[Security Solution] Add detection rules customization status for telemetry snapshot#237583
Merged
banderror merged 1 commit intoelastic:mainfrom Oct 14, 2025
Merged
Conversation
jkelas
force-pushed
the
140369_req_2_customization_status_telemetry
branch
6 times, most recently
from
96cc9de to
c91b984
Compare
jkelas
changed the title
jkelas
added
release_note:skip
Contributor
|
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
Contributor
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
Contributor
|
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management) |
36 tasks
jkelas
force-pushed
the
140369_req_2_customization_status_telemetry
branch
from
c91b984 to
9c5fee8
Compare
maximpn
reviewed
Oct 8, 2025
x-pack/platform/plugins/private/telemetry_collection_xpack/schema/xpack_security.json
Outdated
Show resolved
Hide resolved
...api_integration/test_suites/detections_response/utils/rules/prebuilt_rules/customize_rule.ts
Outdated
Show resolved
Hide resolved
...ity/plugins/security_solution/server/usage/detections/rules/get_rule_customization_status.ts
Outdated
Show resolved
Hide resolved
...ity/plugins/security_solution/server/usage/detections/rules/get_rule_customization_status.ts
Outdated
Show resolved
Hide resolved
Contributor
|
@elasticmachine run docs-build |
Contributor
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]
History
cc @jkelas |
banderror
force-pushed
the
140369_req_2_customization_status_telemetry
branch
from
7f5b4f3 to
ca4c8b0
Compare
Contributor
|
/ci |
Contributor
|
@elasticmachine run docs-build |
Contributor
|
Starting backport for target branches: 8.18, 8.19, 9.1, 9.2 https://github.com/elastic/kibana/actions/runs/18505607358 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Oct 14, 2025
…metry snapshot (elastic#237583) **Partially addresses: elastic#140369** ## Summary This is another PR from of a series of PRs I am planning to create to cover the requirements in the elastic#140369 ticket. The requirement covered in this PR is: " Breakdown of which fields are being customized." Testing: Display the snapshot: ``` POST kbn:/internal/telemetry/clusters/_stats?apiVersion=2 { "unencrypted": true, "refreshCache": true } ``` Send the snapshot to staging telemetry cluster. ``` POST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true {} ``` Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co> (cherry picked from commit 1f41564)
Contributor
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
ersin-erdal
pushed a commit
to ersin-erdal/kibana
that referenced
this pull request
Oct 15, 2025
…metry snapshot (elastic#237583) **Partially addresses: elastic#140369** ## Summary This is another PR from of a series of PRs I am planning to create to cover the requirements in the elastic#140369 ticket. The requirement covered in this PR is: " Breakdown of which fields are being customized." Testing: Display the snapshot: ``` POST kbn:/internal/telemetry/clusters/_stats?apiVersion=2 { "unencrypted": true, "refreshCache": true } ``` Send the snapshot to staging telemetry cluster. ``` POST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true {} ``` Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
banderror
pushed a commit
to banderror/kibana
that referenced
this pull request
Oct 15, 2025
…metry snapshot (elastic#237583) **Partially addresses: elastic#140369** ## Summary This is another PR from of a series of PRs I am planning to create to cover the requirements in the elastic#140369 ticket. The requirement covered in this PR is: " Breakdown of which fields are being customized." Testing: Display the snapshot: ``` POST kbn:/internal/telemetry/clusters/_stats?apiVersion=2 { "unencrypted": true, "refreshCache": true } ``` Send the snapshot to staging telemetry cluster. ``` POST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true {} ``` Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co> (cherry picked from commit 1f41564) # Conflicts: # x-pack/solutions/security/plugins/security_solution/server/usage/detections/ml_jobs/get_metrics.mocks.ts # x-pack/solutions/security/plugins/security_solution/server/usage/detections/rules/get_initial_usage.ts # x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_upgrade_status.ts
