Update Prebuilt Rule Links for Malicious Site in 7.14 #4272
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Update 7.x branch
* dumnps siem stuff * fixes include from ml docs
* starts adding timeline api and object schema * continues timeline object schema * timeline schema * minor edits * another correction * corrections - round 1 * table structure * correction cont * adds screenshot * fixes terminology * wording * wording * more corrections and stuff * more stuff * LIVERPOOL 30 YEARS * improves screenshot callouts * corrections are meeting * fixes link * restrcuture ToC * cleanup * improves pinned events description * removes timeline schema file text
* adds new rule fields * makes things more readable?? * updates terminology where possible * typos and stuff * more terminology changes * corrections and new eample * updates-signals-endpoint * missing comma * corrections after reiew * typo * wording and typos * updates update rule endpoint * terminology * corrections after review
[DOCS]: Hosts Overview
* dtections-ui-overview * initial overview draft * typo * restructuring for dedicated alerts section * rewording * exceptions from alerts * adds new rule options * adds new action text placeholder * restructer * structure, exceptions and building-blocks * minor edits * adds exceptions * exceptions cont * exceptions correction * more stuff * proofing and whatnot * terminology * nested exception conditions * typo * typo - thanks Nate * corrections - round 1 * add nested conditions example * typo * editing * more proofing * updates ex example * adds promoted endpoint events * typo * corrections after review * corrections
* timeline and template updates * uncomments out original timeline section in SIEM UI * removes original timeline IDs to avoid build conflict * add all actions screenshot * add all actions screenshot * corrections * adds filter explanation and legend
* Committing first few changes. * Committing edits 8/5/20 * Adding file to index.asciidoc * Formatting changes 8/6/20 Co-authored-by: Janeen Mikell-Straughn <janeen.mikellstraughn@elastic.co>
* Committing so I don't lose... * Committing to save 8/12/20 * UI changes, TOC changes, creation of network page topic, edited images. * Update network-page-overview.asciidoc Fixing build errors. * Fixing build errors * Update docs/getting-started/network-page-overview.asciidoc Co-authored-by: Lisa Cawley <lcawley@elastic.co> * Update docs/getting-started/security-ui.asciidoc Co-authored-by: Lisa Cawley <lcawley@elastic.co> * Update network-page-overview.asciidoc * Update docs/getting-started/network-page-overview.asciidoc * Update docs/getting-started/security-ui.asciidoc * Update docs/getting-started/security-ui.asciidoc * [DOCS] Link fixes * [DOCS] Nests content under Get Started * Update docs/getting-started/network-page-overview.asciidoc Co-authored-by: Ben Skelker <54019610+benskelker@users.noreply.github.com> * Update docs/getting-started/security-ui.asciidoc Co-authored-by: Ben Skelker <54019610+benskelker@users.noreply.github.com> * Fixes/merging feedback * Build fixes * [DOCS] Add temporary redirects file * [DOCS] Adds another redirect * [DOCS] More redirects Co-authored-by: Lisa Cawley <lcawley@elastic.co> Co-authored-by: Ben Skelker <54019610+benskelker@users.noreply.github.com> Co-authored-by: Lisa Cawley <lcawley@elastic.co> Co-authored-by: Ben Skelker <54019610+benskelker@users.noreply.github.com>
* detections requirements * removes requirements from old location * adds cases requirements * add case license requirement * add ml requirements * moves map conf and general corrections * corrections * terminology * minor edits * terminology * adds redirect for in-app link * adds ingest page * minor edits * adds link * edit * add alert notification license requirement * adds link to support matrix * edit * adds UI pages and changes doc structure * corrections
Co-authored-by: Janeen Mikell-Straughn <janeen.mikellstraughn@elastic.co>
Looks like some extra lines were accidentally left from a previous merge-conflict resolution
Adding an example request for creating a case with no connector Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com>
Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com>
…1175) * adds warning for basic auth only * fixes link references * use ref not kibana-ref, maybe? * use kibana-ref Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com> Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> (cherry picked from commit 4b16a4f) Co-authored-by: Devin W. Hurley <snowmiser111@gmail.com>
… detection rule execution failure (#1160) (#1222) * Provide more details on how to start ML job to avoid ML detection rule execution failure (#1160) * First draft * Adds to both rule creation and troubleshooting topics * Adds new screenshots to highlight the correct feature to use * Update rule-start-ml-job.png * Corrects name of custom query rule * Update docs/troubleshooting/detections/detection-rules.asciidoc Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> # Conflicts: # docs/troubleshooting/detections/detection-rules.asciidoc * Rearrange template-script and troubleshooting-intro
* Change ML node req from "all nodes" to "at least one" & update link * fixes broken link * Update docs/getting-started/ml-req.asciidoc update link text Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com>
trusted-apps-list.png - TA docs page trusted-apps-page.png - UI Overview docs page
* Add rules for integration-v0.14.3 * add summary note * fix link * fix file name * remove duplicated links caused by a deprecation/rename * update date and summary description (cherry picked from commit d07ae02) Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>
Updates links to the [Filebeat Google Workspace module](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-gsuite.html) so they don't break when we change the current Stack version to 8.0. Relates to elastic/docs#2312 Co-authored-by: James Rodewig <james.rodewig@elastic.co>
…ort #2110) (#2122) * [DOCS] Adds warning about exceptions requiring mappings (#2110) * Move callout about endpoint exceptions to more appropriate section This not was previously at the top-level exceptions section, when it really only applies when adding to the Endpoint rule. * Add note about mappings being required for exceptions Wording is subject to change; just throwing something at the wall for now. * Apply suggestions from code review Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> (cherry picked from commit aeb69a6) # Conflicts: # docs/detections/detections-ui-exceptions.asciidoc * Resolve merge conflicts with 7.14 branch. Co-authored-by: Ryland Herrick <ryalnd@gmail.com>
|
Documentation previews: |
|
❌ Author of the following commits did not sign a Contributor Agreement: Please, read and sign the above mentioned agreement if you want to contribute to this project |
|
|
|
This pull request does not have a backport label. Could you fix it @terrancedejesus? 🙏
NOTE: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Fixes links to malicious site.
Related: