github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/x-pack/test/detection_engine_api_integration
History
Khristinin Nikita 98a81d1b5e
Risk score engine telemetry (#166787) 
## Summary

Implement risk score engine telemetry

Here we use 2 types of telemetry:

Event base telemetry:
- Risk execution success. With parameters `scoresWritten`,
`taskCompletionTimeSeconds`, `isRunMoreThanInteval`
- Risk execution error

Usage telemetry:

- `unique_user_risk_score_total` and `unique_host_risk_score_total` -
Total amount from latest transform index for host and users
- `unique_user_risk_score_day` and `unique_host_risk_score_day` - Last
day amount from the latest transform index for host and users
- `all_host_risk_scores_total` and `all_user_risk_scores_total` - Total
amount from datastream for all risk executions for host and users
- `all_host_risk_scores_total_day` and `all_user_risk_scores_total_day`
- Last day amount from datastream for all risk executions for host and
users
- `all_risk_scores_index_size` and `unique_risk_scores_index_size` -
sizes of datastream of all risk scores and latest transform index

---------

Co-authored-by: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
2023-09-29 06:46:05 +02:00
..
basic [ResponseOps] use Data Streams for AAD indices in serverless (#160572) 2023-08-30 11:12:56 -04:00
common [Security Solution] Coverage Overview follow-up 2 (#164986) 2023-08-28 13:39:20 -07:00
security_and_spaces Risk score engine telemetry (#166787) 2023-09-29 06:46:05 +02:00
utils Risk score engine telemetry (#166787) 2023-09-29 06:46:05 +02:00