[Docs][SIEM] 7.7 detection rule updates#974
Merged
benskelker merged 12 commits intoelastic:masterfrom Apr 8, 2020
Merged
Conversation
635df51 to
dfea406
Compare
rylnd
approved these changes
Apr 6, 2020
rylnd
left a comment
There was a problem hiding this comment.
ML Rule additions and Rule creation changes LGTM! Note that screenshots and a few references to the ML popover are going to be outdated once #62396 is merged, though.
dhurley14
reviewed
Apr 6, 2020
dhurley14
approved these changes
Apr 6, 2020
dhurley14
left a comment
There was a problem hiding this comment.
Had one comment but other than that LGTM!
3 tasks
spong
reviewed
Apr 7, 2020
| For users with the `ml_admin` role, the `Anomaly Detection` interface within | ||
| the main navigation header can be used for for viewing, starting, and stopping | ||
| SIEM machine learning jobs. | ||
| For users with the `machine_learning_admin` role, the `ML job settings` |
Member
There was a problem hiding this comment.
Thanks for the distinction here as we've (myself at least 😅) been conflating the users/roles -- ml_admin is the user, with the roles being machine_learning_admin, machine_learning_user, etc.
spong
reviewed
Apr 7, 2020
| TIP: This example is based on the | ||
| <<volume-shadow-copy-deletion-via-vssadmin, Volume Shadow Copy Deletion via VssAdmin>> prebuilt rule. | ||
|
|
||
| . Select the timeline template used when you send a signal created by the rule |
Member
There was a problem hiding this comment.
Docs render fine of course, but extra space here:
Suggested change
| . Select the timeline template used when you send a signal created by the rule | |
| . Select the timeline template used when you send a signal created by the rule |
spong
approved these changes
Apr 7, 2020
Member
spong
left a comment
There was a problem hiding this comment.
Ran through the latest updates and everything looks good here -- thanks @benskelker! 🙂
benskelker
added a commit
to benskelker/stack-docs
that referenced
this pull request
Apr 8, 2020
* starts rule updates * starts ml rule type * more create rules stuff * rule types cont * add cases kib space info * rule monitoring * monitor cont * typo * corrections and screenshots * more screenshots * updates rule failure note * cleanup and remove api key requirement
benskelker
added a commit
to benskelker/stack-docs
that referenced
this pull request
Apr 8, 2020
* starts rule updates * starts ml rule type * more create rules stuff * rule types cont * add cases kib space info * rule monitoring * monitor cont * typo * corrections and screenshots * more screenshots * updates rule failure note * cleanup and remove api key requirement
benskelker
added a commit
that referenced
this pull request
Apr 8, 2020
* starts rule updates * starts ml rule type * more create rules stuff * rule types cont * add cases kib space info * rule monitoring * monitor cont * typo * corrections and screenshots * more screenshots * updates rule failure note * cleanup and remove api key requirement
benskelker
added a commit
that referenced
this pull request
Apr 8, 2020
* starts rule updates * starts ml rule type * more create rules stuff * rule types cont * add cases kib space info * rule monitoring * monitor cont * typo * corrections and screenshots * more screenshots * updates rule failure note * cleanup and remove api key requirement
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updates the docs with added detections functionality.
Preview