You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[8.19] [Security Solution] Add event-based telemetry for prebuilt rule upgrade API (#234571) (#235318)
# Backport
This will backport the following commits from `main` to `8.19`:
- [[Security Solution] Add event-based telemetry for prebuilt rule
upgrade API (#234571)](#234571)
<!--- Backport version: 10.0.2 -->
### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sorenlouv/backport)
<!--BACKPORT [{"author":{"name":"Jacek
Kolezynski","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-09-17T07:45:06Z","message":"[Security
Solution] Add event-based telemetry for prebuilt rule upgrade API
(#234571)\n\n**Partially resolves: #140369**\n\n## Summary\n\nThis is
another PR from of a series of PRs I am planning to create to\ncover the
requirements in the #140369 ticket.\n\nThe requirement covered in this
ticket is req. #6: \"Events for\nperforming update (EBT backend)\" and
req. #7 \"Missing base versions\".\n\nI am adding sending telemetry
events in handling of rule update request.\nEach rule updated will send
its own event with information about:\n- ruleId\n- ruleName\n- if
missing base version\n- final result of the update\n- updated fields
(with breakdown per conflict type). \n\nI tried to make the changes as
little invasive as possible, and decided\nto create a separate file,
`update_rule_telemetry.ts`, where the logic\nof building the events and
sending them is encapsulated.\n\n### Checklist\n\nCheck the PR satisfies
following conditions. \n\nReviewers should verify this PR satisfies this
list as well.\n\n- [x] [Unit or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [x] [Flaky
Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\nused on any tests changed\n- [x] The PR description includes the
appropriate Release Notes section,\nand the correct `release_note:*`
label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n-
[ ] Review the
[backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand
apply applicable `backport:*`
labels.","sha":"a2b7329e26fe9031d387138cf0f019aa4c53cd93","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Detections
and Resp","Team: SecuritySolution","Team:Detection Rule
Management","Feature:Prebuilt Detection
Rules","backport:version","v9.2.0","v8.18.8","v8.19.5","v9.0.8","v9.1.5"],"title":"[Security
Solution] Add event-based telemetry for prebuilt rule upgrade
API","number":234571,"url":"https://github.com/elastic/kibana/pull/234571","mergeCommit":{"message":"[Security
Solution] Add event-based telemetry for prebuilt rule upgrade API
(#234571)\n\n**Partially resolves: #140369**\n\n## Summary\n\nThis is
another PR from of a series of PRs I am planning to create to\ncover the
requirements in the #140369 ticket.\n\nThe requirement covered in this
ticket is req. #6: \"Events for\nperforming update (EBT backend)\" and
req. #7 \"Missing base versions\".\n\nI am adding sending telemetry
events in handling of rule update request.\nEach rule updated will send
its own event with information about:\n- ruleId\n- ruleName\n- if
missing base version\n- final result of the update\n- updated fields
(with breakdown per conflict type). \n\nI tried to make the changes as
little invasive as possible, and decided\nto create a separate file,
`update_rule_telemetry.ts`, where the logic\nof building the events and
sending them is encapsulated.\n\n### Checklist\n\nCheck the PR satisfies
following conditions. \n\nReviewers should verify this PR satisfies this
list as well.\n\n- [x] [Unit or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [x] [Flaky
Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\nused on any tests changed\n- [x] The PR description includes the
appropriate Release Notes section,\nand the correct `release_note:*`
label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n-
[ ] Review the
[backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand
apply applicable `backport:*`
labels.","sha":"a2b7329e26fe9031d387138cf0f019aa4c53cd93"}},"sourceBranch":"main","suggestedTargetBranches":["8.18","8.19","9.0","9.1"],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/234571","number":234571,"mergeCommit":{"message":"[Security
Solution] Add event-based telemetry for prebuilt rule upgrade API
(#234571)\n\n**Partially resolves: #140369**\n\n## Summary\n\nThis is
another PR from of a series of PRs I am planning to create to\ncover the
requirements in the #140369 ticket.\n\nThe requirement covered in this
ticket is req. #6: \"Events for\nperforming update (EBT backend)\" and
req. #7 \"Missing base versions\".\n\nI am adding sending telemetry
events in handling of rule update request.\nEach rule updated will send
its own event with information about:\n- ruleId\n- ruleName\n- if
missing base version\n- final result of the update\n- updated fields
(with breakdown per conflict type). \n\nI tried to make the changes as
little invasive as possible, and decided\nto create a separate file,
`update_rule_telemetry.ts`, where the logic\nof building the events and
sending them is encapsulated.\n\n### Checklist\n\nCheck the PR satisfies
following conditions. \n\nReviewers should verify this PR satisfies this
list as well.\n\n- [x] [Unit or
functional\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\nwere
updated or added to match the most common scenarios\n- [x] [Flaky
Test\nRunner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1)
was\nused on any tests changed\n- [x] The PR description includes the
appropriate Release Notes section,\nand the correct `release_note:*`
label is applied per
the\n[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)\n-
[ ] Review the
[backport\nguidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)\nand
apply applicable `backport:*`
labels.","sha":"a2b7329e26fe9031d387138cf0f019aa4c53cd93"}},{"branch":"8.18","label":"v8.18.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.8","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}]
BACKPORT-->
Copy file name to clipboardExpand all lines: x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_upgrade/create_upgradeable_rules_payload.ts
+12-2Lines changed: 12 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -24,6 +24,7 @@ import { calculateRuleFieldsDiff } from '../../logic/diff/calculation/calculate_
Copy file name to clipboardExpand all lines: x-pack/solutions/security/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/api/perform_rule_upgrade/perform_rule_upgrade_handler.ts
0 commit comments