[Response Ops][Alerting] Add ability to specify custom format function when getting summarized alerts #150776
Assignees
Labels
Feature:Alerting
Team:ResponseOps
Label for the ResponseOps team (formerly the Cases and Alerting teams)
Comments
ymao1
added
Feature:Alerting
Team:ResponseOps
|
Pinging @elastic/response-ops (Team:ResponseOps) |
github-project-automation
bot
moved this to Awaiting Triage
in AppEx: ResponseOps - Execution & Connectors
ymao1
moved this from Awaiting Triage
to Todo
in AppEx: ResponseOps - Execution & Connectors
ymao1
added a commit
that referenced
this issue
Feb 13, 2023
…tom formatting for `getSummarizedAlerts` function (#150829) Resolves #150776 ## Summary As part of the [POC to onboard detection rules onto alert summaries](https://github.com/elastic/kibana/pull/147539/files), we uncovered a need to allow rule types to specify a custom format function for the alerts returned from the `getSummarizedAlerts` function. This will allow detection rules to perform some custom transformations before detection alerts are made available for notifications. This PR adds the necessary hook that can be used later on.
github-project-automation
bot
moved this from In Review
to Done
in AppEx: ResponseOps - Execution & Connectors
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For the effort to onboard detection rules onto framework alert summaries, we need to provide a way for rule types to specify custom format functions for alerts returned from the alert summaries. POC here. Security will implement the function but we will provide the hook for it inside the
getSummarizedAlertsfunction.The text was updated successfully, but these errors were encountered: