Skip to content

Commit

Permalink
[EDR Workflows] Automated Actions in more rule types (elastic#191874)
Browse files Browse the repository at this point in the history
  • Loading branch information
tomsonpl authored Sep 18, 2024
1 parent 70b7d26 commit 004631b
Show file tree
Hide file tree
Showing 33 changed files with 737 additions and 85 deletions.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -224,6 +224,7 @@ export const EqlOptionalFields = z.object({
tiebreaker_field: TiebreakerField.optional(),
timestamp_field: TimestampField.optional(),
alert_suppression: AlertSuppression.optional(),
response_actions: z.array(ResponseAction).optional(),
});

export type EqlRuleCreateFields = z.infer<typeof EqlRuleCreateFields>;
Expand Down Expand Up @@ -521,6 +522,7 @@ export const NewTermsRuleOptionalFields = z.object({
data_view_id: DataViewId.optional(),
filters: RuleFilterArray.optional(),
alert_suppression: AlertSuppression.optional(),
response_actions: z.array(ResponseAction).optional(),
});

export type NewTermsRuleDefaultableFields = z.infer<typeof NewTermsRuleDefaultableFields>;
Expand Down Expand Up @@ -574,6 +576,7 @@ export const EsqlRuleRequiredFields = z.object({
export type EsqlRuleOptionalFields = z.infer<typeof EsqlRuleOptionalFields>;
export const EsqlRuleOptionalFields = z.object({
alert_suppression: AlertSuppression.optional(),
response_actions: z.array(ResponseAction).optional(),
});

export type EsqlRulePatchFields = z.infer<typeof EsqlRulePatchFields>;
Expand Down
Loading

0 comments on commit 004631b

Please sign in to comment.