[SIEM] Detection Fix typo in Adobe Hijack Persistence rule#58804
Merged
FrankHassanabad merged 8 commits intoelastic:masterfrom Mar 1, 2020
nicpenning:patch-1
Merged
[SIEM] Detection Fix typo in Adobe Hijack Persistence rule#58804FrankHassanabad merged 8 commits intoelastic:masterfrom nicpenning:patch-1
FrankHassanabad merged 8 commits intoelastic:masterfrom
nicpenning:patch-1
Conversation
Contributor
|
Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually? |
|
💚 CLA has been signed |
nicpenning
changed the title
Contributor
@nicpenning please read and sign the contributor agreement. Thanks! |
Contributor
|
Pinging @elastic/siem (Team:SIEM) |
FrankHassanabad
suggested changes
Feb 28, 2020
Contributor
FrankHassanabad
left a comment
FrankHassanabad
left a comment
There was a problem hiding this comment.
Change the version number and you will be good to go here.
...s/siem/server/lib/detection_engine/rules/prepackaged_rules/eql_adobe_hijack_persistence.json
Show resolved
Hide resolved
nicpenning
commented
Feb 28, 2020
Author
nicpenning
left a comment
nicpenning
left a comment
There was a problem hiding this comment.
I updated the version from 1 to 2.
Contributor
|
Gave this a test run: I see this now with the version bump on the UI: And then I see this after I install it: So I think we are good here. 👍 , thank you for the fix |
FrankHassanabad
approved these changes
Feb 28, 2020
Contributor
FrankHassanabad
left a comment
FrankHassanabad
left a comment
There was a problem hiding this comment.
Checked out the code, test ran it in a local development environment and it looks like the rule updates as expected.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Contributor
💚 Build SucceededHistory
To update your PR or re-run it, just comment with: |
FrankHassanabad
pushed a commit
to FrankHassanabad/kibana
that referenced
this pull request
Mar 1, 2020
FrankHassanabad
pushed a commit
to FrankHassanabad/kibana
that referenced
this pull request
Mar 1, 2020
gmmorris
added a commit
to gmmorris/kibana
that referenced
this pull request
Mar 1, 2020
* upstream/master: [SIEM] Detection Fix typo in Adobe Hijack Persistence rule (elastic#58804)
jloleysens
added a commit
to jloleysens/kibana
that referenced
this pull request
Mar 2, 2020
…dex-server-side * 'master' of github.com:elastic/kibana: (34 commits) [Upgrade Assistant] Remove "boom" from reindex service (elastic#58715) [data] Clean up QueryStringInput unit tests (elastic#58704) [SIEM] Detection Fix typo in Adobe Hijack Persistence rule (elastic#58804) Restores [SIEM][CASE] Init Configure Case Page (elastic#58121) (elastic#58924) Skips additional failing Ingest Manager integration tests Skips failing Ingest Manager integration tests Move dev tools styles to NP (elastic#58855) change to have kibana --ssl cli option use more recent certs (elastic#57933) disable failing suite (elastic#58942) Don't start pollEsNodesVersion unless someone subscribes (elastic#56923) Do not write UUID file during optimize process (elastic#58899) [Endpoint] Task/add nav bar (elastic#58604) [Metric Alerts] Add backend support for multiple expressions per alert (elastic#58672) [Metrics Alerts] Fix alerting on a rate aggregation (elastic#58789) disable flaky suite (elastic#55953) Revert "[SIEM] apollo@3 (elastic#51926)" and "[SIEM][CASE] Init Confi… (elastic#58806) [resubmit] Prep agg types for new platform (elastic#58893) [Lens] Allow number formatting within Lens (elastic#56253) [Autocomplete] Use settings from config rather than UI settings (elastic#58784) Improve action and trigger types (elastic#58657) ... # Conflicts: # x-pack/plugins/upgrade_assistant/server/routes/reindex_indices/reindex_indices.ts
FrankHassanabad
added a commit
that referenced
this pull request
Mar 2, 2020
FrankHassanabad
added a commit
that referenced
this pull request
Mar 2, 2020
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #58803
Summary
Summarize your PR. If it involves visual changes include a screenshot or gif.
Checklist
Delete any items that are not applicable to this PR.
For maintainers