De-dupe findings from group by rules #558
Labels
Comments
riysaxen-amzn
pushed a commit
to riysaxen-amzn/security-analytics
that referenced
this issue
Feb 20, 2024
…search-project#558) * [BUG] Finding's fly-out has no correlations if open from alerts opensearch-project#557 Signed-off-by: Jovan Cvetkovic <[email protected]> * code review from opensearch-project/security-analytics-dashboards-plugin#558 (comment) Signed-off-by: Jovan Cvetkovic <[email protected]> * cypress tests wait interval updated to 400 Signed-off-by: Jovan Cvetkovic <[email protected]> * cypress tests wait interval updated to 400 Signed-off-by: Jovan Cvetkovic <[email protected]> --------- Signed-off-by: Jovan Cvetkovic <[email protected]>
riysaxen-amzn
pushed a commit
to riysaxen-amzn/security-analytics
that referenced
this issue
Mar 25, 2024
Signed-off-by: Surya Sashank Nistala <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently bucket level monitor creates findings. These findings are being fed as source data to a match all doc level monitor which again creates duplicate findings. Hence, detector findings have duplicates
one way to tackle this is to avoid fetching findings for the chained findings monitor in search findings api when call is made to alerting plugin to return findings by monitor id
The text was updated successfully, but these errors were encountered: