github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 10:40:07 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/x-pack/plugins
History
Maryam Saeidi 41e54e7208
[AO] Save group information in AAD for the new threshold rule (#164087) 
Closes #161758

## Summary

In this PR, I am saving the groupings information for the new threshold
in AAD in a similar format as the security team does, you can check the
format in the following screenshots. (Please check this
[RFC](https://docs.google.com/document/d/1DlykydM8Hk7-VAPOcuoUXp0L_qSi2jCZabJkPdO44tQ/edit#heading=h.2b1v1tr0ep8m)
for more information)

### Alert as data document


![image](ce4d5000-3799-4dd7-9a04-d012f1cc5aca)

### Groupings action variable


![image](5a4aaff1-b9c5-44e8-86e5-9fa397b6af62)

### Alert table


![image](cfe1aaf1-475c-4d04-8726-b064c0905d55)

It is also possible to search based on these new variables:


f07b39c2-52e8-4f50-b713-577da7ab1c42
2023-10-02 15:42:35 +02:00
..
actions [Security solution] Rename Generative AI connector to OpenAI (#167677) 2023-09-29 11:54:55 -05:00
aiops [ML] AIOps: Additional props for Change Point embeddable (#167606) 2023-09-29 18:24:10 +02:00
alerting [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
apm [APM] Ensure APM data view is available across all spaces (#167704) 2023-10-02 13:01:23 +02:00
apm_data_access [APM] Paginate big traces (#165584) 2023-09-11 10:30:43 +02:00
asset_manager [Asset Manager] Creates baseline public asset client for use in public plugins (#167191) 2023-09-28 13:26:24 -07:00
banners
canvas [SecuritySolution] Security Solution Dashboard edit mode (#159486) 2023-10-02 06:37:40 -07:00
cases skip failing test suite (#146394) 2023-09-20 14:33:30 -05:00
cloud [Cloud plugin] Add projectId to the telemetry streams (#166527) 2023-09-19 09:54:00 +02:00
cloud_defend [Cloud Security] CODEOWNERS update (#164522) 2023-08-23 09:57:45 -07:00
cloud_integrations [Drift] Enable chat globally + A/B test for pages where the chat was available before (#167069) 2023-10-01 16:07:11 +02:00
cloud_security_posture [Cloud Security] Fix policy name increment (#167425) 2023-09-29 10:59:03 -07:00
cross_cluster_replication [config-schema] offeringBasedSchema helper (#163786) 2023-08-22 03:59:15 -07:00
custom_branding
dashboard_enhanced [Dashboard Navigation] Make links panel available under technical preview (#166896) 2023-09-29 08:25:51 -06:00
data_visualizer [Drift] Enable chat globally + A/B test for pages where the chat was available before (#167069) 2023-10-01 16:07:11 +02:00
discover_enhanced
drilldowns [Dashboard Navigation] Make links panel available under technical preview (#166896) 2023-09-29 08:25:51 -06:00
ecs_data_quality_dashboard [SecuritySolution] Data Quality dashboard in serverless (#163733) 2023-08-25 12:43:27 +01:00
elastic_assistant [Security solution] Rename Generative AI connector to OpenAI (#167677) 2023-09-29 11:54:55 -05:00
embeddable_enhanced
encrypted_saved_objects Prepare the Security domain HTTP APIs for Serverless (#162087) 2023-08-23 12:34:45 +02:00
enterprise_search [Drift] Enable chat globally + A/B test for pages where the chat was available before (#167069) 2023-10-01 16:07:11 +02:00
event_log Remove version from EventLog index name (#166820) 2023-09-26 14:17:37 +02:00
exploratory_view [Synthetics] Refactor cardinality test runs query (#166608) 2023-09-26 12:12:24 +02:00
features [Kibana] New "Saved Query Management" privilege to allow saving queries across Kibana (#166937) 2023-09-29 11:52:39 +02:00
file_upload [maps][file upload] remove number_of_shards index setting (#165390) 2023-09-06 13:20:11 -05:00
fleet [Fleet] Vastly improve performance of Fleet final pipeline's date formatting logic for event.ingested (#167318) 2023-10-02 08:26:21 -04:00
global_search
global_search_bar [Serverless] Chrome UI fixes (#164030) 2023-08-16 17:21:59 -04:00
global_search_providers [Logs+] Add Log Explorer profile deep link (#161939) 2023-07-24 21:23:58 +02:00
graph [Graph] Replace last KUI buttons with EUI ones (#166588) 2023-09-18 02:25:54 -07:00
grokdebugger [Serverless Search] Disable Grok debugger & Painless Lab (#165772) 2023-09-07 15:26:23 -07:00
index_lifecycle_management Upgrade EUI to v88.5.0 (#166868) 2023-09-27 13:04:45 -05:00
index_management [Index management] Data stream edit data retention (#167006) 2023-09-30 08:43:21 +02:00
infra [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
ingest_pipelines [Ingest pipelines] Improve copy of Reroute processor (#162996) 2023-08-15 11:56:10 +01:00
kubernetes_security [Cloud Security] CODEOWNERS update (#164522) 2023-08-23 09:57:45 -07:00
lens [SecuritySolution] Security Solution Dashboard edit mode (#159486) 2023-10-02 06:37:40 -07:00
license_api_guard
license_management Upgrade EUI to v88.5.0 (#166868) 2023-09-27 13:04:45 -05:00
licensing [kbn] Subscription tracking (cont.) (#157392) 2023-09-18 18:27:16 +02:00
lists [Security Solution][Endpoint] Adapt exception list api calls to versioned router (#165658) 2023-09-07 17:35:15 +02:00
log_explorer [Log Explorer] Implement Data Views tab into selector (#166938) 2023-09-28 12:21:35 +02:00
logs_shared [Logs Shared] Disable log view saved object registration for serverless (#165243) 2023-09-20 10:13:40 +02:00
logstash Migrate deprecated components in Logstash pipelines section. (#161512) 2023-09-27 13:44:32 -06:00
maps [Kibana] New "Saved Query Management" privilege to allow saving queries across Kibana (#166937) 2023-09-29 11:52:39 +02:00
metrics_data_access [apm] allow retrieval of metric indices (#167041) 2023-09-25 18:28:09 +02:00
ml [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
monitoring [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
monitoring_collection
notifications [ResponseOps][Alerting] Create xpack.actions.queued.max circuit breaker (#164632) 2023-09-07 06:59:01 -07:00
observability [AO] Save group information in AAD for the new threshold rule (#164087) 2023-10-02 15:42:35 +02:00
observability_ai_assistant [Security solution] Rename Generative AI connector to OpenAI (#167677) 2023-09-29 11:54:55 -05:00
observability_log_explorer [Log Explorer] Implement Data Views tab into selector (#166938) 2023-09-28 12:21:35 +02:00
observability_onboarding Bump cypress@13.3.0 (#162383) 2023-10-01 10:55:01 +02:00
observability_shared [Profiling] New settings to control CO2 calculation (#166637) 2023-09-30 02:25:55 -07:00
osquery [osquery] Setup E2E against Serverless ES, Kibana, Fleet server standalone and Elastic agents in Docker (#165415) 2023-09-29 03:33:06 -07:00
painless_lab [Serverless Search] Disable Grok debugger & Painless Lab (#165772) 2023-09-07 15:26:23 -07:00
profiling Bump cypress@13.3.0 (#162383) 2023-10-01 10:55:01 +02:00
profiling_data_access [Profiling] TS fixes (#167129) 2023-09-25 08:33:03 -07:00
remote_clusters [Remote Clusters] Update copy about port help text (#164442) 2023-08-23 09:28:24 +03:00
reporting Upgrade EUI to v88.5.0 (#166868) 2023-09-27 13:04:45 -05:00
rollup [data views] Disable rollup ui elements on serverless (#164098) 2023-09-06 13:52:02 -07:00
rule_registry [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
runtime_fields Changing where CodeEditor fields get useDarkMode value (#159638) 2023-07-11 14:02:42 -04:00
saved_objects_tagging [Tags] Prevent duplicates (#167072) 2023-09-28 09:53:31 -07:00
screenshotting chore: update elastic-agent-nodejs to v4 (#165483) 2023-09-13 12:56:39 +02:00
searchprofiler [Search Profiler] Migrate all usages of EuiPage*_Deprecated (#163131) 2023-09-22 11:55:34 -04:00
security Migrates all security and spaces usage of deprecated Eui Page components (#167078) 2023-09-29 14:33:32 -04:00
security_solution [SecuritySolution] Security Solution Dashboard edit mode (#159486) 2023-10-02 06:37:40 -07:00
security_solution_ess [Security Solution] Group contract components into one service (#167517) 2023-09-29 16:54:33 +02:00
security_solution_serverless [Security Solution] Group contract components into one service (#167517) 2023-09-29 16:54:33 +02:00
serverless [Serverless] Improve breadcrumbs in management (#166259) 2023-09-19 13:51:09 +02:00
serverless_observability Project Side Navigation: Use EuiCollapsibleNavBeta component (#164910) 2023-09-27 14:22:46 -07:00
serverless_search Project Side Navigation: Use EuiCollapsibleNavBeta component (#164910) 2023-09-27 14:22:46 -07:00
session_view [RAM] .es-query and .observability.rules.threshold RBAC (#166032) 2023-09-21 15:10:28 -07:00
snapshot_restore fix type import 2023-09-27 15:37:16 -05:00
spaces Migrates all security and spaces usage of deprecated Eui Page components (#167078) 2023-09-29 14:33:32 -04:00
stack_alerts [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
stack_connectors [Security solution] Rename Generative AI connector to OpenAI (#167677) 2023-09-29 11:54:55 -05:00
synthetics [Synthetics] Fix Private Locations form validation (#167647) 2023-10-02 12:55:35 +02:00
task_manager [RAM] Mark disabled alerts as Untracked in both Stack and o11y (#164788) 2023-09-27 15:28:03 -07:00
telemetry_collection_xpack Risk score engine telemetry (#166787) 2023-09-29 06:46:05 +02:00
threat_intelligence Upgrading cypress to 12.17.4 (#165869) 2023-09-19 10:15:53 -07:00
timelines [Security Solution][Serverless] Add schema validation to Search Strategies in security solution & timelines (#162539) 2023-09-21 07:57:00 +02:00
transform [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
translations [Security Solution][Detection Engine] adds ES|QL rule type to Security Detections rules (#165450) 2023-09-30 09:45:34 +01:00
triggers_actions_ui [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
upgrade_assistant [config-schema] offeringBasedSchema helper (#163786) 2023-08-22 03:59:15 -07:00
uptime [RAM][Maintenance Window] Add maintenance window solution selection. (#166781) 2023-10-02 09:20:53 +01:00
ux [Infra] Disable infra plugin in serverless projects (#165289) 2023-09-08 15:05:28 +02:00
watcher Upgrade EUI to v88.2.0 (#165790) 2023-09-12 08:51:07 -07:00