Skip to content

Adds new page about triaging alerts with AI Assistant#4359

Merged
benironside merged 32 commits intomainfrom
4358-Alert-triage-page
Jan 4, 2024
Merged

Adds new page about triaging alerts with AI Assistant#4359
benironside merged 32 commits intomainfrom
4358-Alert-triage-page

Conversation

@benironside
Copy link
Copy Markdown
Contributor

@benironside benironside commented Dec 1, 2023
edited
Loading

Fixes #4358 by adding a new page that explains how AI Assistant can help triage alerts. RAG for Alerts changes are limited to the new first section "Use AI Assistant to Triage multiple alerts"

Preview: Triage alerts with Elastic AI Assistant

@benironside benironside added Feature: Elastic AI Assistant Interface for interacting with generative AIs v8.11.0 v8.12.0 labels Dec 1, 2023
@benironside benironside self-assigned this Dec 1, 2023
@github-actions
Copy link
Copy Markdown

github-actions bot commented Dec 1, 2023

Documentation previews:

@benironside benironside requested a review from dhru42 December 1, 2023 01:06
dhru42
dhru42 previously requested changes Dec 8, 2023
View reviewed changes
Copy link
Copy Markdown
Collaborator

@dhru42 dhru42 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please make this a sub-page to the AI Assistant page

@benironside benironside marked this pull request as ready for review December 8, 2023 23:44
@benironside benironside requested a review from a team as a code owner December 8, 2023 23:44
nastasha-solomon
nastasha-solomon reviewed Dec 11, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@nastasha-solomon nastasha-solomon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some suggestions for consistency and structure. Looks great as a whole!

benironside and others added 7 commits December 13, 2023 11:12
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
e14e938 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
62a6db5 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
b8ae6d1 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
97de8bf 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
bf618c3 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
b787953 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
e4c4d86 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside benironside requested a review from a team December 13, 2023 19:57
benironside and others added 2 commits December 13, 2023 11:58
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
25eb2d3 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside @nastasha-solomon
Update docs/assistant/ai-alert-triage.asciidoc
98eb02f 
Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
@benironside benironside dismissed dhru42’s stale review December 13, 2023 20:02

Communicated with Dhru and incorporated his feedback 👍

@benironside benironside mentioned this pull request Dec 21, 2023
Merged
andrew-goldstein
andrew-goldstein reviewed Dec 21, 2023
View reviewed changes
docs/assistant/ai-alert-triage.asciidoc Outdated

When you view an alert in {elastic-sec}, details such as related documents, hosts, and users appear alongside a synopsis of the events that triggered the alert. This data provides a starting point for understanding a potential threat. AI Assistant can answer questions about this data and offer insights and actionable recommendations to remediate the issue.

To enable AI Assistant to answer questions about alerts, you need to provide alert data as context for your prompts. You can either provide multiple alerts using the <<configure-ai-assistant, knowledge base>> feature, or provide individual alerts directly.
Copy link
Copy Markdown

@andrew-goldstein andrew-goldstein Dec 21, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: is it possible for the knowledge base links to jump to a KB-specific anchor? (I'm wondering if it's a quirk of the docs preview)

Copy link
Copy Markdown
Contributor Author

@benironside benironside Dec 21, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes 100%. I am planning to do this but I have to merge the updates to the AI Assistant page before I can link to that section.

andrew-goldstein
andrew-goldstein reviewed Dec 21, 2023
View reviewed changes
andrew-goldstein
andrew-goldstein previously approved these changes Dec 21, 2023
View reviewed changes
Copy link
Copy Markdown

@andrew-goldstein andrew-goldstein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @benironside for this new page about triaging alerts with the assistant! 🙏
💹 Desk tested via the preview
LGTM 🚀

