[Security Solution] [Detections] adds log info level for logging in cloud #89941
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dhurley14
added
release_note:skip
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
spong
reviewed
Feb 1, 2021
| @@ -70,6 +70,7 @@ export const searchAfterAndBulkCreate = async ({ | |||
| interval, | |||
| buildRuleMessage, | |||
| }); | |||
| const tuplesToBeLogged = [...totalToFromTuples]; | |||
| logger.debug(buildRuleMessage(`totalToFromTuples: ${totalToFromTuples.length}`)); | |||
There was a problem hiding this comment.
Should we remove the debug logline since it's now covered by the info?
There was a problem hiding this comment.
If the execution of the big loop throws an error then the new info line won't get hit so I don't think removing the debug statement would be beneficial in that case.
spong
approved these changes
Feb 1, 2021
There was a problem hiding this comment.
Checked out, tested locally and verified new info logger upon rule execution for both successful and failed rule executions. LGTM! This is going to be critical for identifying issues, so thanks for taking the time to get this in for 7.11 @dhurley14! 🎉 🙂
💚 Build SucceededMetrics [docs]
To update your PR or re-run it, just comment with: |
dhurley14
added a commit
to dhurley14/kibana
that referenced
this pull request
Feb 2, 2021
dhurley14
added a commit
to dhurley14/kibana
that referenced
this pull request
Feb 2, 2021
gmmorris
added a commit
to lizozom/kibana
that referenced
this pull request
Feb 2, 2021
…om/kibana into pr/89570 * 'sessions/save-all-sessions' of https://github.com/lizozom/kibana: (44 commits) [ML] Functional tests - skip DFA clone tests [Uptime] Fix synthetics detail step count (elastic#89940) Fixes the permissions to require cluster.manage in order to create an index and in order to update an index (elastic#89947) [Security Solution] [Detections] adds log info level for logging in cloud (elastic#89941) [Time to Visualize] Dashboard By Value Testing Lens (elastic#89581) [Uptime] Expand synthetic journey step thumbnail on hover (elastic#89179) TS project refs: Migrates snapshot_restore to a TS Project (elastic#89653) docs: APM 7.11 updates (elastic#89789) move skip to higher level (elastic#86952) Revert "Migrations v2: don't auto-create indices + FTR/esArchiver support (elastic#85778)" Revert "Revert "Enable v2 so migrations, disable in FTR tests (elastic#89297)"" Revert "Enable v2 so migrations, disable in FTR tests (elastic#89297)" [data.search] Allow search response to follow new hits format (elastic#88115) [Maps] Change 'create multi-layer map' title to be use-case focused (elastic#89520) skip flaky suite (elastic#86952) [Security Solution] Remove focustrap (elastic#89905) [Workplace Search] Add remaining i18n support for the Content Sources tree (elastic#89910) [esArchiver] log when migrations complete and we're done loading data (elastic#89938) Add --ssl flag to make resolver generator use ssl with kbn and elasticsearch clients (elastic#89873) TS project refs: Migrates grokdebugger (elastic#89652) ...
dhurley14
added a commit
that referenced
this pull request
Feb 2, 2021
dhurley14
added a commit
that referenced
this pull request
Feb 2, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Adds an
infolog level statement to execute at the end of a successful rule run whether any signals were found and what date ranges the search executed over.Checklist
Delete any items that are not applicable to this PR.
For maintainers