[Getting Started] Adding a prominent CTA button#12003
Merged
ycombinator merged 1 commit intoelastic:masterfrom May 25, 2017
Merged
[Getting Started] Adding a prominent CTA button#12003ycombinator merged 1 commit intoelastic:masterfrom
ycombinator merged 1 commit intoelastic:masterfrom
Conversation
- Removing "I'm a pro" link from top right. - Adding "Got it, take me to Kibana" button at bottom center. - De-emphasizing demo site.
chrisronline
approved these changes
May 25, 2017
Contributor
chrisronline
left a comment
chrisronline
left a comment
There was a problem hiding this comment.
LGTM, just one question
| > | ||
| <span class="kuiButton__inner"> | ||
| <span>View the demo site</span> | ||
| <span>Got it, take me to Kibana</span> |
Contributor
There was a problem hiding this comment.
Do these not need to be localized?
Contributor
Author
There was a problem hiding this comment.
Yes, they should be! Rather than increase the scope of this PR, I'll do the localization in a new PR. I've created #12004 to track it. Thanks!
ycombinator
added a commit
that referenced
this pull request
May 25, 2017
- Removing "I'm a pro" link from top right. - Adding "Got it, take me to Kibana" button at bottom center. - De-emphasizing demo site.
Contributor
Author
|
Backported to:
|
snide
pushed a commit
to snide/kibana
that referenced
this pull request
May 30, 2017
- Removing "I'm a pro" link from top right. - Adding "Got it, take me to Kibana" button at bottom center. - De-emphasizing demo site.
ycombinator
added a commit
to ycombinator/kibana
that referenced
this pull request
Jun 3, 2017
This reverts commit aa3fa06.
ycombinator
added a commit
that referenced
this pull request
Jun 5, 2017
* Revert "When on an embedded page, bypass Getting Started gate check (#12040)" This reverts commit 05293f1. * Revert "Making tweaks. (#12003)" This reverts commit aa3fa06. * Revert "Functional tests for the Getting Started page (#11850)" This reverts commit 099178a. * Revert "Prevent flicker on Getting Started page (#11826)" This reverts commit c4b3ade. * Revert "Getting Started page (#11805)" This reverts commit 32eff37. * Remove check for Getting Started page from navigateToApp
ycombinator
added a commit
that referenced
this pull request
Jun 5, 2017
* Revert "When on an embedded page, bypass Getting Started gate check (#12040)" This reverts commit 05293f1. * Revert "Making tweaks. (#12003)" This reverts commit aa3fa06. * Revert "Functional tests for the Getting Started page (#11850)" This reverts commit 099178a. * Revert "Prevent flicker on Getting Started page (#11826)" This reverts commit c4b3ade. * Revert "Getting Started page (#11805)" This reverts commit 32eff37. * Remove check for Getting Started page from navigateToApp
PopradiArpad
pushed a commit
to PopradiArpad/kibana
that referenced
this pull request
Jun 6, 2017
* Revert "When on an embedded page, bypass Getting Started gate check (elastic#12040)" This reverts commit 05293f1. * Revert "Making tweaks. (elastic#12003)" This reverts commit aa3fa06. * Revert "Functional tests for the Getting Started page (elastic#11850)" This reverts commit 099178a. * Revert "Prevent flicker on Getting Started page (elastic#11826)" This reverts commit c4b3ade. * Revert "Getting Started page (elastic#11805)" This reverts commit 32eff37. * Remove check for Getting Started page from navigateToApp
e40pud
added a commit
to e40pud/kibana
that referenced
this pull request
Apr 1, 2025
e40pud
added a commit
that referenced
this pull request
Apr 10, 2025
…ement (#12003) (#216656) ## Summary Main ticket ([Internal link](elastic/security-team#12003)) To allow users to schedule Attack Discovery generations, we will use either [Alerting Framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html). These changes add functionality to manage new alerts type - Attack Discovery Schedule. ### Introduced endpoints - **Create** AD scheduling rule route: `POST /internal/elastic_assistant/attack_discovery/schedules` - **Read/Get** AD scheduling rule by id route: `GET /internal/elastic_assistant/attack_discovery/schedules/{id}` - **Update** AD scheduling rule by id route: `PUT /internal/elastic_assistant/attack_discovery/schedules/{id}` - **Delete** AD scheduling rule by id route: `DELETE /internal/elastic_assistant/attack_discovery/schedules/{id}` - **Enable** AD