[Security Solutions][Detection Engine] Changes wording for threat mat…

…ches and rules (#81334) ## Summary Changes the wording for threat matches and rules cc @marrasherrier @MikePaquette @paulewing Before: <img width="1063" alt="Screen Shot 2020-10-21 at 8 52 44 AM" src="https://user-images.githubusercontent.com/1151048/96737354-ce1ee080-137a-11eb-973f-6a7d96f69117.png"> After: <img width="1055" alt="Screen Shot 2020-10-26 at 10 10 17 PM" src="https://user-images.githubusercontent.com/1151048/97256235-1fdec500-17d8-11eb-8a8b-4adffd23dbdc.png"> ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https:/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
elastic · Oct 27, 2020 · 1066602 · 1066602
1 parent 59af44b
commit 1066602
Show file tree

Hide file tree

Showing 6 changed files with 10 additions and 9 deletions.
diff --git a/x-pack/plugins/security_solution/public/common/components/threat_match/translations.ts b/x-pack/plugins/security_solution/public/common/components/threat_match/translations.ts
@@ -13,7 +13,7 @@ export const FIELD = i18n.translate('xpack.securitySolution.threatMatch.fieldDes
 export const THREAT_FIELD = i18n.translate(
  'xpack.securitySolution.threatMatch.threatFieldDescription',
  {
- defaultMessage: 'Threat index field',
+ defaultMessage: 'Indicator index field',
  }
 );
 

diff --git a/...ns/security_solution/public/detections/components/rules/description_step/helpers.test.tsx b/...ns/security_solution/public/detections/components/rules/description_step/helpers.test.tsx
@@ -437,7 +437,7 @@ describe('helpers', () => {
  it('returns a humanized description for a threat_match type', () => {
  const [result]: ListItems[] = buildRuleTypeDescription('Test label', 'threat_match');
 
- expect(result.description).toEqual('Threat Match');
+ expect(result.description).toEqual('Indicator Match');
  });
  });
 });
diff --git a/...ns/security_solution/public/detections/components/rules/description_step/translations.tsx b/...ns/security_solution/public/detections/components/rules/description_step/translations.tsx
@@ -65,7 +65,7 @@ export const THRESHOLD_TYPE_DESCRIPTION = i18n.translate(
 export const THREAT_MATCH_TYPE_DESCRIPTION = i18n.translate(
  'xpack.securitySolution.detectionEngine.createRule.threatMatchRuleTypeDescription',
  {
- defaultMessage: 'Threat Match',
+ defaultMessage: 'Indicator Match',
  }
 );
 

diff --git a/...ins/security_solution/public/detections/components/rules/select_rule_type/translations.ts b/...ins/security_solution/public/detections/components/rules/select_rule_type/translations.ts
@@ -66,13 +66,14 @@ export const THRESHOLD_TYPE_DESCRIPTION = i18n.translate(
 export const THREAT_MATCH_TYPE_TITLE = i18n.translate(
  'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.threatMatchTitle',
  {
- defaultMessage: 'Threat Match',
+ defaultMessage: 'Indicator Match',
  }
 );
 
 export const THREAT_MATCH_TYPE_DESCRIPTION = i18n.translate(
  'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.ruleTypeField.threatMatchDescription',
  {
- defaultMessage: 'Upload value lists to write rules around a list of known bad attributes',
+ defaultMessage:
+ 'Use indicators from intelligence sources to detect matching events and alerts.',
  }
 );
diff --git a/.../plugins/security_solution/public/detections/components/rules/step_define_rule/schema.tsx b/.../plugins/security_solution/public/detections/components/rules/step_define_rule/schema.tsx
@@ -235,7 +235,7 @@ export const schema: FormSchema<DefineStepRule> = {
  label: i18n.translate(
  'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThreatIndexPatternsLabel',
  {
- defaultMessage: 'Threat index patterns',
+ defaultMessage: 'Indicator Index Patterns',
  }
  ),
  helpText: <EuiText size="xs">{THREAT_MATCH_INDEX_HELPER_TEXT}</EuiText>,
@@ -265,7 +265,7 @@ export const schema: FormSchema<DefineStepRule> = {
  label: i18n.translate(
  'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThreatMappingLabel',
  {
- defaultMessage: 'Threat Mapping',
+ defaultMessage: 'Indicator Mapping',
  }
  ),
  validations: [
@@ -301,7 +301,7 @@ export const schema: FormSchema<DefineStepRule> = {
  label: i18n.translate(
  'xpack.securitySolution.detectionEngine.createRule.stepDefineRule.fieldThreatQueryBarLabel',
  {
- defaultMessage: 'Threat index query',
+ defaultMessage: 'Indicator Index Query',
  }
  ),
  validations: [

diff --git a/...solution/server/lib/detection_engine/scripts/rules/queries/query_with_threat_mapping.json b/...solution/server/lib/detection_engine/scripts/rules/queries/query_with_threat_mapping.json
@@ -1,5 +1,5 @@
 {
- "name": "Query with a threat mapping",
+ "name": "Query with a indicator mapping",
  "description": "Query with a threat mapping",
  "rule_id": "threat-mapping",
  "risk_score": 1,