@andrew-goldstein andrew-goldstein mentioned this pull request Dec 21, 2023
Merged
natasha-moore-elastic
natasha-moore-elastic reviewed Dec 22, 2023
View reviewed changes
@benironside @natasha-moore-elastic
Update docs/assistant/ai-alert-triage.asciidoc
6851f03 
Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
benironside and others added 3 commits December 28, 2023 06:12
@benironside @natasha-moore-elastic
Update docs/assistant/ai-alert-triage.asciidoc
d18e34b 
Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
@benironside
Merge branch 'main' into 4358-Alert-triage-page
35f1ccb
@benironside
Merge branch 'main' into 4358-Alert-triage-page
afee6bd
benironside
benironside commented Jan 3, 2024
View reviewed changes
benironside
benironside commented Jan 3, 2024
View reviewed changes
@benironside benironside merged commit b930aa6 into main Jan 4, 2024
mergify bot pushed a commit that referenced this pull request Jan 4, 2024
@benironside @nastasha-solomon
@natasha-moore-elastic @mergify
Adds new page about triaging alerts with AI Assistant (#4359)
ba1fa51 
* Adds new page about triaging alerts with AI Assistant

* troubleshoots ToC

* troubleshoots build error

* updates section title

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Incorporates rest of Nastasha's feedback

* save work

* updates triage page with RAG for alerts info

* fixes anchor tag

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

* Update docs/assistant/ai-alert-triage.asciidoc

---------

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
(cherry picked from commit b930aa6)
@mergify mergify bot mentioned this pull request Jan 4, 2024
Merged
mergify bot pushed a commit that referenced this pull request Jan 4, 2024
@benironside @nastasha-solomon
@natasha-moore-elastic @mergify
Adds new page about triaging alerts with AI Assistant (#4359)
a1500a2 
* Adds new page about triaging alerts with AI Assistant

* troubleshoots ToC

* troubleshoots build error

* updates section title

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Incorporates rest of Nastasha's feedback

* save work

* updates triage page with RAG for alerts info

* fixes anchor tag

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

* Update docs/assistant/ai-alert-triage.asciidoc

---------

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
(cherry picked from commit b930aa6)
@mergify mergify bot mentioned this pull request Jan 4, 2024
Merged
benironside added a commit that referenced this pull request Jan 4, 2024
@mergify @benironside
Adds new page about triaging alerts with AI Assistant (#4359) (#4564)
74b1559 
* Adds new page about triaging alerts with AI Assistant

* troubleshoots ToC

* troubleshoots build error

* updates section title

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Incorporates rest of Nastasha's feedback

* save work

* updates triage page with RAG for alerts info

* fixes anchor tag

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

* Update docs/assistant/ai-alert-triage.asciidoc

---------

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
(cherry picked from commit b930aa6)

Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com>
benironside added a commit that referenced this pull request Jan 9, 2024
@mergify @benironside
[8.11] Adds new page about triaging alerts with AI Assistant (backport
8b1d65a 
…#4359) (#4565)

* Adds new page about triaging alerts with AI Assistant (#4359)

* Adds new page about triaging alerts with AI Assistant

* troubleshoots ToC

* troubleshoots build error

* updates section title

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>

* Incorporates rest of Nastasha's feedback

* save work

* updates triage page with RAG for alerts info

* fixes anchor tag

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>

* Update docs/assistant/ai-alert-triage.asciidoc

* Update docs/assistant/ai-alert-triage.asciidoc

---------

Co-authored-by: Nastasha Solomon <79124755+nastasha-solomon@users.noreply.github.com>
Co-authored-by: natasha-moore-elastic <137783811+natasha-moore-elastic@users.noreply.github.com>
(cherry picked from commit b930aa6)

* removes part from 8.11 that doesn't apply until 8.12

* fix merge conflict

---------

Co-authored-by: Benjamin Ironside Goldstein <91905639+benironside@users.noreply.github.com>
Co-authored-by: Benjamin Ironside Goldstein <benjamin.ironside@elastic.co>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nastasha-solomon nastasha-solomon nastasha-solomon left review comments

@natasha-moore-elastic natasha-moore-elastic natasha-moore-elastic approved these changes

@andrew-goldstein andrew-goldstein andrew-goldstein left review comments

@dhru42 dhru42 dhru42 left review comments

Assignees

@benironside benironside

Labels

Feature: Elastic AI Assistant Interface for interacting with generative AIs v8.11.0 v8.12.0

Projects

Elastic Security Docs Board
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[AI Assistant] New page - Triage alerts with AI Assistant

5 participants

@benironside @andrew-goldstein @nastasha-solomon @dhru42 @natasha-moore-elastic