Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RAM][Security Solution] Include the EQL building block alerts in the alerts context so that the action-per-alert context for EQL sequences has the entire sequence #155748

Open
Tracked by #165878
e40pud opened this issue Apr 25, 2023 · 1 comment
Open
Tracked by #165878

[RAM][Security Solution] Include the EQL building block alerts in the alerts context so that the action-per-alert context for EQL sequences has the entire sequence #155748

e40pud opened this issue Apr 25, 2023 · 1 comment
Labels
enhancement New value added to drive a business result Near Future Work Tickets we want to work on in the near future. Team:Detection Engine Security Solution Detection Engine Area

Comments

@e40pud
Copy link
Contributor

e40pud commented Apr 25, 2023

Describe the feature:

Original comment

Include the EQL building block alerts in the alerts context so that the action-per-alert context for EQL sequences has the entire sequence.

cc @marshallmain
@e40pud e40pud added Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Team:Detection Alerts Security Detection Alerts Area Team 8.8 candidate labels Apr 25, 2023
@e40pud e40pud self-assigned this Apr 25, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@e40pud e40pud mentioned this issue Apr 25, 2023
Merged
1 task
@yctercero yctercero added Team:Detection Engine Security Solution Detection Engine Area enhancement New value added to drive a business result Near Future Work Tickets we want to work on in the near future. and removed Team:Detection Alerts Security Detection Alerts Area Team 8.8 candidate labels May 13, 2023
@XavierM XavierM removed the Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) label May 17, 2023
@yctercero yctercero mentioned this issue Sep 6, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New value added to drive a business result Near Future Work Tickets we want to work on in the near future. Team:Detection Engine Security Solution Detection Engine Area
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@XavierM @e40pud @yctercero @elasticmachine