Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Edit max_signals field for custom rules in UI [classic] #5106

Merged
merged 11 commits into from
Jul 3, 2024

Conversation

joepeeples
Copy link
Contributor

@joepeeples joepeeples commented Apr 23, 2024

Important

Do not merge to main until after 8.14.0 release, maybe until 8.15 feature freeze. This is to avoid adding 8.15 features into previous versions' branches (since those branches would be cut from main).

Contributes to #5029.

Preview

Twin PR for serverless

@joepeeples joepeeples added Team: Detections/Response Detections and Response Feature: Rules Docset: ESS Issues that apply to docs in the Stack release v8.15.0 labels Apr 23, 2024
@joepeeples joepeeples self-assigned this Apr 23, 2024
Copy link

A documentation preview will be available soon.

Request a new doc build by commenting
  • Rebuild this PR: run docs-build
  • Rebuild this PR and all Elastic docs: run docs-build rebuild

run docs-build is much faster than run docs-build rebuild. A rebuild should only be needed in rare situations.

If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here.

@joepeeples joepeeples marked this pull request as ready for review April 23, 2024 14:17
@joepeeples joepeeples requested a review from a team as a code owner April 23, 2024 14:17
@joepeeples joepeeples changed the title Edit max_signals field for custom rules in UI [classic] Edit max_signals field for custom rules in UI [classic] Apr 23, 2024
Copy link
Contributor

@approksiu approksiu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested some changes in a comment

dplumlee
dplumlee previously approved these changes Apr 25, 2024
Copy link
Contributor

@dplumlee dplumlee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This lines up correctly with the logic we have implemented, thanks @joepeeples!

banderror
banderror previously approved these changes Apr 26, 2024
Copy link
Contributor

@banderror banderror left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks awesome! 👍

@joepeeples joepeeples dismissed stale reviews from dplumlee and banderror via f1aa5b1 May 9, 2024 16:36
benironside
benironside previously approved these changes May 13, 2024
Copy link
Contributor

@benironside benironside left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

This comment was marked as resolved.

approksiu
approksiu previously approved these changes Jun 13, 2024
Copy link
Contributor

@approksiu approksiu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@joepeeples joepeeples dismissed stale reviews from approksiu and benironside via 32ff5d3 July 3, 2024 19:41
@joepeeples joepeeples merged commit 3bdfc22 into main Jul 3, 2024
3 checks passed
mergify bot pushed a commit that referenced this pull request Jul 3, 2024
* First draft

* Update docs/detections/rules-ui-create.asciidoc

* Revise note (in API docs too)

* Update ESQL rule steps

per https://github.com/elastic/staging-serverless-security-docs/pull/340#issuecomment-2103001892

* Revise alert suppression refs to max_signals

* Explain max_signals = Max alerts per run

* Add updates to "update rule" API too

(cherry picked from commit 3bdfc22)
@joepeeples joepeeples deleted the 5029-max_signals-editable-classic branch July 3, 2024 20:12
joepeeples added a commit that referenced this pull request Jul 3, 2024
)

* First draft

* Update docs/detections/rules-ui-create.asciidoc

* Revise note (in API docs too)

* Update ESQL rule steps

per https://github.com/elastic/staging-serverless-security-docs/pull/340#issuecomment-2103001892

* Revise alert suppression refs to max_signals

* Explain max_signals = Max alerts per run

* Add updates to "update rule" API too

(cherry picked from commit 3bdfc22)

Co-authored-by: Joe Peeples <joe.peeples@elastic.co>
@joepeeples joepeeples mentioned this pull request Aug 5, 2024
22 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Docset: ESS Issues that apply to docs in the Stack release Feature: Rules Team: Detections/Response Detections and Response v8.15.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants