From b4d69d09b752b3d8ff0cca38847b2c06bbd24e0d Mon Sep 17 00:00:00 2001 From: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com> Date: Tue, 30 Apr 2024 10:35:18 -0400 Subject: [PATCH] [Request][Detection Engine][ESS][8.14] GA-ing alert suppression for custom query rule (#5114) * Updates tech preview text * Removing tag from custom query rule * Reverting change to lang Suppression page has the updated tech preview label lang. No need to change it elsewhere. * Update docs/detections/rules-ui-create.asciidoc Co-authored-by: Joe Peeples * Update docs/detections/rules-ui-create.asciidoc Co-authored-by: Joe Peeples --------- Co-authored-by: Joe Peeples (cherry picked from commit 0d835e1410a3b895dca4e174941c200b85fe23f3) --- docs/detections/alert-suppression.asciidoc | 2 +- docs/detections/api/rules/rules-api-create.asciidoc | 2 +- docs/detections/api/rules/rules-api-update.asciidoc | 2 +- docs/detections/rules-ui-create.asciidoc | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/detections/alert-suppression.asciidoc b/docs/detections/alert-suppression.asciidoc index 9a1da41d62..9bf79afce9 100644 --- a/docs/detections/alert-suppression.asciidoc +++ b/docs/detections/alert-suppression.asciidoc @@ -6,7 +6,7 @@ -- Alert suppression requires a https://www.elastic.co/pricing[Platinum or higher subscription]. -preview::[] +preview::["Alert suppression is in technical preview for threshold, indicator match, event correlation, and new terms rules. The functionality may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features."] -- Alert suppression allows you to reduce the number of repeated or duplicate detection alerts created by these detection rule types: diff --git a/docs/detections/api/rules/rules-api-create.asciidoc b/docs/detections/api/rules/rules-api-create.asciidoc index 24d9d0637d..66278ae3ce 100644 --- a/docs/detections/api/rules/rules-api-create.asciidoc +++ b/docs/detections/api/rules/rules-api-create.asciidoc @@ -493,7 +493,7 @@ a detection rule exception (`detection`) or an endpoint exception (`endpoint`). [[opt-fields-alert-suppression-create]] ===== Optional alert suppression fields for query, indicator match, threshold, event correlation (non-sequence queries only), and new terms rules -preview::[] +preview::["Alert suppression is in technical preview for threshold, indicator match, event correlation, and new terms rules. The functionality may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features."] ====== Query, indicator match, event correlation (non-sequence queries only), and new terms rules diff --git a/docs/detections/api/rules/rules-api-update.asciidoc b/docs/detections/api/rules/rules-api-update.asciidoc index fc2fcfc369..06d267226b 100644 --- a/docs/detections/api/rules/rules-api-update.asciidoc +++ b/docs/detections/api/rules/rules-api-update.asciidoc @@ -518,7 +518,7 @@ in the UI (*Rules* -> *Detection rules (SIEM)* -> *_Rule name_*). [[opt-fields-alert-suppression-update]] ===== Optional alert suppression fields for query, indicator match, threshold, event correlation (non-sequence queries only), and new terms rules -preview::[] +preview::["Alert suppression is in technical preview for threshold, indicator match, event correlation, and new terms rules. The functionality may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features."] ====== Query, indicator match, event correlation (non-sequence queries only), and new terms rules diff --git a/docs/detections/rules-ui-create.asciidoc b/docs/detections/rules-ui-create.asciidoc index c1b1675181..16f2a712dc 100644 --- a/docs/detections/rules-ui-create.asciidoc +++ b/docs/detections/rules-ui-create.asciidoc @@ -81,7 +81,7 @@ When you use a saved query, the *Load saved query "_query name_" dynamically on * Deselect this to load the saved query as a one-time way of populating the rule's *Custom query* field and filters. This copies the settings from the saved query to the rule, so you can then further adjust the rule's query and filters as needed. If the saved query is later changed, the rule will not inherit those changes. -. preview:[] (Optional, https://www.elastic.co/pricing[Platinum or higher subscription] required) Use *Suppress alerts by* to reduce the number of repeated or duplicate alerts created by the rule. Refer to <> for more information. +. (Optional, https://www.elastic.co/pricing[Platinum or higher subscription] required) Use *Suppress alerts by* to reduce the number of repeated or duplicate alerts created by the rule. Refer to <> for more information. . Click **Continue** to <>.