[SIEM][detection engine] Limit network rules to filebeat source semantics#57130
Merged
dcode merged 2 commits intoelastic:masterfrom Feb 7, 2020
dcode:dcode/limit-network-rules-to-filebeat
Merged
[SIEM][detection engine] Limit network rules to filebeat source semantics#57130dcode merged 2 commits intoelastic:masterfrom dcode:dcode/limit-network-rules-to-filebeat
dcode merged 2 commits intoelastic:masterfrom
dcode:dcode/limit-network-rules-to-filebeat
Conversation
dcode
added
release_note:skip
dcode
changed the title
Contributor
|
Pinging @elastic/siem (Team:SIEM) |
randomuserid
approved these changes
Feb 7, 2020
Contributor
randomuserid
left a comment
randomuserid
left a comment
There was a problem hiding this comment.
Looks good, please re-test on siem-dev to verify unit tests. I will add a paragraph about using these in the tuning guide docs.
Contributor
💚 Build SucceededTo update your PR or re-run it, just comment with: |
dcode
added a commit
to dcode/kibana
that referenced
this pull request
Feb 8, 2020
…tics (elastic#57130) * limit network rules to filebeat source semantics * Bump version number for network rules to ensure updates in post 7.6.0
dcode
added a commit
to dcode/kibana
that referenced
this pull request
Feb 8, 2020
…tics (elastic#57130) * limit network rules to filebeat source semantics * Bump version number for network rules to ensure updates in post 7.6.0
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Feb 9, 2020
…t-state * upstream/master: (96 commits) top nav ts arg support (elastic#56984) [SIEM][detection engine] Limit network rules to filebeat source semantics (elastic#57130) Add docs for alerting and action settings (elastic#57035) Add Test to Verify Endpoint App Landing Page (elastic#57129) Update `markdown-to-jsx` (`6.9.3` → `6.11.0`) and `url-parse` (`1.4.4` → `1.4.7`) dependencies. (elastic#57126) chore(NA): removes use of parallel option in the terser minimizer (elastic#57077) [ML] New Platform server shim: update file data visualizer routes to use new platform router (elastic#56972) Specifying valid licenses for the Graph feature (elastic#55911) [APM][docs] Add troubleshooting for non-indexed fields (elastic#54948) [ML] DF Analytics creation: update schema definition for create route (elastic#56979) Remove Kibana a11y guide in favor of EUI (elastic#57021) [Logs UI] Set streamLive false in URL state when arriving from link-to (elastic#56329) [docs] Fix spaces api example json (elastic#50411) Add new config for filebeat index name (elastic#56920) [Metrics-UI] Fix toolbar popover for metrics table row (elastic#56796) Saved Objects testing (elastic#56965) Disabled categorization stats validation (elastic#57087) [Rollups] Server NP migration (elastic#55606) [Metrics UI] Limit group by selector to only 2 fields (elastic#56800) fix auto closing new vis modal when navigating to lens or when navigating away with browser history (elastic#56998) ...
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Feb 9, 2020
* master: (96 commits) top nav ts arg support (elastic#56984) [SIEM][detection engine] Limit network rules to filebeat source semantics (elastic#57130) Add docs for alerting and action settings (elastic#57035) Add Test to Verify Endpoint App Landing Page (elastic#57129) Update `markdown-to-jsx` (`6.9.3` → `6.11.0`) and `url-parse` (`1.4.4` → `1.4.7`) dependencies. (elastic#57126) chore(NA): removes use of parallel option in the terser minimizer (elastic#57077) [ML] New Platform server shim: update file data visualizer routes to use new platform router (elastic#56972) Specifying valid licenses for the Graph feature (elastic#55911) [APM][docs] Add troubleshooting for non-indexed fields (elastic#54948) [ML] DF Analytics creation: update schema definition for create route (elastic#56979) Remove Kibana a11y guide in favor of EUI (elastic#57021) [Logs UI] Set streamLive false in URL state when arriving from link-to (elastic#56329) [docs] Fix spaces api example json (elastic#50411) Add new config for filebeat index name (elastic#56920) [Metrics-UI] Fix toolbar popover for metrics table row (elastic#56796) Saved Objects testing (elastic#56965) Disabled categorization stats validation (elastic#57087) [Rollups] Server NP migration (elastic#55606) [Metrics UI] Limit group by selector to only 2 fields (elastic#56800) fix auto closing new vis modal when navigating to lens or when navigating away with browser history (elastic#56998) ...
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Removes non-filebeat indices from network detection rules in the siem.
Checklist
Delete any items that are not applicable to this PR.
For maintainers
Fixes elastic/mechagodzilla#99