[Bug] test_integration_tag incorrectly flags higher-order rules using .alerts-security.* index (#5783)
Fixes #5782
This commit is contained in:
Terrance DeJesus
+1
-1
@@ -1,6 +1,6 @@
|
||||
[project]
|
||||
name = "detection_rules"
|
||||
version = "1.5.49"
|
||||
version = "1.5.50"
|
||||
description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine."
|
||||
readme = "README.md"
|
||||
requires-python = ">=3.12"
|
||||
|
||||
@@ -870,6 +870,8 @@ class TestRuleMetadata(BaseRuleTest):
|
||||
continue
|
||||
if rule.contents.data.type == "threat_match":
|
||||
continue
|
||||
if indices == [".alerts-security.*"]:
|
||||
continue
|
||||
err_msg = f"{self.rule_str(rule)} {rule_integration} tag, index pattern missing or incorrect."
|
||||
failures.append(err_msg)
|
||||
|
||||
@@ -891,6 +893,7 @@ class TestRuleMetadata(BaseRuleTest):
|
||||
not rule.contents.metadata.integration
|
||||
and rule.id not in definitions.IGNORE_IDS
|
||||
and rule.contents.data.type not in definitions.MACHINE_LEARNING
|
||||
and indices != [".alerts-security.*"]
|
||||
):
|
||||
err_msg = (
|
||||
f"substrings {non_dataset_packages} found in "
|
||||
|
||||
Reference in New Issue
Block a user