From 803061ac31046b22fcf904fd693828de0c8ac7f3 Mon Sep 17 00:00:00 2001
From: Marshall Main <marshall.main@elastic.co>
Date: Wed, 8 Jul 2020 12:34:59 -0400
Subject: [PATCH 1/5] Change risk_score mapping from keyword to float

---
 .../lib/detection_engine/routes/index/signals_mapping.json      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json
index aa4166e93f4a1..d600bae2746d9 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json
@@ -68,7 +68,7 @@
                 "type": "keyword"
               },
               "risk_score": {
-                "type": "keyword"
+                "type": "float"
               },
               "risk_score_mapping": {
                 "properties": {

From cd328e0a07afe05983b05ed0b9b909220df34baf Mon Sep 17 00:00:00 2001
From: Marshall Main <marshall.main@elastic.co>
Date: Wed, 8 Jul 2020 12:51:05 -0400
Subject: [PATCH 2/5] Change default alert histogram option

---
 .../public/alerts/components/alerts_histogram_panel/config.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/x-pack/plugins/security_solution/public/alerts/components/alerts_histogram_panel/config.ts b/x-pack/plugins/security_solution/public/alerts/components/alerts_histogram_panel/config.ts
index 5138835873812..b906f26c35ceb 100644
--- a/x-pack/plugins/security_solution/public/alerts/components/alerts_histogram_panel/config.ts
+++ b/x-pack/plugins/security_solution/public/alerts/components/alerts_histogram_panel/config.ts
@@ -7,6 +7,8 @@
 import { AlertsHistogramOption } from './types';
 
 export const alertsHistogramOptions: AlertsHistogramOption[] = [
+  { text: 'signal.rule.name', value: 'signal.rule.name' },
+  { text: 'signal.rule.type', value: 'signal.rule.type' },
   { text: 'signal.rule.risk_score', value: 'signal.rule.risk_score' },
   { text: 'signal.rule.severity', value: 'signal.rule.severity' },
   { text: 'signal.rule.threat.tactic.name', value: 'signal.rule.threat.tactic.name' },
@@ -14,8 +16,6 @@ export const alertsHistogramOptions: AlertsHistogramOption[] = [
   { text: 'event.action', value: 'event.action' },
   { text: 'event.category', value: 'event.category' },
   { text: 'host.name', value: 'host.name' },
-  { text: 'signal.rule.type', value: 'signal.rule.type' },
-  { text: 'signal.rule.name', value: 'signal.rule.name' },
   { text: 'source.ip', value: 'source.ip' },
   { text: 'user.name', value: 'user.name' },
 ];

From c2c6cfec7472920068f93ea268533e770cfb4caf Mon Sep 17 00:00:00 2001
From: Marshall Main <marshall.main@elastic.co>
Date: Thu, 9 Jul 2020 13:33:32 -0400
Subject: [PATCH 3/5] Add version to signals template

---
 .../detection_engine/routes/index/get_signals_template.test.ts   | 1 +
 .../lib/detection_engine/routes/index/get_signals_template.ts    | 1 +
 2 files changed, 2 insertions(+)

diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.test.ts
index 30362392898d1..899273bf0feaa 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.test.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.test.ts
@@ -19,6 +19,7 @@ describe('get_signals_template', () => {
       mapping: {
         total_fields: { limit: 10000 },
       },
+      version: 1,
     });
   });
 
diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts
index 01d7182e253ce..cc22f34560c71 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts
@@ -25,6 +25,7 @@ export const getSignalsTemplate = (index: string) => {
     },
     index_patterns: [`${index}-*`],
     mappings: ecsMapping.mappings,
+    version: 1,
   };
   return template;
 };

From 42929af4cfa880a3fe823523945560882559a8b3 Mon Sep 17 00:00:00 2001
From: Marshall Main <marshall.main@elastic.co>
Date: Thu, 9 Jul 2020 15:24:57 -0400
Subject: [PATCH 4/5] Fix test

---
 .../detection_engine/routes/index/get_signals_template.test.ts   | 1 -
 1 file changed, 1 deletion(-)

diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.test.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.test.ts
index 899273bf0feaa..30362392898d1 100644
--- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.test.ts
+++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.test.ts
@@ -19,7 +19,6 @@ describe('get_signals_template', () => {
       mapping: {
         total_fields: { limit: 10000 },
       },
-      version: 1,
     });
   });
 

From a7a2d5d8caabce6f141c7d99f6fdd0af76e0e7ef Mon Sep 17 00:00:00 2001
From: Marshall Main <marshall.main@elastic.co>
Date: Thu, 9 Jul 2020 15:44:37 -0400
Subject: [PATCH 5/5] Undo histogram order change

---
 .../detections/components/alerts_histogram_panel/config.ts    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/x-pack/plugins/security_solution/public/detections/components/alerts_histogram_panel/config.ts b/x-pack/plugins/security_solution/public/detections/components/alerts_histogram_panel/config.ts
index b906f26c35ceb..5138835873812 100644
--- a/x-pack/plugins/security_solution/public/detections/components/alerts_histogram_panel/config.ts
+++ b/x-pack/plugins/security_solution/public/detections/components/alerts_histogram_panel/config.ts
@@ -7,8 +7,6 @@
 import { AlertsHistogramOption } from './types';
 
 export const alertsHistogramOptions: AlertsHistogramOption[] = [
-  { text: 'signal.rule.name', value: 'signal.rule.name' },
-  { text: 'signal.rule.type', value: 'signal.rule.type' },
   { text: 'signal.rule.risk_score', value: 'signal.rule.risk_score' },
   { text: 'signal.rule.severity', value: 'signal.rule.severity' },
   { text: 'signal.rule.threat.tactic.name', value: 'signal.rule.threat.tactic.name' },
@@ -16,6 +14,8 @@ export const alertsHistogramOptions: AlertsHistogramOption[] = [
   { text: 'event.action', value: 'event.action' },
   { text: 'event.category', value: 'event.category' },
   { text: 'host.name', value: 'host.name' },
+  { text: 'signal.rule.type', value: 'signal.rule.type' },
+  { text: 'signal.rule.name', value: 'signal.rule.name' },
   { text: 'source.ip', value: 'source.ip' },
   { text: 'user.name', value: 'user.name' },
 ];