[Security Solution] [Detections] Combine multiple timestamp searches into single request #96078
Commits on Apr 20, 2021
-
-
-
-
-
adds integration tests to cover cases that should / should not genera…
…te signals when timestamp override is present in rule
-
adds integration test to ensure unmapped sort fields do not break sea…
…rch after functionality of detection rules
-
updates tests with new es archive data and fixes bug where exclusion …
…filter was hardcoded to event.ingested :yikes:
-
-
fixes typo in test file, removes redundant delete signals call in int…
…egration test, fixes logic for possibility of receving a null value in sort ids, removes unused utility function for checking valid sort ids
-
a unit test for checking if an empty string of a sort id is present w…
…as failing because we moved the logic for checking that out of the build search query function and up into the big loop. So I moved that unit test into the search after bulk create test file.
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.