Skip to content

[Security Solution] Exclude cold and frozen tiers in analyzer queries#172162

Merged
lgestc merged 2 commits intoelastic:mainfrom
lgestc:analyzer_exclude_cold_and_frozen_tiers
Dec 4, 2023
Merged

[Security Solution] Exclude cold and frozen tiers in analyzer queries#172162
lgestc merged 2 commits intoelastic:mainfrom
lgestc:analyzer_exclude_cold_and_frozen_tiers

Conversation

@lgestc
Copy link
Contributor

@lgestc lgestc commented Nov 29, 2023
edited by kibanamachine
Loading

Summary

This PR is a starting point for fixing issues about cold and frozen tiers hits in analyzer.

It introduces another filter to analyzer queries, preventing us from hitting beforementioned documents.

Relevant setting:

image

@lgestc lgestc requested a review from a team as a code owner November 29, 2023 13:08
@lgestc lgestc added release_note:feature Makes this part of the condensed release notes release_note:enhancement 8.12 candidate backport:prev-minor Team:Threat Hunting:Investigations Security Solution Threat Hunting Investigations Team and removed release_note:feature Makes this part of the condensed release notes labels Nov 29, 2023
@lgestc lgestc changed the title exclude cold and frozen tiers [Security Solution] Exclude cold and frozen tiers in analyzer queries Nov 29, 2023
@lgestc lgestc force-pushed the analyzer_exclude_cold_and_frozen_tiers branch from 05e7019 to 81e7115 Compare November 29, 2023 16:39
@lgestc lgestc requested review from a team as code owners November 29, 2023 16:39
kqualters-elastic
kqualters-elastic approved these changes Nov 29, 2023
View reviewed changes
Copy link
Contributor

@kqualters-elastic kqualters-elastic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙌 looks great. related issue #170253

@lgestc lgestc force-pushed the analyzer_exclude_cold_and_frozen_tiers branch from 81e7115 to 12445d5 Compare November 29, 2023 18:39
@lgestc lgestc requested review from a team as code owners November 29, 2023 18:39
PhilippeOberti
PhilippeOberti approved these changes Nov 29, 2023
View reviewed changes
Copy link
Contributor

@PhilippeOberti PhilippeOberti left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Woohoom thanks @lgestc, I'm going to link this PR on my SDH :)

@lgestc lgestc force-pushed the analyzer_exclude_cold_and_frozen_tiers branch from 12445d5 to 9b2417b Compare December 1, 2023 11:20
@lgestc lgestc enabled auto-merge (squash) December 1, 2023 12:31
@kibana-ci
Copy link

kibana-ci commented Dec 1, 2023

💚 Build Succeeded

Metrics [docs]

Unknown metric groups

API count

id before after diff
@kbn/management-settings-ids 131 132 +1

History

  • 💚 Build #180202 succeeded 12445d5687ab7e87256574339209f9fab067952e
  • 💔 Build #180144 failed 81e7115ada0afda1aaa802051c5e9b626ae39e49
  • 💛 Build #180010 was flaky 05e7019445552c38ea417a3c4e75c63f730a5f01

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

patrykkopycinski
patrykkopycinski approved these changes Dec 4, 2023
View reviewed changes
Copy link
Contributor

@patrykkopycinski patrykkopycinski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you 🙇

@lgestc lgestc merged commit 20160a8 into elastic:main Dec 4, 2023
@kibanamachine
Copy link
Contributor

kibanamachine commented Dec 4, 2023

💔 All backports failed

Status Branch Result
8.11 Backport failed because of merge conflicts

Manual backport

To create the backport manually run:

node scripts/backport --pr 172162

Questions ?

Please refer to the Backport tool documentation

@michaelolo24 michaelolo24 added the release_note:feature Makes this part of the condensed release notes label Dec 4, 2023
@lgestc lgestc mentioned this pull request Dec 5, 2023
Closed
@111andre111 111andre111 mentioned this pull request Dec 13, 2023
Closed
@stefnestor stefnestor mentioned this pull request Jun 15, 2024
Merged
@kibanamachine kibanamachine added the backport missing Added to PRs automatically when the are determined to be missing a backport. label Jul 11, 2024
@kibanamachine
Copy link
Contributor

kibanamachine commented Jul 11, 2024

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add the label auto-backport or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 172162 locally

@stefnestor stefnestor mentioned this pull request Jul 15, 2024
Merged
This was referenced Aug 9, 2024
Merged
Merged
@kibanamachine
Copy link
Contributor

kibanamachine commented Aug 31, 2024

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add the label auto-backport or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 172162 locally

2 similar comments
@kibanamachine
Copy link
Contributor

kibanamachine commented Sep 30, 2024

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add the label auto-backport or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 172162 locally

@kibanamachine
Copy link
Contributor

kibanamachine commented Sep 30, 2024

Friendly reminder: Looks like this PR hasn’t been backported yet.
To create automatically backports add the label auto-backport or prevent reminders by adding the backport:skip label.
You can also create backports manually by running node scripts/backport --pr 172162 locally

@jbudz jbudz added the backport:skip This PR does not require backporting label Sep 30, 2024
@kibanamachine kibanamachine removed the backport missing Added to PRs automatically when the are determined to be missing a backport. label Sep 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sabarasaba sabarasaba sabarasaba approved these changes

@pgayvallet pgayvallet pgayvallet approved these changes

@patrykkopycinski patrykkopycinski patrykkopycinski approved these changes

@PhilippeOberti PhilippeOberti PhilippeOberti approved these changes

@kqualters-elastic kqualters-elastic kqualters-elastic approved these changes

@ashokaditya ashokaditya Awaiting requested review from ashokaditya ashokaditya was automatically assigned from elastic/security-defend-workflows

@tomsonpl tomsonpl Awaiting requested review from tomsonpl tomsonpl was automatically assigned from elastic/security-defend-workflows

Assignees

No one assigned

Labels

8.12 candidate backport:skip This PR does not require backporting needs_docs release_note:enhancement release_note:feature Makes this part of the condensed release notes Team:Threat Hunting:Investigations Security Solution Threat Hunting Investigations Team v8.12.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

10 participants

@lgestc @kibana-ci @kibanamachine @sabarasaba @pgayvallet @patrykkopycinski @PhilippeOberti @kqualters-elastic @jbudz @michaelolo24