[Security Solution] [Platform] Fixes the alert context menu option to add rule exception (#138291)

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>

x-pack/plugins/security_solution/common/ecs/index.ts

@@ -74,5 +74,7 @@ export interface Ecs {
   Target?: Target;
   dll?: DllEcs;
   'kibana.alert.workflow_status'?: 'open' | 'acknowledged' | 'in-progress' | 'closed';
-  'kibana.alert.rule.parameters'?: { index: string[] };
+  // I believe these parameters are all snake cased to correspond with how they are sent "over the wire" as request / response
+  // Not representative of the parsed types that are camel cased.
+  'kibana.alert.rule.parameters'?: { index: string[]; data_view_id?: string };
 }

x-pack/plugins/security_solution/common/ecs/rule/index.ts

@@ -20,6 +20,7 @@ export interface RuleEcs {
   from?: string[];
   immutable?: boolean[];
   index?: string[];
+  data_view_id?: string;
   interval?: string[];
   language?: string[];
   query?: string[];

x-pack/plugins/security_solution/public/detections/components/alerts_table/timeline_actions/alert_context_menu.tsx

@@ -344,6 +344,15 @@ export const AddExceptionFlyoutWrapper: React.FC<AddExceptionFlyoutWrapperProps>
     return ruleIndices;
   }, [enrichedAlert, ruleIndices]);
 
+  const memoDataViewId = useMemo(() => {
+    if (
+      enrichedAlert != null &&
+      enrichedAlert['kibana.alert.rule.parameters']?.data_view_id != null
+    ) {
+      return enrichedAlert['kibana.alert.rule.parameters'].data_view_id;
+    }
+  }, [enrichedAlert]);
+
   const isLoading = isLoadingAlertData && isSignalIndexLoading;
 
   return (
@@ -351,6 +360,7 @@ export const AddExceptionFlyoutWrapper: React.FC<AddExceptionFlyoutWrapperProps>
       ruleName={ruleName}
       ruleId={ruleId}
       ruleIndices={useRuleIndices}
+      dataViewId={memoDataViewId}
       exceptionListType={exceptionListType}
       alertData={enrichedAlert}
       isAlertDataLoading={isLoading}