Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SIEM ML Anomalies tab shows all anomalies even when on a single host #63345

Closed
jamesspi opened this issue Apr 13, 2020 · 5 comments
Closed

SIEM ML Anomalies tab shows all anomalies even when on a single host #63345

jamesspi opened this issue Apr 13, 2020 · 5 comments
Assignees
@patrykkopycinski
Labels
bug Fixes for quality problems that affect the customer experience Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM Team:Threat Hunting Security Solution Threat Hunting Team v7.10.0

Comments

@jamesspi
Copy link

Kibana version: 7.6.2

Elasticsearch version: 7.6.2

Server OS version: ESS

Describe the bug: If a user drills down into a particular host and navigates to the anomalies tab for that host, all anomalies are shown - not just those triggered for that host.

Steps to reproduce:
1.Enter the SIEM App
2.Click on a host via any part of the SIEM app
3.Navigate to the anomalies tab

Expected behavior: Only the anomalies for the host should show.

Screenshots (if relevant):
Screenshot 2020-04-13 at 15 25 53
@jamesspi jamesspi added bug Fixes for quality problems that affect the customer experience Team:SIEM labels Apr 13, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@jamesspi jamesspi changed the title SIEM ML Anomalies tab shows all anomalies event when on a single host SIEM ML Anomalies tab shows all anomalies even when on a single host Apr 13, 2020
@XavierM
Copy link
Contributor

XavierM commented Jun 26, 2020

that's still valid

@MadameSheema MadameSheema added the Team:Threat Hunting Security Solution Threat Hunting Team label Oct 13, 2020
@patrykkopycinski patrykkopycinski self-assigned this Oct 13, 2020
@patrykkopycinski patrykkopycinski mentioned this issue Oct 14, 2020
Merged
1 task
@MadameSheema
Copy link
Member

Closing this issue since is fixed on 7.10BC3.

@jamesspi are you willing to double check the fix of the issue to make sure we are not missing anything? Thanks 😊

@jamesspi
Copy link
Author

Hey @MadameSheema will be testing BC3 today in fact. Will let you know.

@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Oct 27, 2020
@ghost
Copy link

ghost commented Nov 25, 2020

Bug Conversion:

This ticket requires Dev validation

Thanks!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@patrykkopycinski patrykkopycinski

Labels
bug Fixes for quality problems that affect the customer experience Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM Team:Threat Hunting Security Solution Threat Hunting Team v7.10.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@XavierM @MindyRS @patrykkopycinski @elasticmachine @MadameSheema @jamesspi