Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][Endpoint] Fix index name pattern in SentinelOne dev. script #174105

Conversation

paul-tavares
Copy link
Contributor

@paul-tavares paul-tavares commented Jan 2, 2024

Summary

  • Corrects index name pattern for S1 alerts in the SIEM Rule that the SentinelOne dev script uses

🤦

@paul-tavares paul-tavares changed the title [Security Solution][Endpoint] Fix index name pattern in SentinelOne dev. scriptcorrect index pattern for s1 alerts [Security Solution][Endpoint] Fix index name pattern in SentinelOne dev. script Jan 2, 2024
@paul-tavares paul-tavares added release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v8.13.0 labels Jan 2, 2024
@paul-tavares paul-tavares self-assigned this Jan 2, 2024
@paul-tavares paul-tavares requested review from a team, pzl and parkiino and removed request for a team January 2, 2024 16:39
@paul-tavares paul-tavares marked this pull request as ready for review January 2, 2024 16:40
@paul-tavares paul-tavares requested a review from a team as a code owner January 2, 2024 16:40
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

@paul-tavares paul-tavares enabled auto-merge (squash) January 2, 2024 16:40
@paul-tavares
Copy link
Contributor Author

buildkite test this

@paul-tavares
Copy link
Contributor Author

/ci

@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] Investigations - Security Solution Cypress Tests #8 / [ESS] Save Timeline Prompts "before each" hook for "should NOT prompt when navigating with a changed & saved timeline within security solution where timelines are disabled" "before each" hook for "should NOT prompt when navigating with a changed & saved timeline within security solution where timelines are disabled"

Metrics [docs]

✅ unchanged

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @paul-tavares

@paul-tavares paul-tavares merged commit ce71d12 into elastic:main Jan 2, 2024
45 checks passed
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Jan 2, 2024
@paul-tavares paul-tavares deleted the task/olm-fix-sentinelone-script-index-name branch January 3, 2024 13:39
jloleysens added a commit that referenced this pull request Jan 4, 2024
* main: (4129 commits)
  [Logs Explorer] Change the default link for "Discover" in the serverless nav (#173420)
  [Fleet] fix unhandled error in agent details when components are missing (#174152)
  [Obs UX] Unskip transaction duration alerts test (#174069)
  [Fleet] Fix keep policies up to date after package install (#174093)
  [Profiling] Stack traces embeddable (#173905)
  [main] Sync bundled packages with Package Storage (#174115)
  [SLO Form] Refactor to use kibana data view component (#173513)
  [Obs UX] Unskip APM Service Inventory Journey (#173510)
  [Obs UX] Unskip preview_chart_error_count test (#173624)
  [api-docs] 2024-01-03 Daily api_docs build (#174142)
  Update babel runtime helpers (#171745)
  Handle content stream errors in report pre-deletion (#173792)
  [Cloud Posture] [Quick wins] Enable edit DataView on the Misconfigurations Findings Table (#173870)
  [ftr] abort retry on invalid webdriver session (#174092)
  Upgrade openai to 4.24.1 (#173934)
  chore(NA): bump node into v20 (#173461)
  [Security Solution][Endpoint] Fix index name pattern in SentinelOne dev. script (#174105)
  fix versions.json
  [Obs AI Assistant] Add guardrails (#174060)
  [ML] Transforms: Refactor validators and add unit tests. (#173736)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes Team:Defend Workflows “EDR Workflows” sub-team of Security Solution v8.13.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants