[Security Solution] Add building block indication to the rule details page (#162233)

**Resolves**: https://github.com/elastic/security-team/issues/6950 **Docs ticket**: https://github.com/elastic/security-docs/issues/3596 ## Summary PR adds a line into the About section to indicate whether a rule is a "building block" rule. It's only shown for building block rules. No UI changes for normal rules. <img width="938" alt="Screenshot 2023-07-19 at 14 02 48" src="9aa3d454-1cc7-4d9b-8d6b-4479f4be3bf2"> ### Checklist - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] Documentation was added for features that require explanation or tutorials. [Docs ticket](https://github.com/elastic/security-docs/issues/3596). - [x] Any UI touched in this PR does not create any new axe failures (run axe in browser: [FF](https://addons.mozilla.org/en-US/firefox/addon/axe-devtools/), [Chrome](https://chrome.google.com/webstore/detail/axe-web-accessibility-tes/lhdoppojpmngadmnindnejefpokejbdd?hl=en-US)) - [x] This renders correctly on smaller devices using a responsive layout. (You can test this [in your browser](https://www.browserstack.com/guide/responsive-testing-on-local-server))
2025-04-24 01:38:56 -04:00 · 2023-07-21 13:59:10 +02:00 · 2023-07-21 13:59:10 +02:00 · ea588d280b
commit ea588d280b
parent 7195ebad44
2 changed files with 19 additions and 0 deletions
--- a/x-pack/plugins/security_solution/public/detections/components/rules/description_step/index.tsx
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/description_step/index.tsx
@ -48,6 +48,7 @@ import {
  buildAlertSuppressionWindowDescription,
  buildAlertSuppressionMissingFieldsDescription,
 } from './helpers';
+import * as i18n from './translations';
 import { buildMlJobsDescription } from './build_ml_jobs_description';
 import { buildActionsDescription } from './actions_description';
 import { buildThrottleDescription } from './throttle_description';
@ -292,6 +293,10 @@ export const getDescriptionItem = (
    if (get('dataViewId', data)) {
      return [];
    }
+  } else if (field === 'isBuildingBlock') {
+    return get('isBuildingBlock', data)
+      ? [{ title: i18n.BUILDING_BLOCK_LABEL, description: i18n.BUILDING_BLOCK_DESCRIPTION }]
+      : [];
  }

  const description: string = get(field, data);
--- a/x-pack/plugins/security_solution/public/detections/components/rules/description_step/translations.ts
+++ b/x-pack/plugins/security_solution/public/detections/components/rules/description_step/translations.ts
@ -161,3 +161,17 @@ export const ALERT_SUPPRESSION_DO_NOT_SUPPRESS_ON_MISSING_FIELDS = i18n.translat
    defaultMessage: 'Do not suppress alerts for events with missing fields',
  }
 );
+
+export const BUILDING_BLOCK_LABEL = i18n.translate(
+  'xpack.securitySolution.detectionEngine.ruleDescription.buildingBlockLabel',
+  {
+    defaultMessage: 'Building block',
+  }
+);
+
+export const BUILDING_BLOCK_DESCRIPTION = i18n.translate(
+  'xpack.securitySolution.detectionEngine.ruleDescription.buildingBlockDescription',
+  {
+    defaultMessage: 'All generated alerts will be marked as "building block" alerts',
+  }
+);