Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution][Detections] Enable executing alert actions on a per alert basis #131684

Open
spong opened this issue May 5, 2022 · 3 comments
Open

[Security Solution][Detections] Enable executing alert actions on a per alert basis #131684

spong opened this issue May 5, 2022 · 3 comments
Labels
enhancement New value added to drive a business result Feature:Rule Actions Security Solution Detection Rule Actions area Team:Detection Engine Security Solution Detection Engine Area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@spong
Copy link
Member

spong commented May 5, 2022

As raised on the community forums, this is an enhancement request for enabling finer granularity of alert actions such that an action could fire for each alert generated rather than once for the group of alerts. For example, if an action is configured to fire on each rule execution, instead of sending a single email for all alerts created during that execution, this enhancement would allow the user to configure the action to send a separate email for each alert.
@spong spong added triage_needed enhancement New value added to drive a business result Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Feature:Rule Actions Security Solution Detection Rule Actions area Team:Detection Rule Management Security Detection Rule Management Team Team:Detection Alerts Security Detection Alerts Area Team labels May 5, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@peluja1012
Copy link
Contributor

Duplicate of this ticket #153611

@yctercero yctercero added Team:Detection Engine Security Solution Detection Engine Area and removed Team:Detection Alerts Security Detection Alerts Area Team labels May 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New value added to drive a business result Feature:Rule Actions Security Solution Detection Rule Actions area Team:Detection Engine Security Solution Detection Engine Area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@peluja1012 @spong @yctercero @elasticmachine @marshallmain