[Security Solution] [GenAI] [Detections] Ask security assistant to help diagnose rule execution errors #166778
Conversation
dhurley14
added
review
release_note:feature
dhurley14
force-pushed
the
enhance-rule-error-assistant
branch
from
f28fa80
to
ec49162
Compare
| <EuiButton color={color} size="s"> | ||
| <NewChat | ||
| category="detection-rules" | ||
| color={color} | ||
| conversationId={i18nAssistant.DETECTION_RULES_CONVERSATION_ID} | ||
| description={i18n.ASK_ASSISTANT_DESCRIPTION} | ||
| getPromptContext={getPromptContext} | ||
| suggestedUserPrompt={i18n.ASK_ASSISTANT_USER_PROMPT} | ||
| tooltip={i18n.ASK_ASSISTANT_TOOLTIP} | ||
| > | ||
| {i18n.ASK_ASSISTANT_ERROR_BUTTON} | ||
| </NewChat> | ||
| </EuiButton> |
There was a problem hiding this comment.
There's a bug here where the button will still show for users that don't have the assistant enabled. Adding useAssistantAvailability and wrapping with a check for hasAssistantPrivilege. Would be nice for us to do this within the NewChat component so it doesn't always need to be wrapped, but will need to think how we can go about this since the privileges live on the Security Solution side:
There was a problem hiding this comment.
Checked out, tested locally, and LGTM! Thanks so much for putting this together @dhurley14! And a belated congrats on the 👶 😉!!
I did find two bugs in testing:
One around RBAC where the button would show if the assistant wasn't enabled for the user. I pushed a fix for this -- we have a hook for determining assistant availability, so I just wrapped the button in this check and all is good! 👍
The second bug I saw was when engaging with the assistant and the conversation has no connector selected. In this instance the prompt message is not set since the text area is disabled. This is pre-existing issue, and is present with all the other NewChat implementations, so just something we'll need to fix on the assistant side.
Anyway, with that, I think we're all good to merge this. Thanks again and hope you had fun integrating with the assistant! 😀
| /** Optionally specify color of empty button */ | ||
| color?: 'text' | 'accent' | 'primary' | 'success' | 'warning' | 'danger'; |
There was a problem hiding this comment.
Awesome -- thanks for expanding the functionality here! 🙂
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]Async chunks
History
To update your PR or re-run it, just comment with: cc @dhurley14 |
Summary
Thanks @spong for the speedy assistance with getting this code-complete!
Utilizing the Security Assistant to provide some suggested mediation steps for rule errors could help customers to better self-diagnose rule errors. Thus, enhancing their experience with the Security Solution and potentially reducing new support tickets.
Error on rule details page:
Response from security assistant:
Available for warnings too:
Includes the rule name and data sources for pre-built rules for additional information to generate a slightly more helpful response: