-
Notifications
You must be signed in to change notification settings - Fork 8.2k
Issues: elastic/kibana
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Ability to export a security rule to a TOML file from Kibana GUI
Team:SIEM
#184294
opened May 27, 2024 by
slawomirbabicz
support to change .alerts-ilm-policy
enhancement
New value added to drive a business result
Feature:Alerting
Feature:ILM
Team:SIEM
#172357
opened Dec 1, 2023 by
jguay
[DE][Exceptions] - Capture some UX improvements to exceptions link rules flyout
enhancement
New value added to drive a business result
Feature:Rule Exceptions
Security Solution Rule Exceptions feature
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team:SIEM
#165394
opened Aug 31, 2023 by
yctercero
[IBM] - Sorting on Fields in Kibana/Alerts Page
Team:SIEM
#147873
opened Dec 20, 2022 by
ScottElastic
[Security Solution] Add support for more complex field overrides
enhancement
New value added to drive a business result
Feature:Rule Creation
Security Solution Detection Rule Creation
needs product
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#131663
opened May 5, 2022 by
spong
Add ignore_malformed to .siem-signals index mappings
Team:SIEM
triage_needed
#130859
opened Apr 24, 2022 by
mbudge
Add @custom component template to .siem-signals system index template
Team:SIEM
triage_needed
#130856
opened Apr 24, 2022 by
mbudge
Improved UI within SIEM/Security for Administrators
enhancement
New value added to drive a business result
Team:SIEM
#126898
opened Mar 4, 2022 by
jalaine329
Duplicate Windows hosts in Security - Hosts when using Elastic Agent
bug
Fixes for quality problems that affect the customer experience
Feature:Hosts
Security Solution Hosts feature
Team:SIEM
#119115
opened Nov 18, 2021 by
rseldner
SIEM filter is not changed when selecting Fixes for quality problems that affect the customer experience
Team:Defend Workflows
“EDR Workflows” sub-team of Security Solution
Team:SIEM
View host details
through Manage -> Endpoints
bug
#119039
opened Nov 18, 2021 by
philippkahr
Failing test: X-Pack Timeline plugin API Integration Tests.x-pack/test/timeline/security_and_spaces/tests/trial/events·ts - timeline security and spaces enabled: trial Timeline - Events logging logs success events when reading alerts
blocker
failed-test
A test failure on a tracked branch, potentially flaky-test
skipped-test
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
Team:Threat Hunting:Investigations
Security Solution Investigations Team
Team:Threat Hunting
Security Solution Threat Hunting Team
v7.16.1
v8.0.0
v8.1.0
#117462
opened Nov 4, 2021 by
kibanamachine
Threshold siem detection add relevant data to slack alert
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
triage_needed
#107830
opened Aug 6, 2021 by
LANopop
[timelines] Reduce page load bundle to under 100kB
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
Team:Threat Hunting
Security Solution Threat Hunting Team
#106802
opened Jul 26, 2021 by
tylersmalley
Additional event "message" properties
enhancement
New value added to drive a business result
Feature:Detection Alerts
Security Solution Detection Alerts Feature
Feature:Detection Rules
Anything related to Security Solution's Detection Rules
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#103358
opened Jun 24, 2021 by
EvanGertis
[Security Solution][Alerts] Use dynamic mappings to create smaller templates & mappings
discuss
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
Theme: rac
label obsolete
#100884
opened May 28, 2021 by
tsg
Scripted Fields are not supported by SIEM Detections Rules
enhancement
New value added to drive a business result
Feature:Detection Alerts
Security Solution Detection Alerts Feature
impact:medium
Addressing this issue will have a medium level of impact on the quality/strength of our product.
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#97778
opened Apr 21, 2021 by
gaby
[SIEM][Detection Engine][Alerts] Allow Security Detection to generate multiple cases with ServiceNow integration
Feature:Detection Alerts
Security Solution Detection Alerts Feature
NeededFor:SIEM
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#97662
opened Apr 20, 2021 by
hungnguyen-elastic
Migrate Security Solutions to new Alerting APIs
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
v8.0.0
#95842
opened Mar 30, 2021 by
ymao1
Feature: Processing of threshold detection events
enhancement
New value added to drive a business result
Feature:Threshold Rule
Security Solution Threshold Rule feature
Team:Detection Engine
Security Solution Detection Engine Area
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
triage_needed
#88632
opened Jan 18, 2021 by
ansell
Allow operators to set tags in custom fields and manually trigger SIEM detection's
Team:Detections and Resp
Security Detection Response Team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#85183
opened Dec 7, 2020 by
mbudge
SIEM Detection rule exceptions should support 'is between' and 'is not between' operators
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#83531
opened Nov 17, 2020 by
buzzdeee
Auto expand replicas for indices created by Security/SIEM and Ingest Manager
bug
Fixes for quality problems that affect the customer experience
sdh-linked
Team:Fleet
Team label for Observability Data Collection Fleet team
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#82606
opened Nov 4, 2020 by
gbanasiak
Import and export Timelines using saved-object management
Feature:Timeline
Security Solution Timeline feature
Project:RemoveLegacyMultitenancy
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#82526
opened Nov 3, 2020 by
kobelb
Import Saved Search in Detections Rule
enhancement
New value added to drive a business result
Feature:Detection Rules
Anything related to Security Solution's Detection Rules
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
#81566
opened Oct 23, 2020 by
jaredstewart101
Previous Next
ProTip!
Find all open issues with in progress development work with linked:pr.