github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 09:19:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

Populate kibana.alert.uuid in eql sequence alerts (#125890) (#125898)

Browse source 
(cherry picked from commit 01a87e040b)

Co-authored-by: Marshall Main <55718608+marshallmain@users.noreply.github.com>
This commit is contained in:
Kibana Machine 2022-02-17 02:43:32 -05:00 committed by GitHub
parent 2c775e32a0
commit 75a523d66c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
x-pack/plugins/security_solution/server/lib/detection_engine/rule_types/factories/utils/build_alert_group_from_sequence.ts
View file

@ -71,8 +71,9 @@ export const buildAlertGroupFromSequence = (
// we can build the signal that links the building blocks together
// and also insert the group id (which is also the "shell" signal _id) in each building block
const doc = buildAlertRoot(wrappedBuildingBlocks, completeRule, spaceId, buildReasonMessage);
const sequenceAlertId = generateAlertId(doc);
const sequenceAlert = {
_id: generateAlertId(doc),
_id: sequenceAlertId,
_index: '',
_source: doc,
};
@ -82,6 +83,8 @@ export const buildAlertGroupFromSequence = (
block._source[ALERT_GROUP_INDEX] = i;
});
sequenceAlert._source[ALERT_UUID] = sequenceAlertId;
return [...wrappedBuildingBlocks, sequenceAlert];
};