-
Notifications
You must be signed in to change notification settings - Fork 8.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SIEM] [Detection Engine] Fixes bug when notification doesn't fire on signal indexing #63013
Conversation
… we do not respond until the newly indexed signals are searchable
Pinging @elastic/siem (Team:SIEM) |
💚 Build SucceededTo update your PR or re-run it, just comment with: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Checked it out, tested it, put logging statements to verify it as well as created both notification and immediate action and regular rules.
Everything looks to be working as expected
…ic#63013) Set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable. * set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable * fix types in tests
…ic#63013) Set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable. * set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable * fix types in tests
…chore/put-all-xjson-together * 'master' of github.com:elastic/kibana: (35 commits) [SIEM] [Detection Engine] Fixes bug when notification doesn't… (elastic#63013) [SIEM][Detection Engine] Fix rule notification critical bugs Add Error Exception Type Column (elastic#59596) [APM] Agent remote configuration: changes in Java property descriptions (elastic#62282) [Alerting] Displays warning when a permanent encryption key is missing and hides alerting UI appropriately (elastic#62772) FTR: add chromium-based Edge browser support (elastic#61684) [Ingest] Data source configuration validation UI (elastic#61180) restore empty_kibana after saved objects test (elastic#62951) Index pattern management plugin - src/legacy/core_plugins/management => new platform plugin (elastic#62594) Add basic StatusService (elastic#60335) [kbn/optimizer] link to kibanaReact/kibanaUtils plugins (elastic#62720) [APM] Service map - fixes layout issues for maps with no rum services (elastic#62887) Exclude disabled datasources and streams from agent config (elastic#62869) [Alerting] Fix validation support for nested IErrorObjects (elastic#62833) [Metrics UI] Invalidate non-count alerts which have no metrics (elastic#62837) Add --filter option to API docs script (elastic#62888) [Maps] fix attribution overflow with exit full screen button (elastic#62699) [Uptime]Alerting UI text in case filter is selected (elastic#62570) [Maps] Show create filter button for top-term tooltip property (elastic#62461) skip flaky suite (elastic#59030) ... # Conflicts: # src/plugins/es_ui_shared/public/index.ts
* master: (40 commits) [ML] Functional transform tests - stabilize source selection (elastic#63087) add embed flag to saved object url as well (elastic#62926) [SIEM] [Detection Engine] Fixes bug when notification doesn't… (elastic#63013) [SIEM][Detection Engine] Fix rule notification critical bugs Add Error Exception Type Column (elastic#59596) [APM] Agent remote configuration: changes in Java property descriptions (elastic#62282) [Alerting] Displays warning when a permanent encryption key is missing and hides alerting UI appropriately (elastic#62772) FTR: add chromium-based Edge browser support (elastic#61684) [Ingest] Data source configuration validation UI (elastic#61180) restore empty_kibana after saved objects test (elastic#62951) Index pattern management plugin - src/legacy/core_plugins/management => new platform plugin (elastic#62594) Add basic StatusService (elastic#60335) [kbn/optimizer] link to kibanaReact/kibanaUtils plugins (elastic#62720) [APM] Service map - fixes layout issues for maps with no rum services (elastic#62887) Exclude disabled datasources and streams from agent config (elastic#62869) [Alerting] Fix validation support for nested IErrorObjects (elastic#62833) [Metrics UI] Invalidate non-count alerts which have no metrics (elastic#62837) Add --filter option to API docs script (elastic#62888) [Maps] fix attribution overflow with exit full screen button (elastic#62699) [Uptime]Alerting UI text in case filter is selected (elastic#62570) ...
Pinging @elastic/security-solution (Team: SecuritySolution) |
Summary
Set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable.
Checklist
Delete any items that are not applicable to this PR.
For maintainers