Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[SIEM] [Detection Engine] Fixes bug when notification doesn't fire on signal indexing #63013

Merged
merged 2 commits into from
Apr 8, 2020

Conversation

dhurley14
Copy link
Contributor

Summary

Set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable.

Checklist

Delete any items that are not applicable to this PR.

For maintainers

… we do not respond until the newly indexed signals are searchable
@dhurley14 dhurley14 self-assigned this Apr 8, 2020
@dhurley14 dhurley14 added bug Fixes for quality problems that affect the customer experience v7.7.0 v7.8.0 v8.0.0 release_note:skip Skip the PR/issue when compiling release notes labels Apr 8, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@dhurley14 dhurley14 marked this pull request as ready for review April 8, 2020 19:45
@dhurley14 dhurley14 requested a review from a team as a code owner April 8, 2020 19:45
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

Copy link
Contributor

@FrankHassanabad FrankHassanabad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checked it out, tested it, put logging statements to verify it as well as created both notification and immediate action and regular rules.

Everything looks to be working as expected

@dhurley14 dhurley14 merged commit 274cb80 into elastic:master Apr 8, 2020
@dhurley14 dhurley14 deleted the signals-refresh-wait-for branch April 8, 2020 23:58
dhurley14 added a commit to dhurley14/kibana that referenced this pull request Apr 9, 2020
…ic#63013)

Set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable.

* set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable

* fix types in tests
dhurley14 added a commit to dhurley14/kibana that referenced this pull request Apr 9, 2020
…ic#63013)

Set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable.

* set refresh on bulk create to 'wait_for' when actions are present, so we do not respond until the newly indexed signals are searchable

* fix types in tests
jloleysens added a commit to jloleysens/kibana that referenced this pull request Apr 9, 2020
…chore/put-all-xjson-together

* 'master' of github.com:elastic/kibana: (35 commits)
  [SIEM] [Detection Engine] Fixes bug when notification doesn't… (elastic#63013)
  [SIEM][Detection Engine] Fix rule notification critical bugs
  Add Error Exception Type Column (elastic#59596)
  [APM] Agent remote configuration: changes in Java property descriptions (elastic#62282)
  [Alerting] Displays warning when a permanent encryption key is missing and hides alerting UI appropriately (elastic#62772)
  FTR: add chromium-based Edge browser support (elastic#61684)
  [Ingest] Data source configuration validation UI (elastic#61180)
  restore empty_kibana after saved objects test (elastic#62951)
  Index pattern management plugin - src/legacy/core_plugins/management => new platform plugin (elastic#62594)
  Add basic StatusService (elastic#60335)
  [kbn/optimizer] link to kibanaReact/kibanaUtils plugins (elastic#62720)
  [APM] Service map - fixes layout issues for maps with no rum services (elastic#62887)
  Exclude disabled datasources and streams from agent config (elastic#62869)
  [Alerting] Fix validation support for nested IErrorObjects (elastic#62833)
  [Metrics UI] Invalidate non-count alerts which have no metrics (elastic#62837)
  Add --filter option to API docs script (elastic#62888)
  [Maps] fix attribution overflow with exit full screen button (elastic#62699)
  [Uptime]Alerting UI text in case filter is selected (elastic#62570)
  [Maps] Show create filter button for top-term tooltip property (elastic#62461)
  skip flaky suite (elastic#59030)
  ...

# Conflicts:
#	src/plugins/es_ui_shared/public/index.ts
gmmorris added a commit to gmmorris/kibana that referenced this pull request Apr 9, 2020
* master: (40 commits)
  [ML] Functional transform tests - stabilize source selection (elastic#63087)
  add embed flag to saved object url as well (elastic#62926)
  [SIEM] [Detection Engine] Fixes bug when notification doesn't… (elastic#63013)
  [SIEM][Detection Engine] Fix rule notification critical bugs
  Add Error Exception Type Column (elastic#59596)
  [APM] Agent remote configuration: changes in Java property descriptions (elastic#62282)
  [Alerting] Displays warning when a permanent encryption key is missing and hides alerting UI appropriately (elastic#62772)
  FTR: add chromium-based Edge browser support (elastic#61684)
  [Ingest] Data source configuration validation UI (elastic#61180)
  restore empty_kibana after saved objects test (elastic#62951)
  Index pattern management plugin - src/legacy/core_plugins/management => new platform plugin (elastic#62594)
  Add basic StatusService (elastic#60335)
  [kbn/optimizer] link to kibanaReact/kibanaUtils plugins (elastic#62720)
  [APM] Service map - fixes layout issues for maps with no rum services (elastic#62887)
  Exclude disabled datasources and streams from agent config (elastic#62869)
  [Alerting] Fix validation support for nested IErrorObjects (elastic#62833)
  [Metrics UI] Invalidate non-count alerts which have no metrics (elastic#62837)
  Add --filter option to API docs script (elastic#62888)
  [Maps] fix attribution overflow with exit full screen button (elastic#62699)
  [Uptime]Alerting UI text in case filter is selected (elastic#62570)
  ...
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Fixes for quality problems that affect the customer experience release_note:skip Skip the PR/issue when compiling release notes review Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.7.0 v7.8.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants