github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Security Solution][Detections][Threshold Rules] Add threshold_result to alert notification context (#95354) (#96315)

Browse source 
* Don't remove threshold_result from _source prematurely

* Fix type error

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
# Conflicts:
#	x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.ts

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
This commit is contained in:
Madison Caldwell 2021-04-13 10:34:40 -04:00 committed by GitHub
parent 1eacc79f7e
commit ee2750a93e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
x-pack/plugins/security_solution/server/lib/detection_engine/signals/build_bulk_body.ts
View file

@ -73,10 +73,12 @@ export const buildBulkBody = ({
...buildSignal([doc], rule),
...additionalSignalFields(doc),
};
delete doc._source.threshold_result;
const event = buildEventTypeSignal(doc);
const { threshold_result: thresholdResult, ...filteredSource } = doc._source || {
threshold_result: null,
};
const signalHit: SignalHit = {
...doc._source,
...filteredSource,
'@timestamp': new Date().toISOString(),
event,
signal,