Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Request] [8.18, 9.0, and Serverless] Observables can be added to cases #6477

Merged
merged 23 commits into from
Jan 28, 2025
Merged
Changes from 1 commit
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
0b168c5
First draft
nastasha-solomon Jan 22, 2025
cec1f25
fixed anchor ref
nastasha-solomon Jan 23, 2025
100fa7b
Merge branch 'main' into issue-6395-case-observables
nastasha-solomon Jan 23, 2025
52ee379
Fixes minor heading issues
nastasha-solomon Jan 23, 2025
65a74c2
Merge branch 'issue-6395-case-observables' of github.com:elastic/secu…
nastasha-solomon Jan 23, 2025
587b6f8
Adds reqs for Serverless and ESS
nastasha-solomon Jan 23, 2025
f6554f4
Revisions to text
nastasha-solomon Jan 24, 2025
b22a785
Fixes error
nastasha-solomon Jan 24, 2025
bd4e29b
Refreshes images
nastasha-solomon Jan 24, 2025
3581c29
more new images
nastasha-solomon Jan 24, 2025
7e1c366
Merge branch 'main' into issue-6395-case-observables
nastasha-solomon Jan 24, 2025
1597c15
Fixed reference to image
nastasha-solomon Jan 25, 2025
e1e8cfe
Resizes images
nastasha-solomon Jan 25, 2025
a8b5a3e
Moves images down
nastasha-solomon Jan 27, 2025
831a670
Update docs/cases/cases-manage.asciidoc
nastasha-solomon Jan 27, 2025
e9911c0
Update docs/cases/cases-manage.asciidoc
nastasha-solomon Jan 27, 2025
32452f0
Ben's edits
nastasha-solomon Jan 27, 2025
5b05852
Update docs/cases/cases-manage-settings.asciidoc
nastasha-solomon Jan 28, 2025
f84d2de
Applying more of Ben's edits
nastasha-solomon Jan 28, 2025
0962272
Update docs/cases/cases-manage.asciidoc
nastasha-solomon Jan 28, 2025
2fadd42
Update docs/cases/cases-manage.asciidoc
nastasha-solomon Jan 28, 2025
6195fd6
Update docs/cases/cases-manage-settings.asciidoc
nastasha-solomon Jan 28, 2025
1c84266
Nat's edits and other syntax edits
nastasha-solomon Jan 28, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
more new images
nastasha-solomon committed Jan 24, 2025
commit 3581c29a8313ed4ed0e35bcd2a7d5665444f3f8e
8 changes: 2 additions & 6 deletions docs/cases/cases-manage-settings.asciidoc
Original file line number Diff line number Diff line change
@@ -138,12 +138,8 @@ Create custom observable types for enhanced case collaboration.

NOTE: You can create up to 10 custom observable types.

//+
//--
//[role="screenshot"]
//image::images/cases-observable-types.png[Add an observable type in case settings]
// NOTE: This is an autogenerated screenshot. Do not edit it directly.
//--
[role="screenshot"]
image::images/cases-observable-types.png[Add an observable type in case settings]

. In the *Observable types* section, click *Add observable*.
. Enter a label for the observable type, then click *Save*.
6 changes: 2 additions & 4 deletions docs/cases/cases-manage.asciidoc
Original file line number Diff line number Diff line change
@@ -207,10 +207,8 @@ To use observables, you must have a https://www.elastic.co/pricing[Platinum subs

An observable is a piece of information about an investigation, for example, a suspicious URL or a file hash. Use observables to identify correlated incidents and better understand the severity and scope of a case.

//[role="screenshot"]
//image::images/cases-open-manage/-cases-cases-files.png[A list of files attached to a case]

// NOTE: This is an autogenerated screenshot. Do not edit it directly.
[role="screenshot"]
image::images/cases-add-observables.png[Shows you where to add observables 30%,30%]

To create an observable:

Binary file added docs/cases/images/cases-add-observables.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/cases/images/cases-observable-types.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
6 changes: 2 additions & 4 deletions docs/serverless/investigate/cases-open-manage.asciidoc
Original file line number Diff line number Diff line change
@@ -225,10 +225,8 @@ To use observables, you must have the Security Analytics Essentials <<elasticsea

An observable is a piece of information about an investigation, for example, a suspicious URL or a file hash. Use observables to identify correlated incidents and better understand the severity and scope of a case.

//[role="screenshot"]
//image::images/cases-open-manage/-cases-cases-files.png[A list of files attached to a case]

// NOTE: This is an autogenerated screenshot. Do not edit it directly.
[role="screenshot"]
image::images/cases-open-manage/-cases-cases-add-observables.png[Shows you where to add observables 40%,40%]

To create an observable:

8 changes: 2 additions & 6 deletions docs/serverless/investigate/cases-settings.asciidoc
Original file line number Diff line number Diff line change
@@ -139,12 +139,8 @@ Create custom observable types for enhanced case collaboration.

NOTE: You can create up to 10 custom observable types.

//+
//--
//[role="screenshot"]
//image::images/cases-observable-types.png[Add an observable type in case settings]
// NOTE: This is an autogenerated screenshot. Do not edit it directly.
//--
[role="screenshot"]
image::images/security-cases-observable-types.png[Add an observable type in case settings]

. In the *Observable types* section, click *Add observable*.
. Enter a label for the observable type, then click *Save*.