scheduling rule by id route: `POST /internal/elastic_assistant/attack_discovery/schedules/{id}/_enable` - **Disable** AD scheduling rule by id route: `POST /internal/elastic_assistant/attack_discovery/schedules/{id}/_disable` - **Find** all existing AD scheduling rules route: `GET /internal/elastic_assistant/attack_discovery/schedules/_find` ## NOTES The feature is hidden behind the feature flag: > xpack.securitySolution.enableExperimental: ['assistantAttackDiscoverySchedulingEnabled'] ## cURL examples <details> <summary>Create AD scheduling rule route</summary> ```curl curl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' \ --header 'Content-Type: application/json' \ --data '{ "name": "Test Schedule", "schedule": { "interval": "10m" }, "params": { "alertsIndexPattern": ".alerts-security.alerts-default", "apiConfig": { "connectorId": "gpt-4o", "actionTypeId": ".gen-ai" }, "end": "now", "size": 100, "start": "now-24h" } }' ``` </details> <details> <summary>Read/Get AD scheduling rule by id route</summary> ```curl curl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> <details> <summary>Update AD scheduling rule by id route</summary> ```curl curl --location --request PUT 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' \ --header 'Content-Type: application/json' \ --data '{ "name": "Test Schedule - Updated", "schedule": { "interval": "123m" }, "params": { "alertsIndexPattern": ".alerts-security.alerts-default", "apiConfig": { "connectorId": "gpt-4o", "actionTypeId": ".gen-ai" }, "end": "now", "size": 35, "start": "now-24h" }, "actions": [] }' ``` </details> <details> <summary>Delete AD scheduling rule by id route</summary> ```curl curl --location --request DELETE 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> <details> <summary>Enable AD scheduling rule by id route</summary> ```curl curl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_enable' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> <details> <summary>Disable AD scheduling rule by id route</summary> ```curl curl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_disable' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> <details> <summary>Find all existing AD scheduling rules route</summary> ```curl curl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/_find' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
e40pud
added a commit
to e40pud/kibana
that referenced
this pull request
Apr 10, 2025
…ement (elastic#12003) (elastic#216656) ## Summary Main ticket ([Internal link](elastic/security-team#12003)) To allow users to schedule Attack Discovery generations, we will use either [Alerting Framework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html). These changes add functionality to manage new alerts type - Attack Discovery Schedule. ### Introduced endpoints - **Create** AD scheduling rule route: `POST /internal/elastic_assistant/attack_discovery/schedules` - **Read/Get** AD scheduling rule by id route: `GET /internal/elastic_assistant/attack_discovery/schedules/{id}` - **Update** AD scheduling rule by id route: `PUT /internal/elastic_assistant/attack_discovery/schedules/{id}` - **Delete** AD scheduling rule by id route: `DELETE /internal/elastic_assistant/attack_discovery/schedules/{id}` - **Enable** AD scheduling rule by id route: `POST /internal/elastic_assistant/attack_discovery/schedules/{id}/_enable` - **Disable** AD scheduling rule by id route: `POST /internal/elastic_assistant/attack_discovery/schedules/{id}/_disable` - **Find** all existing AD scheduling rules route: `GET /internal/elastic_assistant/attack_discovery/schedules/_find` ## NOTES The feature is hidden behind the feature flag: > xpack.securitySolution.enableExperimental: ['assistantAttackDiscoverySchedulingEnabled'] ## cURL examples <details> <summary>Create AD scheduling rule route</summary> ```curl curl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' \ --header 'Content-Type: application/json' \ --data '{ "name": "Test Schedule", "schedule": { "interval": "10m" }, "params": { "alertsIndexPattern": ".alerts-security.alerts-default", "apiConfig": { "connectorId": "gpt-4o", "actionTypeId": ".gen-ai" }, "end": "now", "size": 100, "start": "now-24h" } }' ``` </details> <details> <summary>Read/Get AD scheduling rule by id route</summary> ```curl curl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> <details> <summary>Update AD scheduling rule by id route</summary> ```curl curl --location --request PUT 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' \ --header 'Content-Type: application/json' \ --data '{ "name": "Test Schedule - Updated", "schedule": { "interval": "123m" }, "params": { "alertsIndexPattern": ".alerts-security.alerts-default", "apiConfig": { "connectorId": "gpt-4o", "actionTypeId": ".gen-ai" }, "end": "now", "size": 35, "start": "now-24h" }, "actions": [] }' ``` </details> <details> <summary>Delete AD scheduling rule by id route</summary> ```curl curl --location --request DELETE 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> <details> <summary>Enable AD scheduling rule by id route</summary> ```curl curl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_enable' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> <details> <summary>Disable AD scheduling rule by id route</summary> ```curl curl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_disable' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> <details> <summary>Find all existing AD scheduling rules route</summary> ```curl curl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/_find' \ --header 'kbn-xsrf: true' \ --header 'elastic-api-version: 1' \ --header 'x-elastic-internal-origin: security-solution' ``` </details> --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> (cherry picked from commit fc11ca9) # Conflicts: # x-pack/solutions/security/plugins/elastic_assistant/server/types.ts
e40pud
added a commit
that referenced
this pull request
Apr 10, 2025
… management (#12003) (#216656) (#217794) # Backport This will backport the following commits from `main` to `8.x`: - [[Attack Discovery][Scheduling] Attack Discovery scheduling rule management (#12003) (#216656)](#216656) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Ievgen Sorokopud","email":"ievgen.sorokopud@elastic.co"},"sourceCommit":{"committedDate":"2025-04-10T09:03:04Z","message":"[Attack Discovery][Scheduling] Attack Discovery scheduling rule management (#12003) (#216656)\n\n## Summary\n\nMain ticket ([Internal\nlink](https://github.com/elastic/security-team/issues/12003))\n\nTo allow users to schedule Attack Discovery generations, we will use\neither [Alerting\nFramework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html).\nThese changes add functionality to manage new alerts type - Attack\nDiscovery Schedule.\n\n### Introduced endpoints\n\n- **Create** AD scheduling rule route: `POST\n/internal/elastic_assistant/attack_discovery/schedules`\n- **Read/Get** AD scheduling rule by id route: `GET\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Update** AD scheduling rule by id route: `PUT\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Delete** AD scheduling rule by id route: `DELETE\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Enable** AD scheduling rule by id route: `POST\n/internal/elastic_assistant/attack_discovery/schedules/{id}/_enable`\n- **Disable** AD scheduling rule by id route: `POST\n/internal/elastic_assistant/attack_discovery/schedules/{id}/_disable`\n- **Find** all existing AD scheduling rules route: `GET\n/internal/elastic_assistant/attack_discovery/schedules/_find`\n\n## NOTES\n\nThe feature is hidden behind the feature flag:\n\n> xpack.securitySolution.enableExperimental:\n['assistantAttackDiscoverySchedulingEnabled']\n\n## cURL examples\n\n<details>\n <summary>Create AD scheduling rule route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution' \\\n--header 'Content-Type: application/json' \\\n--data '{\n \"name\": \"Test Schedule\",\n \"schedule\": {\n \"interval\": \"10m\"\n },\n \"params\": {\n \"alertsIndexPattern\": \".alerts-security.alerts-default\",\n \"apiConfig\": {\n \"connectorId\": \"gpt-4o\",\n \"actionTypeId\": \".gen-ai\"\n },\n \"end\": \"now\",\n \"size\": 100,\n \"start\": \"now-24h\"\n }\n}'\n```\n\n</details>\n\n<details>\n <summary>Read/Get AD scheduling rule by id route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Update AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request PUT 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution' \\\n--header 'Content-Type: application/json' \\\n--data '{\n \"name\": \"Test Schedule - Updated\",\n \"schedule\": {\n \"interval\": \"123m\"\n },\n \"params\": {\n \"alertsIndexPattern\": \".alerts-security.alerts-default\",\n \"apiConfig\": {\n \"connectorId\": \"gpt-4o\",\n \"actionTypeId\": \".gen-ai\"\n },\n \"end\": \"now\",\n \"size\": 35,\n \"start\": \"now-24h\"\n },\n \"actions\": []\n}'\n```\n\n</details>\n\n<details>\n <summary>Delete AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request DELETE 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Enable AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_enable' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Disable AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_disable' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Find all existing AD scheduling rules route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/_find' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"fc11ca94f58c62a9accfa47019b539826c9afa1b","branchLabelMapping":{"^v9.1.0$":"main","^v8.19.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team: SecuritySolution","Team:Security Generative AI","backport:version","v9.1.0","v8.19.0"],"title":"[Attack Discovery][Scheduling] Attack Discovery scheduling rule management (#12003)","number":216656,"url":"https://github.com/elastic/kibana/pull/216656","mergeCommit":{"message":"[Attack Discovery][Scheduling] Attack Discovery scheduling rule management (#12003) (#216656)\n\n## Summary\n\nMain ticket ([Internal\nlink](https://github.com/elastic/security-team/issues/12003))\n\nTo allow users to schedule Attack Discovery generations, we will use\neither [Alerting\nFramework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html).\nThese changes add functionality to manage new alerts type - Attack\nDiscovery Schedule.\n\n### Introduced endpoints\n\n- **Create** AD scheduling rule route: `POST\n/internal/elastic_assistant/attack_discovery/schedules`\n- **Read/Get** AD scheduling rule by id route: `GET\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Update** AD scheduling rule by id route: `PUT\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Delete** AD scheduling rule by id route: `DELETE\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Enable** AD scheduling rule by id route: `POST\n/internal/elastic_assistant/attack_discovery/schedules/{id}/_enable`\n- **Disable** AD scheduling rule by id route: `POST\n/internal/elastic_assistant/attack_discovery/schedules/{id}/_disable`\n- **Find** all existing AD scheduling rules route: `GET\n/internal/elastic_assistant/attack_discovery/schedules/_find`\n\n## NOTES\n\nThe feature is hidden behind the feature flag:\n\n> xpack.securitySolution.enableExperimental:\n['assistantAttackDiscoverySchedulingEnabled']\n\n## cURL examples\n\n<details>\n <summary>Create AD scheduling rule route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution' \\\n--header 'Content-Type: application/json' \\\n--data '{\n \"name\": \"Test Schedule\",\n \"schedule\": {\n \"interval\": \"10m\"\n },\n \"params\": {\n \"alertsIndexPattern\": \".alerts-security.alerts-default\",\n \"apiConfig\": {\n \"connectorId\": \"gpt-4o\",\n \"actionTypeId\": \".gen-ai\"\n },\n \"end\": \"now\",\n \"size\": 100,\n \"start\": \"now-24h\"\n }\n}'\n```\n\n</details>\n\n<details>\n <summary>Read/Get AD scheduling rule by id route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Update AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request PUT 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution' \\\n--header 'Content-Type: application/json' \\\n--data '{\n \"name\": \"Test Schedule - Updated\",\n \"schedule\": {\n \"interval\": \"123m\"\n },\n \"params\": {\n \"alertsIndexPattern\": \".alerts-security.alerts-default\",\n \"apiConfig\": {\n \"connectorId\": \"gpt-4o\",\n \"actionTypeId\": \".gen-ai\"\n },\n \"end\": \"now\",\n \"size\": 35,\n \"start\": \"now-24h\"\n },\n \"actions\": []\n}'\n```\n\n</details>\n\n<details>\n <summary>Delete AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request DELETE 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Enable AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_enable' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Disable AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_disable' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Find all existing AD scheduling rules route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/_find' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"fc11ca94f58c62a9accfa47019b539826c9afa1b"}},"sourceBranch":"main","suggestedTargetBranches":["8.x"],"targetPullRequestStates":[{"branch":"main","label":"v9.1.0","branchLabelMappingKey":"^v9.1.