Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] User can make Exceptions for Behavior Protection alerts #106853

Merged
merged 19 commits into from
Aug 12, 2021
Merged

[Security Solution] User can make Exceptions for Behavior Protection alerts #106853

merged 19 commits into from
Aug 12, 2021

Conversation

academo
Copy link
Contributor

@academo academo commented Jul 27, 2021
edited
Loading

Summary

  • Adds a feature to allow users to create behavior protection alert exceptions
  • Adds behavior protection alerts generation to the generate data script for security solutions

Checklist

Delete any items that are not applicable to this PR.

For maintainers

@academo academo added v8.0.0 Team:Defend Workflows “EDR Workflows” sub-team of Security Solution release_note:feature Makes this part of the condensed release notes auto-backport Deprecated - use backport:version if exact versions are needed v7.15.0 labels Jul 27, 2021
@academo academo marked this pull request as ready for review August 3, 2021 09:29
@academo academo requested review from a team as code owners August 3, 2021 09:29
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-onboarding-and-lifecycle-mgt (Team:Onboarding and Lifecycle Mgt)

@academo academo mentioned this pull request Aug 9, 2021
Merged
@academo academo requested review from paul-tavares and removed request for parkiino August 10, 2021 07:52
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 6.5MB 6.5MB +6.7KB

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

paul-tavares
paul-tavares approved these changes Aug 11, 2021
View reviewed changes
Copy link
Contributor

@paul-tavares paul-tavares left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me, but you should really get a 👍 from someone who is more familiar with exceptions and ECS based on the changes you made.

joeypoon
joeypoon approved these changes Aug 11, 2021
View reviewed changes
Copy link
Member

@joeypoon joeypoon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good but I feel the same as Paul. Contextually I'm not that familiar here.

@academo academo merged commit 997e9ec into elastic:master Aug 12, 2021
@academo academo deleted the feature/behaviour-protection-exceptions-1398 branch August 12, 2021 07:14
@kibanamachine kibanamachine mentioned this pull request Aug 12, 2021
Merged
@kibanamachine
Copy link
Contributor

💚 Backport successful

Status Branch Result
7.x

This backport PR will be merged automatically after passing CI.

kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Aug 12, 2021
@academo @kibanamachine
[Security Solution] User can make Exceptions for Behavior Protection …
c7387a8 
…alerts (elastic#106853)
kibanamachine added a commit that referenced this pull request Aug 12, 2021
@kibanamachine @academo
[Security Solution] User can make Exceptions for Behavior Protection …
c92f119 
…alerts (#106853) (#108326)

Co-authored-by: Esteban Beltran <academo@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joeypoon joeypoon joeypoon approved these changes

@paul-tavares paul-tavares paul-tavares approved these changes

Assignees
No one assigned
Labels
auto-backport Deprecated - use backport:version if exact versions are needed release_note:feature Makes this part of the condensed release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v7.15.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@academo @elasticmachine @kibanamachine @joeypoon @paul-tavares