Skip to content

[Defend Workflows] [Trusted Devices multiple Conditions] "At least one condition must be specified" error appears immediately upon opening the "Add trusted device" flyout. #271620

Open
Open
[Defend Workflows] [Trusted Devices multiple Conditions] "At least one condition must be specified" error appears immediately upon opening the "Add trusted device" flyout.#271620
Assignees
parkiino
Labels
Team: SecuritySolutionSecurity Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.Team:Defend Workflows“EDR Workflows” sub-team of Security SolutionbugFixes for quality problems that affect the customer experienceimpact:mediumAddressing this issue will have a medium level of impact on the quality/strength of our product.v9.5.0
@sukhwindersingh-qasource

Description

@sukhwindersingh-qasource
sukhwindersingh-qasource
opened on May 28, 2026

Description:

  • When a user clicks "Add trusted device", the flyout opens with a default empty condition row (Device ID > is > [Empty]). However, a validation error reading "At least one condition must be specified" is displayed immediately below the condition builder before the user has interacted with the form or attempted to save.

Login Credentials:

Testing Details:

Build Details:

VERSION: 9.5.0
BUILD: 103869
COMMIT: cdb82b477d01c50e8c16b3a876d56476176c54b5

Precondition :

Steps to Reproduce:

  1. Navigate to Security > Manage > Artifacts.
  2. Select the Trusted devices tab.
  3. Click the Add trusted device button.
  4. Scroll down to the Conditions section in the right-hand flyout.
  5. Observe the validation state below the condition builder.

Actual Result:

  • The red error message "At least one condition must be specified" is present by default upon opening the flyout.

Expected Result:

  • The form should load in a clean state. Validation errors should only appear after the user interacts with the fields and leaves them invalid (on blur), or when the user attempts to submit the form (on submit).

Screen Capture:

Image
20260528-0732-06.7665055.mp4

Additional Notes (from video recording):

  • If the user enters text into the "Value" field, the initial error disappears.
  • If the user subsequently clears that text, a new, more accurate error message appears: "Condition value cannot be empty".
  • This suggests the initial state validation is improperly evaluating the default empty row as having zero conditions, rather than treating it as an incomplete condition that hasn't been touched yet.

Regression

  • No ❌

Logs:

  • N/A

Metadata

Metadata

Assignees

Labels

Team: SecuritySolutionSecurity Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.Team:Defend Workflows“EDR Workflows” sub-team of Security SolutionbugFixes for quality problems that affect the customer experienceimpact:mediumAddressing this issue will have a medium level of impact on the quality/strength of our product.v9.5.0

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions