Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[DOCS] [Security Solution] Update Compatibility with Cold Tier Nodes Documentation in 7.12.0 #562

Closed
2 tasks
MikePaquette opened this issue Mar 22, 2021 · 1 comment
Closed
2 tasks

[DOCS] [Security Solution] Update Compatibility with Cold Tier Nodes Documentation in 7.12.0 #562

MikePaquette opened this issue Mar 22, 2021 · 1 comment
Labels
Team: Docs v7.11.0 v7.12.0

Comments

@MikePaquette
Copy link
Contributor

This documentation update includes changes to two identical sections:

Current Text:

Cold tier is a data tier that holds time series data that is accessed only occasionally. In Elastic Stack version >=7.11.0, Elastic Security supports cold tier data for the following Elasticsearch indices:

Index patterns specified in securitySolution:defaultIndex
Index patterns specified in the definitions of detection rules
Index patterns specified in the data sources selector on various Elastic Security app pages

Elastic Security does NOT support cold tier data for the following Elasticsearch indices:

Index patterns controlled by Elastic Security, including signals and list indices
Index patterns specified in indicator match rules as indicator index patterns

Using cold tier data for unsupported indices may result in detection rule timeouts and overall performance degradation.

Proposed Text:

Cold tier is a data tier that holds time series data that is accessed only occasionally. In Elastic Stack version >=7.11.0, Elastic Security supports cold tier data for the following Elasticsearch indices:

Index patterns specified in securitySolution:defaultIndex
Index patterns specified in the definitions of detection rules, except for Indicator Match rules
Index patterns specified in the data sources selector on various Elastic Security app pages

Elastic Security does NOT support cold tier data for the following Elasticsearch indices:

Index patterns controlled by Elastic Security, including signals and list indices
Index patterns specified in indicator match rules

Using cold tier data for unsupported indices may result in detection rule timeouts and overall performance degradation.

Screen shot of affected section(s) with proposed changes:
image

cc: @jmikell821 @dontcallmesherryli
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Team: Docs v7.11.0 v7.12.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MikePaquette @jmikell821