banderror
pushed a commit
to banderror/kibana
that referenced
this pull request
Oct 15, 2025
…metry snapshot (elastic#237583) **Partially addresses: elastic#140369** ## Summary This is another PR from of a series of PRs I am planning to create to cover the requirements in the elastic#140369 ticket. The requirement covered in this PR is: " Breakdown of which fields are being customized." Testing: Display the snapshot: ``` POST kbn:/internal/telemetry/clusters/_stats?apiVersion=2 { "unencrypted": true, "refreshCache": true } ``` Send the snapshot to staging telemetry cluster. ``` POST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true {} ``` Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co> (cherry picked from commit 1f41564) # Conflicts: # x-pack/solutions/security/plugins/security_solution/server/usage/detections/ml_jobs/get_metrics.mocks.ts # x-pack/solutions/security/plugins/security_solution/server/usage/detections/rules/get_initial_usage.ts # x-pack/solutions/security/test/security_solution_api_integration/test_suites/detections_response/telemetry/trial_license_complete_tier/usage_collector/detection_rule_upgrade_status.ts
Contributor
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
Contributor
|
Not backporting to 8.18 as it doesn't seem there are any more patch releases planned for 8.18 + the main and 8.18 branches have diverged too much to backport it in a reasonable time. |
kibanamachine
added a commit
that referenced
this pull request
Oct 15, 2025
…r telemetry snapshot (#237583) (#238993) # Backport This will backport the following commits from `main` to `9.2`: - [[Security Solution] Add detection rules customization status for telemetry snapshot (#237583)](#237583) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Jacek Kolezynski","email":"jacek.kolezynski+gh@gmail.com"},"sourceCommit":{"committedDate":"2025-10-14T18:00:01Z","message":"[Security Solution] Add detection rules customization status for telemetry snapshot (#237583)\n\n**Partially addresses: #140369**\n\n## Summary\n\nThis is another PR from of a series of PRs I am planning to create to\ncover the requirements in the\nhttps://github.com//issues/140369 ticket.\n\n\nThe requirement covered in this PR is: \" Breakdown of which fields are\nbeing customized.\"\n\nTesting:\n\nDisplay the snapshot:\n```\nPOST kbn:/internal/telemetry/clusters/_stats?apiVersion=2\n{ \"unencrypted\": true, \"refreshCache\": true }\n```\n\nSend the snapshot to staging telemetry cluster.\n```\nPOST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true\n{}\n```\n\nCo-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>","sha":"1f4156499ff9f0e74efeac99e05fa8c2d54bf7e8","branchLabelMapping":{"^v9.3.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.2.0","v9.3.0","v9.1.6","v8.18.9","v8.19.6"],"title":"[Security Solution] Add detection rules customization status for telemetry snapshot","number":237583,"url":"https://github.com/elastic/kibana/pull/237583","mergeCommit":{"message":"[Security Solution] Add detection rules customization status for telemetry snapshot (#237583)\n\n**Partially addresses: #140369**\n\n## Summary\n\nThis is another PR from of a series of PRs I am planning to create to\ncover the requirements in the\nhttps://github.com//issues/140369 ticket.\n\n\nThe requirement covered in this PR is: \" Breakdown of which fields are\nbeing customized.\"\n\nTesting:\n\nDisplay the snapshot:\n```\nPOST kbn:/internal/telemetry/clusters/_stats?apiVersion=2\n{ \"unencrypted\": true, \"refreshCache\": true }\n```\n\nSend the snapshot to staging telemetry cluster.\n```\nPOST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true\n{}\n```\n\nCo-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>","sha":"1f4156499ff9f0e74efeac99e05fa8c2d54bf7e8"}},"sourceBranch":"main","suggestedTargetBranches":["9.2","9.1","8.18","8.19"],"targetPullRequestStates":[{"branch":"9.2","label":"v9.2.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.3.0","branchLabelMappingKey":"^v9.3.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/237583","number":237583,"mergeCommit":{"message":"[Security Solution] Add detection rules customization status for telemetry snapshot (#237583)\n\n**Partially addresses: #140369**\n\n## Summary\n\nThis is another PR from of a series of PRs I am planning to create to\ncover the requirements in the\nhttps://github.com//issues/140369 ticket.\n\n\nThe requirement covered in this PR is: \" Breakdown of which fields are\nbeing customized.\"\n\nTesting:\n\nDisplay the snapshot:\n```\nPOST kbn:/internal/telemetry/clusters/_stats?apiVersion=2\n{ \"unencrypted\": true, \"refreshCache\": true }\n```\n\nSend the snapshot to staging telemetry cluster.\n```\nPOST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true\n{}\n```\n\nCo-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>","sha":"1f4156499ff9f0e74efeac99e05fa8c2d54bf7e8"}},{"branch":"9.1","label":"v9.1.6","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.9","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.6","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
Contributor
|
Not backporting to 8.19 as this telemetry is based on #234793 which has only been backported to 9.2 and 9.1 |
banderror
added a commit
that referenced
this pull request
Oct 16, 2025
…r telemetry snapshot (#237583) (#239200) # Backport This will backport the following commits from `main` to `9.1`: - [[Security Solution] Add detection rules customization status for telemetry snapshot (#237583)](#237583) <!--- Backport version: 10.0.2 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Jacek Kolezynski","email":"jacek.kolezynski+gh@gmail.com"},"sourceCommit":{"committedDate":"2025-10-14T18:00:01Z","message":"[Security Solution] Add detection rules customization status for telemetry snapshot (#237583)\n\n**Partially addresses: #140369**\n\n## Summary\n\nThis is another PR from of a series of PRs I am planning to create to\ncover the requirements in the\nhttps://github.com//issues/140369 ticket.\n\n\nThe requirement covered in this PR is: \" Breakdown of which fields are\nbeing customized.\"\n\nTesting:\n\nDisplay the snapshot:\n```\nPOST kbn:/internal/telemetry/clusters/_stats?apiVersion=2\n{ \"unencrypted\": true, \"refreshCache\": true }\n```\n\nSend the snapshot to staging telemetry cluster.\n```\nPOST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true\n{}\n```\n\nCo-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>","sha":"1f4156499ff9f0e74efeac99e05fa8c2d54bf7e8","branchLabelMapping":{"^v9.3.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:skip","Team:Detections and Resp","Team: SecuritySolution","Team:Detection Rule Management","Feature:Prebuilt Detection Rules","backport:version","v9.2.0","v9.3.0","v9.1.6","v8.18.9","v8.19.6"],"title":"[Security Solution] Add detection rules customization status for telemetry snapshot","number":237583,"url":"https://github.com/elastic/kibana/pull/237583","mergeCommit":{"message":"[Security Solution] Add detection rules customization status for telemetry snapshot (#237583)\n\n**Partially addresses: #140369**\n\n## Summary\n\nThis is another PR from of a series of PRs I am planning to create to\ncover the requirements in the\nhttps://github.com//issues/140369 ticket.\n\n\nThe requirement covered in this PR is: \" Breakdown of which fields are\nbeing customized.\"\n\nTesting:\n\nDisplay the snapshot:\n```\nPOST kbn:/internal/telemetry/clusters/_stats?apiVersion=2\n{ \"unencrypted\": true, \"refreshCache\": true }\n```\n\nSend the snapshot to staging telemetry cluster.\n```\nPOST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true\n{}\n```\n\nCo-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>","sha":"1f4156499ff9f0e74efeac99e05fa8c2d54bf7e8"}},"sourceBranch":"main","suggestedTargetBranches":["9.1","8.18","8.19"],"targetPullRequestStates":[{"branch":"9.2","label":"v9.2.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"url":"https://github.com/elastic/kibana/pull/238993","number":238993,"state":"OPEN"},{"branch":"main","label":"v9.3.0","branchLabelMappingKey":"^v9.3.