From 5b830acf880113ebf3afd80853ba5a1bb39b01a9 Mon Sep 17 00:00:00 2001 From: Marshall Main <55718608+marshallmain@users.noreply.github.com> Date: Mon, 13 Jul 2020 23:06:48 -0400 Subject: [PATCH] Change signal.rule.risk score mapping from keyword to float (#71126) * Change risk_score mapping from keyword to float * Change default alert histogram option * Add version to signals template * Fix test * Undo histogram order change Co-authored-by: Elastic Machine --- .../lib/detection_engine/routes/index/get_signals_template.ts | 1 + .../lib/detection_engine/routes/index/signals_mapping.json | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts index 01d7182e253ce..cc22f34560c71 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/get_signals_template.ts @@ -25,6 +25,7 @@ export const getSignalsTemplate = (index: string) => { }, index_patterns: [`${index}-*`], mappings: ecsMapping.mappings, + version: 1, }; return template; }; diff --git a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json index aa4166e93f4a1..d600bae2746d9 100644 --- a/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json +++ b/x-pack/plugins/security_solution/server/lib/detection_engine/routes/index/signals_mapping.json @@ -68,7 +68,7 @@ "type": "keyword" }, "risk_score": { - "type": "keyword" + "type": "float" }, "risk_score_mapping": { "properties": {