[Security Assistant] Adds Security Labs Knowledge Base content #184885
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
spong
added
release_note:skip
This was referenced Jun 6, 2024
spong
added
the
ci:cloud-persist-deployment
spong
commented
Oct 1, 2024
x-pack/plugins/elastic_assistant/server/lib/langchain/graphs/default_assistant_graph/index.ts
Outdated
Show resolved
Hide resolved
spong
commented
Oct 1, 2024
...ck/plugins/elastic_assistant/server/lib/langchain/elasticsearch_store/elasticsearch_store.ts
Outdated
Show resolved
Hide resolved
spong
commented
Oct 2, 2024
There was a problem hiding this comment.
The changes in this file can be fully reverted now, right?
spong
commented
Oct 2, 2024
...ion/server/assistant/tools/esql_language_knowledge_base/esql_language_knowledge_base_tool.ts
Outdated
Show resolved
Hide resolved
13 tasks
💛 Build succeeded, but was flaky
Failed CI Steps
Metrics [docs]Public APIs missing comments
Async chunks
History
To update your PR or re-run it, just comment with: cc @spong |
|
Starting backport for target branches: 8.x https://github.com/elastic/kibana/actions/runs/11171211328 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Oct 3, 2024
…ic#184885) ## Summary This PR adds the [Elastic Security Labs](https://www.elastic.co/security-labs) content to the Security Assistant Knowledge Base. Content is currently indexed and embedded from its source `.mdx`, and we're using the same default chunking strategy as with the ESQL documentation at the moment. Since some of this content is quite large, we may want to explore other chunking strategies. Now you can ask to fetch your recent alerts and ask if there's any Elastic Security Labs content about them 🙂. LangSmith trace [here](https://smith.langchain.com/public/0e906acd-ab56-479d-b6d2-9c7538f54d45/r). Malware alerts courtesy of @jamesspi's https://github.com/jamesspi/ohmymalware project <img width="16" src="https://user-images.githubusercontent.com/2946766/141219243-86619f7f-c300-4355-96f5-316d70aa6a0e.png" /> <p align="center"> <img width="375" src="https://github.com/elastic/kibana/assets/2946766/750b6dc5-90b9-444e-be1d-c3df892dae61" /> <img width="375" src="https://github.com/elastic/kibana/assets/2946766/e052cea0-ada4-4099-8b97-be05c1379b00" /> </p> <img width="2056" alt="image" src="https://github.com/user-attachments/assets/9a58a064-deb3-4ad4-a3a9-bb72d056e8b4"> ### Checklist Delete any items that are not applicable to this PR. - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials * Feature currently behind feature flag. Documentation to be added before flag is removed. Tracked in elastic/security-docs#5337 - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit 3499fbb)
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Oct 4, 2024
…184885) (#194886) # Backport This will backport the following commits from `main` to `8.x`: - [[Security Assistant] Adds Security Labs Knowledge Base content (#184885)](#184885) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Garrett Spong","email":"spong@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-03T23:22:03Z","message":"[Security Assistant] Adds Security Labs Knowledge Base content (#184885)\n\n## Summary\r\n\r\nThis PR adds the [Elastic Security\r\nLabs](https://www.elastic.co/security-labs) content to the Security\r\nAssistant Knowledge Base. Content is currently indexed and embedded from\r\nits source `.mdx`, and we're using the same default chunking strategy as\r\nwith the ESQL documentation at the moment. Since some of this content is\r\nquite large, we may want to explore other chunking strategies.\r\n\r\nNow you can ask to fetch your recent alerts and ask if there's any\r\nElastic Security Labs content about them 🙂.\r\n\r\nLangSmith trace\r\n[here](https://smith.langchain.com/public/0e906acd-ab56-479d-b6d2-9c7538f54d45/r).\r\n\r\nMalware alerts courtesy of @jamesspi's\r\nhttps://github.com/jamesspi/ohmymalware project <img width=\"16\"\r\nsrc=\"https://user-images.githubusercontent.com/2946766/141219243-86619f7f-c300-4355-96f5-316d70aa6a0e.png\"\r\n/>\r\n\r\n\r\n<p align=\"center\">\r\n<img width=\"375\"\r\nsrc=\"https://github.com/elastic/kibana/assets/2946766/750b6dc5-90b9-444e-be1d-c3df892dae61\"\r\n/> <img width=\"375\"\r\nsrc=\"https://github.com/elastic/kibana/assets/2946766/e052cea0-ada4-4099-8b97-be05c1379b00\"\r\n/>\r\n</p> \r\n\r\n<img width=\"2056\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9a58a064-deb3-4ad4-a3a9-bb72d056e8b4\">\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n* Feature currently behind feature flag. Documentation to be added\r\nbefore flag is removed. Tracked in\r\nhttps://github.com/elastic/security-docs/issues/5337\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"3499fbbc831ce6b9e65f73a9eb11b9677701c963","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","v9.0.0","Feature:Security Assistant","Team:Security Generative AI","v8.16.0","backport:version"],"title":"[Security Assistant] Adds Security Labs Knowledge Base content","number":184885,"url":"https://github.com/elastic/kibana/pull/184885","mergeCommit":{"message":"[Security Assistant] Adds Security Labs Knowledge Base content (#184885)\n\n## Summary\r\n\r\nThis PR adds the [Elastic Security\r\nLabs](https://www.elastic.co/security-labs) content to the Security\r\nAssistant Knowledge Base. Content is currently indexed and embedded from\r\nits source `.mdx`, and we're using the same default chunking strategy as\r\nwith the ESQL documentation at the moment. Since some of this content is\r\nquite large, we may want to explore other chunking strategies.\r\n\r\nNow you can ask to fetch your recent alerts and ask if there's any\r\nElastic Security Labs content about them 🙂.\r\n\r\nLangSmith trace\r\n[here](https://smith.langchain.com/public/0e906acd-ab56-479d-b6d2-9c7538f54d45/r).\r\n\r\nMalware alerts courtesy of @jamesspi's\r\nhttps://github.com/jamesspi/ohmymalware project <img width=\"16\"\r\nsrc=\"https://user-images.githubusercontent.com/2946766/141219243-86619f7f-c300-4355-96f5-316d70aa6a0e.png\"\r\n/>\r\n\r\n\r\n<p align=\"center\">\r\n<img width=\"375\"\r\nsrc=\"https://github.com/elastic/kibana/assets/2946766/750b6dc5-90b9-444e-be1d-c3df892dae61\"\r\n/> <img width=\"375\"\r\nsrc=\"https://github.com/elastic/kibana/assets/2946766/e052cea0-ada4-4099-8b97-be05c1379b00\"\r\n/>\r\n</p> \r\n\r\n<img width=\"2056\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9a58a064-deb3-4ad4-a3a9-bb72d056e8b4\">\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n* Feature currently behind feature flag. Documentation to be added\r\nbefore flag is removed. Tracked in\r\nhttps://github.com/elastic/security-docs/issues/5337\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"3499fbbc831ce6b9e65f73a9eb11b9677701c963"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/184885","number":184885,"mergeCommit":{"message":"[Security Assistant] Adds Security Labs Knowledge Base content (#184885)\n\n## Summary\r\n\r\nThis PR adds the [Elastic Security\r\nLabs](https://www.elastic.co/security-labs) content to the Security\r\nAssistant Knowledge Base. Content is currently indexed and embedded from\r\nits source `.mdx`, and we're using the same default chunking strategy as\r\nwith the ESQL documentation at the moment. Since some of this content is\r\nquite large, we may want to explore other chunking strategies.\r\n\r\nNow you can ask to fetch your recent alerts and ask if there's any\r\nElastic Security Labs content about them 🙂.\r\n\r\nLangSmith trace\r\n[here](https://smith.langchain.com/public/0e906acd-ab56-479d-b6d2-9c7538f54d45/r).\r\n\r\nMalware alerts courtesy of @jamesspi's\r\nhttps://github.com/jamesspi/ohmymalware project <img width=\"16\"\r\nsrc=\"https://user-images.githubusercontent.com/2946766/141219243-86619f7f-c300-4355-96f5-316d70aa6a0e.png\"\r\n/>\r\n\r\n\r\n<p align=\"center\">\r\n<img width=\"375\"\r\nsrc=\"https://github.com/elastic/kibana/assets/2946766/750b6dc5-90b9-444e-be1d-c3df892dae61\"\r\n/> <img width=\"375\"\r\nsrc=\"https://github.com/elastic/kibana/assets/2946766/e052cea0-ada4-4099-8b97-be05c1379b00\"\r\n/>\r\n</p> \r\n\r\n<img width=\"2056\" alt=\"image\"\r\nsrc=\"https://github.com/user-attachments/assets/9a58a064-deb3-4ad4-a3a9-bb72d056e8b4\">\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n- [X] Any text added follows [EUI's writing\r\nguidelines](https://elastic.github.io/eui/#/guidelines/writing), uses\r\nsentence case text and includes [i18n\r\nsupport](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md)\r\n- [ ]\r\n[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)\r\nwas added for features that require explanation or tutorials\r\n* Feature currently behind feature flag. Documentation to be added\r\nbefore flag is removed. Tracked in\r\nhttps://github.com/elastic/security-docs/issues/5337\r\n- [X] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios\r\n\r\n---------\r\n\r\nCo-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com>\r\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"3499fbbc831ce6b9e65f73a9eb11b9677701c963"}},{"branch":"8.x","label":"v8.16.0","branchLabelMappingKey":"^v8.16.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Garrett Spong <spong@users.noreply.github.com>
tiansivive
pushed a commit
to tiansivive/kibana
that referenced
this pull request
Oct 7, 2024
![https://user-images.githubusercontent.com/2946766/141219243-86619f7f-c300-4355-96f5-316d70aa6a0e.png\"\r\n/>\r\n\r\n\r\n<p](https://user-images.githubusercontent.com/2946766/141219243-86619f7f-c300-4355-96f5-316d70aa6a0e.png\"\r\n/>\r\n\r\n\r\n<p){kind=link}
…ic#184885) ## Summary This PR adds the [Elastic Security Labs](https://www.elastic.co/security-labs) content to the Security Assistant Knowledge Base. Content is currently indexed and embedded from its source `.mdx`, and we're using the same default chunking strategy as with the ESQL documentation at the moment. Since some of this content is quite large, we may want to explore other chunking strategies. Now you can ask to fetch your recent alerts and ask if there's any Elastic Security Labs content about them 🙂. LangSmith trace [here](https://smith.langchain.com/public/0e906acd-ab56-479d-b6d2-9c7538f54d45/r). Malware alerts courtesy of @jamesspi's https://github.com/jamesspi/ohmymalware project <img width="16" src="https://user-images.githubusercontent.com/2946766/141219243-86619f7f-c300-4355-96f5-316d70aa6a0e.png" /> <p align="center"> <img width="375" src="https://github.com/elastic/kibana/assets/2946766/750b6dc5-90b9-444e-be1d-c3df892dae61" /> <img width="375" src="https://github.com/elastic/kibana/assets/2946766/e052cea0-ada4-4099-8b97-be05c1379b00" /> </p> <img width="2056" alt="image" src="https://github.com/user-attachments/assets/9a58a064-deb3-4ad4-a3a9-bb72d056e8b4"> ### Checklist Delete any items that are not applicable to this PR. - [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials * Feature currently behind feature flag. Documentation to be added before flag is removed. Tracked in elastic/security-docs#5337 - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: Patryk Kopycinski <contact@patrykkopycinski.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds the Elastic Security Labs content to the Security Assistant Knowledge Base. Content is currently indexed and embedded from its source
.mdx, and we're using the same default chunking strategy as with the ESQL documentation at the moment. Since some of this content is quite large, we may want to explore other chunking strategies.Now you can ask to fetch your recent alerts and ask if there's any Elastic Security Labs content about them 🙂.
LangSmith trace here.
Malware alerts courtesy of @jamesspi's https://github.com/jamesspi/ohmymalware project
Checklist
Delete any items that are not applicable to this PR.