From 2ff2965cb96be49e316a2e928c74afd16e1b3554 Mon Sep 17 00:00:00 2001
From: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>
Date: Fri, 13 Dec 2024 19:03:47 +0530
Subject: [PATCH] Enhance Readability of validation check failures (#4299)

---
 detection_rules/rule_validators.py | 5 ++++-
 pyproject.toml                     | 2 +-
 tests/test_python_library.py       | 2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/detection_rules/rule_validators.py b/detection_rules/rule_validators.py
index bb4de0613..3ce6e4f35 100644
--- a/detection_rules/rule_validators.py
+++ b/detection_rules/rule_validators.py
@@ -17,6 +17,7 @@ from marshmallow import ValidationError
 from semver import Version
 
 import kql
+import click
 
 from . import ecs, endgame
 from .config import CUSTOM_RULES_DIR, load_current_package_version, parse_rules_config
@@ -371,7 +372,9 @@ class EQLValidator(QueryValidator):
                         # auto add the field and re-validate
                         self.auto_add_field(validation_checks["stack"], data.index_or_dataview[0])
                     else:
-                        raise ValueError(f"Error in both stack and integrations checks: {validation_checks}")
+                        click.echo(f"Stack Error Trace: {validation_checks["stack"]}")
+                        click.echo(f"Integrations Error Trace: {validation_checks["integrations"]}")
+                        raise ValueError("Error in both stack and integrations checks")
 
                 else:
                     break
diff --git a/pyproject.toml b/pyproject.toml
index a31d59a3d..8ef7db211 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "detection_rules"
-version = "0.3.5"
+version = "0.3.6"
 description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine."
 readme = "README.md"
 requires-python = ">=3.12"
diff --git a/tests/test_python_library.py b/tests/test_python_library.py
index c82f43492..3d0ab8b09 100644
--- a/tests/test_python_library.py
+++ b/tests/test_python_library.py
@@ -55,7 +55,7 @@ class TestEQLInSet(BaseRuleTest):
                 """,
             },
         }
-        expected_error_message = r"Error in both stack and integrations checks:.*Unable to compare ip to string.*"
+        expected_error_message = r"Error in both stack and integrations checks"
         with self.assertRaisesRegex(ValueError, expected_error_message):
             rc.load_dict(eql_rule)
         # Change to appropriate destination.address field