId = (rule: UpdateRulesSchema): string[] => { }; export const validateMachineLearningJobId = (rule: UpdateRulesSchema): string[] => { - if (rule.type === 'machine_learning') { + if (isMlRule(rule.type)) { if (rule.machine_learning_job_id == null) { return ['when "type" is "machine_learning", "machine_learning_job_id" is required']; } else { @@ -103,7 +105,7 @@ export const validateId = (rule: UpdateRulesSchema): string[] => { }; export const validateThreshold = (rule: UpdateRulesSchema): string[] => { - if (rule.type === 'threshold') { + if (isThresholdRule(rule.type)) { if (!rule.threshold) { return ['when "type" is "threshold", "threshold" is required']; } else if (rule.threshold.value <= 0) { diff --git a/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.ts b/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.ts index c53fb9d516dbc..c26a7efb0c288 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/schemas/response/rules_schema.ts @@ -8,9 +8,9 @@ import * as t from 'io-ts'; import { isObject } from 'lodash/fp'; import { Either, left, fold } from 'fp-ts/lib/Either'; import { pipe } from 'fp-ts/lib/pipeable'; -import { typeAndTimelineOnlySchema, TypeAndTimelineOnly } from './type_timeline_only_schema'; -import { isMlRule } from '../../../machine_learning/helpers'; +import { isMlRule } from '../../../machine_learning/helpers'; +import { isThresholdRule } from '../../utils'; import { actions, anomaly_threshold, @@ -66,6 +66,7 @@ import { DefaultRiskScoreMappingArray, DefaultSeverityMappingArray, } from '../types'; +import { typeAndTimelineOnlySchema, TypeAndTimelineOnly } from './type_timeline_only_schema'; /** * This is the required fields for the rules schema response. Put all required properties on @@ -229,7 +230,7 @@ export const addMlFields = (typeAndTimelineOnly: TypeAndTimelineOnly): t.Mixed[] }; export const addThresholdFields = (typeAndTimelineOnly: TypeAndTimelineOnly): t.Mixed[] => { - if (typeAndTimelineOnly.type === 'threshold') { + if (isThresholdRule(typeAndTimelineOnly.type)) { return [ t.exact(t.type({ threshold: dependentRulesSchema.props.threshold })), t.exact(t.partial({ saved_id: dependentRulesSchema.props.saved_id })), diff --git a/x-pack/plugins/security_solution/common/detection_engine/utils.ts b/x-pack/plugins/security_solution/common/detection_engine/utils.ts index 6a0f52c7916e6..170d28cb5a725 100644 --- a/x-pack/plugins/security_solution/common/detection_engine/utils.ts +++ b/x-pack/plugins/security_solution/common/detection_engine/utils.ts @@ -17,6 +17,6 @@ export const hasNestedEntry = (entries: EntriesArray): boolean => { return found.length > 0; }; -export const isEqlRule = (ruleType: Type) => ruleType === 'eql'; -export const isThresholdRule = (ruleType: Type) => ruleType === 'threshold'; -export const isQueryRule = (ruleType: Type) => ruleType === 'query'; +export const isEqlRule = (ruleType: Type | undefined) => ruleType === 'eql'; +export const isThresholdRule = (ruleType: Type | undefined) => ruleType === 'threshold'; +export const isQueryRule = (ruleType: Type | undefined) => ruleType === 'query'; diff --git a/x-pack/plugins/security_solution/common/machine_learning/helpers.ts b/x-pack/plugins/security_solution/common/machine_learning/helpers.ts index 73dc30f238c7e..73b14afb5d0c9 100644 --- a/x-pack/plugins/security_solution/common/machine_learning/helpers.ts +++ b/x-pack/plugins/security_solution/common/machine_learning/helpers.ts @@ -23,4 +23,4 @@ export const isJobFailed = (jobState: string, datafeedState: string): boolean => return failureStates.includes(jobState) || failureStates.includes(datafeedState); }; -export const isMlRule = (ruleType: Type) => ruleType === 'machine_learning'; +export const isMlRule = (ruleType: Type | undefined) => ruleType === 'machine_learning'; diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/all/batch_actions.tsx b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/all/batch_actions.tsx index 71cfbbf552d84..740cd63496682 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/all/batch_actions.tsx +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/all/batch_actions.tsx @@ -17,6 +17,7 @@ import { import { ActionToaster, displayWarningToast } from '../../../../../common/components/toasters'; import { Rule } from '../../../../containers/detection_engine/rules'; import * as detectionI18n from '../../translations'; +import { isMlRule } from '../../../../../../common/machine_learning/helpers'; interface GetBatchItems { closePopover: () => void; @@ -62,7 +63,7 @@ export const getBatchItems = ({ ); const deactivatedIdsNoML = deactivatedIds.filter( - (id) => rules.find((r) => r.id === id)?.type !== 'machine_learning' ?? false + (id) => !isMlRule(rules.find((r) => r.id === id)?.type) ); const mlRuleCount = deactivatedIds.length - deactivatedIdsNoML.length; diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts index 0137777f8f8f2..2acb3e57c5a3b 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/create/helpers.ts @@ -9,9 +9,8 @@ import moment from 'moment'; import deepmerge from 'deepmerge'; import { NOTIFICATION_THROTTLE_NO_ACTIONS } from '../../../../../../common/constants'; +import { assertUnreachable } from '../../../../../../common/utility_types'; import { transformAlertToRuleAction } from '../../../../../../common/detection_engine/transform_actions'; -import { isMlRule } from '../../../../../../common/machine_learning/helpers'; -import { isThresholdRule } from '../../../../../../common/detection_engine/utils'; import { List } from '../../../../../../common/detection_engine/schemas/types'; import { ENDPOINT_LIST_ID, ExceptionListType, NamespaceType } from '../../../../../shared_imports'; import { Rule } from '../../../../containers/detection_engine/rules'; @@ -88,16 +87,25 @@ const isThresholdFields = ( ): fields is ThresholdRuleFields => has('threshold', fields); export const filterRuleFieldsForType = (fields: T, type: Type) => { - if (isMlRule(type)) { - const { index, queryBar, threshold, ...mlRuleFields } = fields; - return mlRuleFields; - } else if (isThresholdRule(type)) { - const { anomalyThreshold, machineLearningJobId, ...thresholdRuleFields } = fields; - return thresholdRuleFields; - } else { - const { anomalyThreshold, machineLearningJobId, threshold, ...queryRuleFields } = fields; - return queryRuleFields; + switch (type) { + case 'machine_learning': + const { index, queryBar, threshold, ...mlRuleFields } = fields; + return mlRuleFields; + case 'threshold': + const { anomalyThreshold, machineLearningJobId, ...thresholdRuleFields } = fields; + return thresholdRuleFields; + case 'query': + case 'saved_query': + case 'eql': + const { + anomalyThreshold: _a, + machineLearningJobId: _m, + threshold: _t, + ...queryRuleFields + } = fields; + return queryRuleFields; } + assertUnreachable(type); }; export const formatDefineStepData = (defineStepData: DefineStepRule): DefineStepRuleJson => { diff --git a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx index 2988e031c4dd6..68799f46eee57 100644 --- a/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx +++ b/x-pack/plugins/security_solution/public/detections/pages/detection_engine/rules/details/index.tsx @@ -390,7 +390,7 @@ export const RuleDetailsPageComponent: FC = ({ { const queryRuleParams = ['index', 'filters', 'language', 'query', 'saved_id']; - if (isMlRule(ruleType)) { - return ['anomaly_threshold', 'machine_learning_job_id']; + switch (ruleType) { + case 'machine_learning': + return ['anomaly_threshold', 'machine_learning_job_id']; + case 'threshold': + return ['threshold', ...queryRuleParams]; + case 'query': + case 'saved_query': + case 'eql': + return queryRuleParams; } - - if (ruleType === 'threshold') { - return ['threshold', ...queryRuleParams]; - } - - return queryRuleParams; + assertUnreachable(ruleType); }; export const getActionMessageRuleParams = (ruleType: Type): string[] => { diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts index acd800e54040c..959bf3186f136 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/create_rules_bulk_route.ts @@ -27,6 +27,7 @@ import { buildRouteValidation } from '../../../../utils/build_validation/route_v import { transformBulkError, createBulkErrorObject, buildSiemResponse } from '../utils'; import { updateRulesNotifications } from '../../rules/update_rules_notifications'; import { PartialFilter } from '../../types'; +import { isMlRule } from '../../../../../common/machine_learning/helpers'; export const createRulesBulkRoute = (router: IRouter, ml: SetupPlugins['ml']) => { router.post( @@ -112,13 +113,10 @@ export const createRulesBulkRoute = (router: IRouter, ml: SetupPlugins['ml']) => }); } - const query = - type !== 'machine_learning' && queryOrUndefined == null ? '' : queryOrUndefined; + const query = !isMlRule(type) && queryOrUndefined == null ? '' : queryOrUndefined; const language = - type !== 'machine_learning' && languageOrUndefined == null - ? 'kuery' - : languageOrUndefined; + !isMlRule(type) && languageOrUndefined == null ? 'kuery' : languageOrUndefined; // TODO: Fix these either with an is conversion or by better typing them within io-ts const actions: RuleAlertAction[] = actionsRest as RuleAlertAction[]; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/import_rules_route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/import_rules_route.ts index 8a7215e5a5bad..60bb8c79243d7 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/import_rules_route.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/import_rules_route.ts @@ -19,6 +19,7 @@ import { ImportRulesSchema as ImportRulesResponseSchema, importRulesSchema as importRulesResponseSchema, } from '../../../../../common/detection_engine/schemas/response/import_rules_schema'; +import { isMlRule } from '../../../../../common/machine_learning/helpers'; import { IRouter } from '../../../../../../../../src/core/server'; import { createPromiseFromStreams } from '../../../../../../../../src/core/server/utils/'; import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants'; @@ -174,13 +175,10 @@ export const importRulesRoute = (router: IRouter, config: ConfigType, ml: SetupP } = parsedRule; try { - const query = - type !== 'machine_learning' && queryOrUndefined == null ? '' : queryOrUndefined; + const query = !isMlRule(type) && queryOrUndefined == null ? '' : queryOrUndefined; const language = - type !== 'machine_learning' && languageOrUndefined == null - ? 'kuery' - : languageOrUndefined; + !isMlRule(type) && languageOrUndefined == null ? 'kuery' : languageOrUndefined; // TODO: Fix these either with an is conversion or by better typing them within io-ts const filters: PartialFilter[] | undefined = filtersRest as PartialFilter[]; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts index 518024387fed3..0e414e130849a 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/update_rules_bulk_route.ts @@ -13,6 +13,7 @@ import { UpdateRulesBulkSchemaDecoded, } from '../../../../../common/detection_engine/schemas/request/update_rules_bulk_schema'; import { rulesBulkSchema } from '../../../../../common/detection_engine/schemas/response/rules_bulk_schema'; +import { isMlRule } from '../../../../../common/machine_learning/helpers'; import { IRouter } from '../../../../../../../../src/core/server'; import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants'; import { SetupPlugins } from '../../../../plugin'; @@ -108,13 +109,10 @@ export const updateRulesBulkRoute = (router: IRouter, ml: SetupPlugins['ml']) => }); } - const query = - type !== 'machine_learning' && queryOrUndefined == null ? '' : queryOrUndefined; + const query = !isMlRule(type) && queryOrUndefined == null ? '' : queryOrUndefined; const language = - type !== 'machine_learning' && languageOrUndefined == null - ? 'kuery' - : languageOrUndefined; + !isMlRule(type) && languageOrUndefined == null ? 'kuery' : languageOrUndefined; // TODO: Fix these either with an is conversion or by better typing them within io-ts const actions: RuleAlertAction[] = actionsRest as RuleAlertAction[]; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/update_rules_route.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/update_rules_route.ts index 299b99c4d37b0..553d084b62633 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/update_rules_route.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/rules/update_rules_route.ts @@ -10,6 +10,7 @@ import { updateRulesSchema, UpdateRulesSchemaDecoded, } from '../../../../../common/detection_engine/schemas/request/update_rules_schema'; +import { isMlRule } from '../../../../../common/machine_learning/helpers'; import { IRouter } from '../../../../../../../../src/core/server'; import { DETECTION_ENGINE_RULES_URL } from '../../../../../common/constants'; import { SetupPlugins } from '../../../../plugin'; @@ -87,13 +88,10 @@ export const updateRulesRoute = (router: IRouter, ml: SetupPlugins['ml']) => { exceptions_list: exceptionsList, } = request.body; try { - const query = - type !== 'machine_learning' && queryOrUndefined == null ? '' : queryOrUndefined; + const query = !isMlRule(type) && queryOrUndefined == null ? '' : queryOrUndefined; const language = - type !== 'machine_learning' && languageOrUndefined == null - ? 'kuery' - : languageOrUndefined; + !isMlRule(type) && languageOrUndefined == null ? 'kuery' : languageOrUndefined; // TODO: Fix these either with an is conversion or by better typing them within io-ts const actions: RuleAlertAction[] = actionsRest as RuleAlertAction[];