Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Security Solution][RAM] Alerts table displays timestamp in UTC, not in Kibana configured time #158965

Closed
vitaliidm opened this issue Jun 2, 2023 · 4 comments
Assignees
Labels
bug Fixes for quality problems that affect the customer experience fixed sdh-linked Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting:Investigations Security Solution Investigations Team

Comments

@vitaliidm
Copy link
Contributor

Describe the bug:
Security alerts table displays timestamp in UTC, not in Kibana configured time

Kibana/Elasticsearch Stack version:
8.8
Before 8.7, date format was displayed in Kibana configured time

Steps to reproduce:

  1. Ensure Kibana time is different to UTC
  2. Generate Security detections alerts
  3. Got to alerts table, time is displayed in UTC

Any additional context (logs, chat logs, magical formulas, etc.):

Screenshot 2023-06-02 at 22 05 42

8.7
Screenshot 2023-06-02 at 22 11 46

Looks like it happens after Security Solution alerts table was replaced by triggers-actions-ui table in #149128, ther

@vitaliidm vitaliidm added bug Fixes for quality problems that affect the customer experience triage_needed Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Jun 2, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@XavierM XavierM assigned XavierM and unassigned kobelb Jun 6, 2023
@XavierM XavierM removed the Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) label Jun 6, 2023
@XavierM
Copy link
Contributor

XavierM commented Jun 6, 2023

I do not think this issue is related to us since we do not control the rendering of the cell. It looks like that is working as expected on main. So I will imagine we should be good on response ops side.

on main:
image

@vitaliidm
Copy link
Contributor Author

It is also fixed in 8.8.1 as well.
It very likely was done by #158594, which is linked to multiple mapping related issues

@yctercero yctercero added the Team:Threat Hunting:Investigations Security Solution Investigations Team label Jun 8, 2023
@yctercero yctercero assigned michaelolo24 and unassigned XavierM Jun 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Fixes for quality problems that affect the customer experience fixed sdh-linked Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting:Investigations Security Solution Investigations Team
Projects
None yet
Development

No branches or pull requests

6 participants