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/237583","number":237583,"mergeCommit":{"message":"[Security Solution] Add detection rules customization status for telemetry snapshot (#237583)\n\n**Partially addresses: #140369**\n\n## Summary\n\nThis is another PR from of a series of PRs I am planning to create to\ncover the requirements in the\nhttps://github.com//issues/140369 ticket.\n\n\nThe requirement covered in this PR is: \" Breakdown of which fields are\nbeing customized.\"\n\nTesting:\n\nDisplay the snapshot:\n```\nPOST kbn:/internal/telemetry/clusters/_stats?apiVersion=2\n{ \"unencrypted\": true, \"refreshCache\": true }\n```\n\nSend the snapshot to staging telemetry cluster.\n```\nPOST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true\n{}\n```\n\nCo-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>","sha":"1f4156499ff9f0e74efeac99e05fa8c2d54bf7e8"}},{"branch":"9.1","label":"v9.1.6","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.18","label":"v8.18.9","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.6","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT-->
mgadewoll
pushed a commit
to tkajtoch/kibana
that referenced
this pull request
Oct 17, 2025
…metry snapshot (elastic#237583) **Partially addresses: elastic#140369** ## Summary This is another PR from of a series of PRs I am planning to create to cover the requirements in the elastic#140369 ticket. The requirement covered in this PR is: " Breakdown of which fields are being customized." Testing: Display the snapshot: ``` POST kbn:/internal/telemetry/clusters/_stats?apiVersion=2 { "unencrypted": true, "refreshCache": true } ``` Send the snapshot to staging telemetry cluster. ``` POST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true {} ``` Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
rylnd
pushed a commit
to rylnd/kibana
that referenced
this pull request
Oct 17, 2025
…metry snapshot (elastic#237583) **Partially addresses: elastic#140369** ## Summary This is another PR from of a series of PRs I am planning to create to cover the requirements in the elastic#140369 ticket. The requirement covered in this PR is: " Breakdown of which fields are being customized." Testing: Display the snapshot: ``` POST kbn:/internal/telemetry/clusters/_stats?apiVersion=2 { "unencrypted": true, "refreshCache": true } ``` Send the snapshot to staging telemetry cluster. ``` POST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true {} ``` Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
nickpeihl
pushed a commit
to nickpeihl/kibana
that referenced
this pull request
Oct 23, 2025
…metry snapshot (elastic#237583) **Partially addresses: elastic#140369** ## Summary This is another PR from of a series of PRs I am planning to create to cover the requirements in the elastic#140369 ticket. The requirement covered in this PR is: " Breakdown of which fields are being customized." Testing: Display the snapshot: ``` POST kbn:/internal/telemetry/clusters/_stats?apiVersion=2 { "unencrypted": true, "refreshCache": true } ``` Send the snapshot to staging telemetry cluster. ``` POST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true {} ``` Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
NicholasPeretti
pushed a commit
to NicholasPeretti/kibana
that referenced
this pull request
Oct 27, 2025
…metry snapshot (elastic#237583) **Partially addresses: elastic#140369** ## Summary This is another PR from of a series of PRs I am planning to create to cover the requirements in the elastic#140369 ticket. The requirement covered in this PR is: " Breakdown of which fields are being customized." Testing: Display the snapshot: ``` POST kbn:/internal/telemetry/clusters/_stats?apiVersion=2 { "unencrypted": true, "refreshCache": true } ``` Send the snapshot to staging telemetry cluster. ``` POST kbn:/internal/telemetry/force_send?apiVersion=1&elasticInternalOrigin=true {} ``` Co-authored-by: Georgii Gorbachev <georgii.gorbachev@elastic.co>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Partially addresses: #140369
Summary
This is another PR from of a series of PRs I am planning to create to cover the requirements in the #140369 ticket.
The requirement covered in this PR is: " Breakdown of which fields are being customized."
Testing:
Display the snapshot:
Send the snapshot to staging telemetry cluster.