[Security Solution] Advanced policy options for Endpoint 8.8 (#156308)

## Summary Adds several more advanced options for Endpoint to Policy. ![image](https://user-images.githubusercontent.com/56395104/235530865-635a6427-336c-4120-9112-47fb3ea9fe5e.png) ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
2025-06-27 18:51:07 -04:00 · 2023-05-01 18:44:35 -04:00 · 2023-05-01 18:44:35 -04:00 · 47b1ca3813
commit 47b1ca3813
parent 10bb8e9e6a
1 changed files with 183 additions and 0 deletions
--- a/x-pack/plugins/security_solution/public/management/pages/policy/models/advanced_policy_schema.ts
+++ b/x-pack/plugins/security_solution/public/management/pages/policy/models/advanced_policy_schema.ts
@ -1081,4 +1081,187 @@ export const AdvancedPolicySchema: AdvancedPolicySchemaType[] = [
      }
    ),
  },
+  {
+    key: 'windows.advanced.events.callstacks.emit_in_events',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.events.callstacks.emit_in_events',
+      {
+        defaultMessage:
+          'If set, callstacks will be included in regular events where they are collected. Otherwise, they are only included in events that trigger behavioral protection rules. Note that setting this may significantly increase data volumes. Default: false',
+      }
+    ),
+  },
+  {
+    key: 'windows.advanced.events.callstacks.process',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.events.callstacks.process',
+      {
+        defaultMessage: 'Collect callstacks during process events?  Default: true',
+      }
+    ),
+  },
+  {
+    key: 'windows.advanced.events.callstacks.image_load',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.events.callstacks.image_load',
+      {
+        defaultMessage: 'Collect callstacks during image/library load events?  Default: true',
+      }
+    ),
+  },
+  {
+    key: 'windows.advanced.events.callstacks.file',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.events.callstacks.file',
+      {
+        defaultMessage: 'Collect callstacks during file events?  Default: true',
+      }
+    ),
+  },
+  {
+    key: 'windows.advanced.events.callstacks.registry',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.events.callstacks.registry',
+      {
+        defaultMessage: 'Collect callstacks during registry events?  Default: true',
+      }
+    ),
+  },
+  {
+    key: 'windows.advanced.artifacts.global.proxy_url',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.artifacts.global.proxy_url',
+      {
+        defaultMessage:
+          'Proxy server to use when downloading global artifact manifests. Default: none',
+      }
+    ),
+  },
+  {
+    key: 'windows.advanced.artifacts.global.proxy_disable',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.artifacts.global.proxy_disable',
+      {
+        defaultMessage:
+          'If the proxy setting should be used when downloading global artifact manifests. Default: false',
+      }
+    ),
+  },
+  {
+    key: 'windows.advanced.artifacts.user.proxy_url',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.artifacts.user.proxy_url',
+      {
+        defaultMessage:
+          'Proxy server to use when downloading user artifact manifests. Default: none',
+      }
+    ),
+  },
+  {
+    key: 'windows.advanced.artifacts.user.proxy_disable',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.artifacts.user.proxy_disable',
+      {
+        defaultMessage:
+          'If the proxy setting should be used when downloading user artifact manifests. Default: false',
+      }
+    ),
+  },
+  {
+    key: 'mac.advanced.artifacts.global.proxy_url',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.mac.advanced.artifacts.global.proxy_url',
+      {
+        defaultMessage:
+          'Proxy server to use when downloading global artifact manifests. Default: none',
+      }
+    ),
+  },
+  {
+    key: 'mac.advanced.artifacts.global.proxy_disable',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.mac.advanced.artifacts.global.proxy_disable',
+      {
+        defaultMessage:
+          'If the proxy setting should be used when downloading global artifact manifests. Default: false',
+      }
+    ),
+  },
+  {
+    key: 'mac.advanced.artifacts.user.proxy_url',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.mac.advanced.artifacts.user.proxy_url',
+      {
+        defaultMessage:
+          'Proxy server to use when downloading user artifact manifests. Default: none',
+      }
+    ),
+  },
+  {
+    key: 'mac.advanced.artifacts.user.proxy_disable',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.mac.advanced.artifacts.user.proxy_disable',
+      {
+        defaultMessage:
+          'If the proxy setting should be used when downloading user artifact manifests. Default: false',
+      }
+    ),
+  },
+  {
+    key: 'linux.advanced.artifacts.global.proxy_url',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.linux.advanced.artifacts.global.proxy_url',
+      {
+        defaultMessage:
+          'Proxy server to use when downloading global artifact manifests. Default: none',
+      }
+    ),
+  },
+  {
+    key: 'linux.advanced.artifacts.global.proxy_disable',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.linux.advanced.artifacts.global.proxy_disable',
+      {
+        defaultMessage:
+          'If the proxy setting should be used when downloading global artifact manifests. Default: false',
+      }
+    ),
+  },
+  {
+    key: 'linux.advanced.artifacts.user.proxy_url',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.linux.advanced.artifacts.user.proxy_url',
+      {
+        defaultMessage:
+          'Proxy server to use when downloading user artifact manifests. Default: none',
+      }
+    ),
+  },
+  {
+    key: 'linux.advanced.artifacts.user.proxy_disable',
+    first_supported_version: '8.8',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.linux.advanced.artifacts.user.proxy_disable',
+      {
+        defaultMessage:
+          'If the proxy setting should be used when downloading user artifact manifests. Default: false',
+      }
+    ),
+  },
 ];