Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Defend Workflows] [Question] Search bar is case sensitive for Trusted application, Blocklist, Host isolation, Event filter. #173980

Open
sukhwindersingh-qasource opened this issue Dec 27, 2023 · 5 comments
Open

[Defend Workflows] [Question] Search bar is case sensitive for Trusted application, Blocklist, Host isolation, Event filter. #173980

sukhwindersingh-qasource opened this issue Dec 27, 2023 · 5 comments
Labels
planning Question Ticket having question for Dev team Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. triage_needed v8.12.0

Comments

@sukhwindersingh-qasource
Copy link

sukhwindersingh-qasource commented Dec 27, 2023
edited
Loading

Describe the bug:
[Question] Search bar is case sensitive for Trusted application, Blocklist, Host isolation, Event filter.

Build Details:

VERSION: 8.12.0 BC3
BUILD: 69985
COMMIT: 2a8afed8572a4c709aa1c64216748197eeb9b18f

Preconditions

  • Kibana should be running.
  • Entries should exist for Trusted application, Blocklist, Host isolation, Event filter.

Steps to Reproduce

  • Navigate to Trusted application, Blocklist, Host isolation, Event filter one by one
  • Search in the search bar if entries are name as small letter , example : "test" then in search bar Search it as a "TEST"
  • We are not able to see any result.
  • But when we try this same for Exception List we are able to see the result.

Screen-Cast:

Trusted.applications.-.Kibana.Mozilla.Firefox.2023-12-27.15-03-00.mp4

Query

So could you please clarify the behavior as we are expecting the uniform behavior of search bar in various listed application

Search behavior : Case Sensitive : Trusted application, Blocklist, Host isolation, Event filter
Search behavior : Case In Sensitive: Shared Exception Lists, Rules.
@sukhwindersingh-qasource sukhwindersingh-qasource added triage_needed Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Question Ticket having question for Dev team v8.12.0 labels Dec 27, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

@sukhwindersingh-qasource
Copy link
Author

@karanbirsingh-qasource please review this.
Thanks!

@dasansol92
Copy link
Contributor

@sukhwindersingh-qasource Thanks for looking into this.
This is the expected behaviour (and it's how it has been working since the beginning) for Trusted apps, event filters, etc.
Agreed about the consistency of different search areas. I think make sense to have it also case insensitive for Trusted apps, event filters, etc.

What do you think @caitlinbetz ?

@ghost ghost assigned dasansol92 and unassigned ghost Dec 27, 2023
@caitlinbetz
Copy link

agree @dasansol92 that its a smoother experience if case insensitive.

@dasansol92 dasansol92 removed their assignment Jan 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
planning Question Ticket having question for Dev team Team:Defend Workflows “EDR Workflows” sub-team of Security Solution Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. triage_needed v8.12.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dasansol92 @elasticmachine @caitlinbetz @sukhwindersingh-qasource