in detection_rules/docs.py [0:0]
def metadata_str(self) -> str:
"""Generate the metadata section for the rule detail page."""
date_math_doc = "https://www.elastic.co/guide/en/elasticsearch/reference/current/common-options.html#date-math"
loopback_doc = "https://www.elastic.co/guide/en/security/current/rules-ui-create.html#rule-schedule"
fields = {
'type': 'Rule type',
'index': 'Rule indices',
'severity': 'Severity',
'risk_score': 'Risk score',
'interval': 'Runs every',
'from': 'Searches indices from',
'max_signals': 'Maximum alerts per execution',
'references': 'References',
'tags': 'Tags',
'version': 'Version',
'author': 'Rule authors',
'license': 'Rule license'
}
values = []
for field, friendly_name in fields.items():
value = self.rule.get(field) or self.changelog.get(field)
if isinstance(value, list):
str_value = MDX.bulleted_list(value)
else:
str_value = str(value)
if field == 'from':
str_value += f' ([Date Math format]({date_math_doc}), [Additional look-back time]({loopback_doc}))'
values.append(MDX.bold_kv(friendly_name, str_value))
return '\n\n'.join(values)