-
Notifications
You must be signed in to change notification settings - Fork 8.1k
Issues: elastic/kibana
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
[Security Solution][Detection Engine] removes field_caps call for all fields in index during rule execution
8.16 candidate
backport:prev-minor
Backport to the previous minor version (i.e. one version back from main)
release_note:skip
Skip the PR/issue when compiling release notes
Team:Detection Engine
Security Solution Detection Engine Area
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
[Security Solution][Detection Engine] adds ftr tests that cover synthetic source behaviour different to stored source
8.16 candidate
backport:prev-minor
Backport to the previous minor version (i.e. one version back from main)
release_note:skip
Skip the PR/issue when compiling release notes
Team:Detection Engine
Security Solution Detection Engine Area
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
#193752
opened Sep 23, 2024 by
vitaliidm
Loading…
[Security Solution] [Detections] Tracking skipped flakey cypress tests
discuss
Team:Detection Engine
Security Solution Detection Engine Area
test-coverage
issues & PRs for improving code test coverage
#193331
opened Sep 18, 2024 by
dhurley14
Failing test: Detection Engine - Rule Execution Logic Integration Tests - ESS Env - Trial License.x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/custom_query·ts - Rule execution logic API Detection Engine - Execution logic @ess @serverless @serverlessQA Query type rules @skipInServerlessMKI manual rule run alerts has intended_timestamp set to the time of the manual run
failed-test
A test failure on a tracked branch, potentially flaky-test
Team:Detection Engine
Security Solution Detection Engine Area
#192935
opened Sep 13, 2024 by
kibanamachine
[Security Solution][Detection Engine] Optimize large value list evaluation
Feature:Detection Rules
Anything related to Security Solution's Detection Rules
performance
Team:Detection Engine
Security Solution Detection Engine Area
#192766
opened Sep 12, 2024 by
marshallmain
[Security Solution][Detection Engine] Profile individual rule types and reduce Kibana CPU/memory usage
Feature:Detection Rules
Anything related to Security Solution's Detection Rules
performance
Team:Detection Engine
Security Solution Detection Engine Area
#192755
opened Sep 12, 2024 by
marshallmain
8 tasks
[Security Solution][Detection Engine] Investigate ways to bound memory usage of rule queries
Feature:Detection Rules
Anything related to Security Solution's Detection Rules
performance
Team:Detection Engine
Security Solution Detection Engine Area
#192732
opened Sep 12, 2024 by
marshallmain
[Security Solution][Detection Engine] Further optimize alert creation logic
Feature:Detection Rules
Anything related to Security Solution's Detection Rules
performance
Team:Detection Engine
Security Solution Detection Engine Area
#192702
opened Sep 12, 2024 by
marshallmain
[Security Solution][Detection Engine] Reduce number of queries used to build value list exception clauses
performance
Team:Detection Engine
Security Solution Detection Engine Area
#192695
opened Sep 12, 2024 by
marshallmain
[Security Solution][Detection Engine] Avoid creating list items for empty lines in import list API
release_note:skip
Skip the PR/issue when compiling release notes
Team:Detection Engine
Security Solution Detection Engine Area
v8.16.0
#192681
opened Sep 12, 2024 by
marshallmain
Loading…
[Defend Workflows] Rule Preview Graph Lens Not working for the Custom SentinelOne Rule
8.16 candidate
bug
Fixes for quality problems that affect the customer experience
impact:high
Addressing this issue will have a high level of impact on the quality/strength of our product.
Team:Detection Engine
Security Solution Detection Engine Area
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
triage_needed
#192667
opened Sep 12, 2024 by
sukhwindersingh-qasource
Failing test: Detection Engine - Rule Execution Logic Integration Tests - Serverless Env - Complete Tier.x-pack/test/security_solution_api_integration/test_suites/detections_response/detection_engine/rule_execution_logic/trial_license_complete_tier/execution_logic/custom_query·ts - Rule execution logic API Detection Engine - Execution logic @ess @serverless @serverlessQA Query type rules @skipInServerlessMKI manual rule run alerts has intended_timestamp set to the time of the manual run
failed-test
A test failure on a tracked branch, potentially flaky-test
Team:Detection Engine
Security Solution Detection Engine Area
#192625
opened Sep 11, 2024 by
kibanamachine
[Serverless][Kibana QA QG] Work as part of the Serverless project for its initial release
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
exception_operators_date_numeric_types:essentials:qa:serverless:release
tests optimization
8.16 candidate
Project:Serverless
#192109
opened Sep 4, 2024 by
MadameSheema
Issue with tags being assigned to alerts
bug
Fixes for quality problems that affect the customer experience
impact:high
Addressing this issue will have a high level of impact on the quality/strength of our product.
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
triage_needed
#192084
opened Sep 4, 2024 by
mpakoupete
[Security Solution] Error occurred during rule execution message: "Search has been aborted due to cancelled execution" on rule preview
bug
Fixes for quality problems that affect the customer experience
impact:medium
Addressing this issue will have a medium level of impact on the quality/strength of our product.
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
triage_needed
#191947
opened Sep 3, 2024 by
muskangulati-qasource
[Move This commit does not require backporting
release_note:skip
Skip the PR/issue when compiling release notes
Team:Detection Engine
Security Solution Detection Engine Area
Team:Obs AI Assistant
Team:obs-ux-management
Observability Management User Experience Team
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
technical debt
Improvement of the software architecture and operational architecture
@kbn/config-schema
to server] alerting
backport:skip
#191851
opened Aug 30, 2024 by
afharo
Loading…
1 task done
[Security Solution] Add validation error description on prebuilt rule editing
8.17 candidate
Feature:Rule Edit
needs design
needs product
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detection Rule Management
Security Detection Rule Management Team
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
#191832
opened Aug 30, 2024 by
e40pud
[Security Solution] [Detection Engine] An user without Cases privilegies can still see System Action option under Rule Actions section and is thrown an error if tries to save a rule using it
bug
Fixes for quality problems that affect the customer experience
Feature:Rule Actions
Security Solution Rule Actions feature
impact:medium
Addressing this issue will have a medium level of impact on the quality/strength of our product.
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
#191681
opened Aug 28, 2024 by
pborgonovi
[Security Solution] [Detection Engine] System Action is duplicated when using bulk actions to add rule actions
8.16 candidate
bug
Fixes for quality problems that affect the customer experience
Feature:Rule Actions
Security Solution Rule Actions feature
impact:medium
Addressing this issue will have a medium level of impact on the quality/strength of our product.
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
#191512
opened Aug 27, 2024 by
pborgonovi
[Security Solution] [Exceptions] Fixes for quality problems that affect the customer experience
Team:Detection Engine
Security Solution Detection Engine Area
v8.16.0
PUT
api allows empty item_id
but fails validation when fetching the associated list
bug
#191315
opened Aug 26, 2024 by
dhurley14
[Alerts] Show All Alerts feature in Rule
Team:Detection Engine
Security Solution Detection Engine Area
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
triage_needed
#191124
opened Aug 22, 2024 by
nicpenning
[Detection Engine] add validation for new terms history window
bug
Fixes for quality problems that affect the customer experience
release_note:skip
Skip the PR/issue when compiling release notes
Team:Detection Engine
Security Solution Detection Engine Area
v8.16.0
#191038
opened Aug 22, 2024 by
yctercero
Loading…
1 of 6 tasks
[Detection Engine] update data view select to include name and title
release_note:enhancement
Team:Detection Engine
Security Solution Detection Engine Area
v8.16.0
[Detection Engine] Fix rule edit success toast
release_note:skip
Skip the PR/issue when compiling release notes
Team:Detection Engine
Security Solution Detection Engine Area
v8.15.1
v8.16.0
#190928
opened Aug 20, 2024 by
yctercero
Loading…
[Security Solution] Rule run is failing for a CCS EQL with event absence due to the kibana.alert.ancestors.index value multiplication in the alerts
bug
Fixes for quality problems that affect the customer experience
impact:medium
Addressing this issue will have a medium level of impact on the quality/strength of our product.
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
triage_needed
#190201
opened Aug 8, 2024 by
pborgonovi
Previous Next
ProTip!
Add no:assignee to see everything that’s not assigned.