Skip to content

Commit

Permalink
Fixing merge conflict. (#1205)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jmikell821
jmikell821 authored Nov 8, 2021
1 parent 7f8a504 commit 1ba2fc2
Showing 1 changed file with 8 additions and 9 deletions.
17 changes: 8 additions & 9 deletions docs/post-upgrade-req.asciidoc
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
[[post-upgrade-req]]
[role="xpack"]
= Enable process analyzer after an upgrade
== Enable analyze event feature after an upgrade

After upgrading from {stack} version 7.9.x to >= 7.10.x from a previous minor release (e.g., 7.8.x, etc.), you need to update `.siem-signals*` system index mappings to enable <<alerts-analyze-events, graphical representations of process relationships>>.
After upgrading from {stack} version 7.9.x from a previous minor release (7.8.x, etc.), you need to update `.siem-signals*` system index mappings to enable the <<visual-event-analyzer, analyze event feature>>, which shows graphical representations of process relationships.

NOTE: If you are upgrading from a minor release to {stack} version >= 7.11.0, there is now a <<signals-migration-api>> that you can use instead of the manual process described below.

Expand Down Expand Up @@ -113,11 +113,11 @@ The console output pane displays this text:

To disable all detection rules:

. Go to *Security* -> *Detections* -> *Manage detection rules*.
. Go to *Detections* -> *Manage detection rules*.
. Scroll to the bottom of the page.
. Click the `Rows per page` menu, and then select _300 rows_.
. Click the `Rows per page` menu, and then select *300 rows*.
. When the page reloads, select all the rules.
. Click _Bulk actions_ -> _Deactivate selected_.
. Click *Bulk actions* -> *Deactivate selected*.

[discrete]
[[copy-alerts]]
Expand Down Expand Up @@ -206,12 +206,11 @@ Foe each command, the console output pane displays this text:

Enabling detections rules automatically creates the new indices:

. Go to *Security* -> *Detections* -> *Manage detection rules*.
. Go to *Detections* -> *Manage detection rules*.
. Select the rules you want to activate.
. Click _Bulk actions_ -> _Activate selected_.
. Click *Bulk actions* -> *Activate selected*.
+
The selected rules are activated and the new index, index template, and ILM
policy are created.
The selected rules are activated and the new index, index template, and ILM policy are created.
. To verify the new index has been created:
.. Go to *Management* -> *Dev Tools*.
.. Run the following command:
Expand Down

0 comments on commit 1ba2fc2

Please sign in to comment.