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/216656","number":216656,"mergeCommit":{"message":"[Attack Discovery][Scheduling] Attack Discovery scheduling rule management (#12003) (#216656)\n\n## Summary\n\nMain ticket ([Internal\nlink](https://github.com/elastic/security-team/issues/12003))\n\nTo allow users to schedule Attack Discovery generations, we will use\neither [Alerting\nFramework](https://www.elastic.co/guide/en/kibana/current/alerting-getting-started.html).\nThese changes add functionality to manage new alerts type - Attack\nDiscovery Schedule.\n\n### Introduced endpoints\n\n- **Create** AD scheduling rule route: `POST\n/internal/elastic_assistant/attack_discovery/schedules`\n- **Read/Get** AD scheduling rule by id route: `GET\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Update** AD scheduling rule by id route: `PUT\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Delete** AD scheduling rule by id route: `DELETE\n/internal/elastic_assistant/attack_discovery/schedules/{id}`\n- **Enable** AD scheduling rule by id route: `POST\n/internal/elastic_assistant/attack_discovery/schedules/{id}/_enable`\n- **Disable** AD scheduling rule by id route: `POST\n/internal/elastic_assistant/attack_discovery/schedules/{id}/_disable`\n- **Find** all existing AD scheduling rules route: `GET\n/internal/elastic_assistant/attack_discovery/schedules/_find`\n\n## NOTES\n\nThe feature is hidden behind the feature flag:\n\n> xpack.securitySolution.enableExperimental:\n['assistantAttackDiscoverySchedulingEnabled']\n\n## cURL examples\n\n<details>\n <summary>Create AD scheduling rule route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution' \\\n--header 'Content-Type: application/json' \\\n--data '{\n \"name\": \"Test Schedule\",\n \"schedule\": {\n \"interval\": \"10m\"\n },\n \"params\": {\n \"alertsIndexPattern\": \".alerts-security.alerts-default\",\n \"apiConfig\": {\n \"connectorId\": \"gpt-4o\",\n \"actionTypeId\": \".gen-ai\"\n },\n \"end\": \"now\",\n \"size\": 100,\n \"start\": \"now-24h\"\n }\n}'\n```\n\n</details>\n\n<details>\n <summary>Read/Get AD scheduling rule by id route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Update AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request PUT 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution' \\\n--header 'Content-Type: application/json' \\\n--data '{\n \"name\": \"Test Schedule - Updated\",\n \"schedule\": {\n \"interval\": \"123m\"\n },\n \"params\": {\n \"alertsIndexPattern\": \".alerts-security.alerts-default\",\n \"apiConfig\": {\n \"connectorId\": \"gpt-4o\",\n \"actionTypeId\": \".gen-ai\"\n },\n \"end\": \"now\",\n \"size\": 35,\n \"start\": \"now-24h\"\n },\n \"actions\": []\n}'\n```\n\n</details>\n\n<details>\n <summary>Delete AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request DELETE 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Enable AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_enable' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Disable AD scheduling rule by id route</summary>\n\n```curl\ncurl --location --request POST 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/{id}/_disable' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n<details>\n <summary>Find all existing AD scheduling rules route</summary>\n\n```curl\ncurl --location 'http://localhost:5601/internal/elastic_assistant/attack_discovery/schedules/_find' \\\n--header 'kbn-xsrf: true' \\\n--header 'elastic-api-version: 1' \\\n--header 'x-elastic-internal-origin: security-solution'\n```\n\n</details>\n\n---------\n\nCo-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>","sha":"fc11ca94f58c62a9accfa47019b539826c9afa1b"}},{"branch":"8.x","label":"v8.19.0","branchLabelMappingKey":"^v8.19.0$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR:
Resolves #11809.
Before this PR
After this PR