-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution]After upgrade to 8.8.1 from 8.7.1 duplicate index are present and selecting index .alerts-security.alerts-default not showing data. #159107
Comments
Pinging @elastic/security-solution (Team: SecuritySolution) |
Reviewed and assigned to @MadameSheema |
thanks @sukhwindersingh-qasource can you please provide me the credentials of the environment where the issue can be reproduced? |
I tried to reproduce but couldn’t. My 8.7.1 had just an auditbeat integration and I created only 1 custom rule which had alerts. I did the upgrade. I don’t see the issue. Perhaps the 8.7.1 environment needs to be in a more specific state to reproduce. Any tips? |
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
@stephmilovic @machadoum assigning this ticket to your team since looks like it is just happening when you have the host and user risk scores dashboards enabled before the upgrade. This is also happening from 8.7.1 to 8.8.0 upgrade. |
## Summary issue: #159107 **Steps to verify:** 1. Generate some alerts and enable host or user risk score module. 2. Hard refresh the page, select the alerts data view. <img width="639" alt="Screenshot 2023-06-15 at 14 54 54" src="https://github.com/elastic/kibana/assets/6295984/412a2a9c-9125-4972-8c95-24dda90ad529"> 3. Visit overview, host, network and users page. All should `Not` display the get started page. https://github.com/elastic/kibana/assets/6295984/4b942604-f98f-40fe-bbca-9cfd11cdf275 ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
I had a simple fix in #159806 |
## Summary issue: elastic#159107 **Steps to verify:** 1. Generate some alerts and enable host or user risk score module. 2. Hard refresh the page, select the alerts data view. <img width="639" alt="Screenshot 2023-06-15 at 14 54 54" src="https://github.com/elastic/kibana/assets/6295984/412a2a9c-9125-4972-8c95-24dda90ad529"> 3. Visit overview, host, network and users page. All should `Not` display the get started page. https://github.com/elastic/kibana/assets/6295984/4b942604-f98f-40fe-bbca-9cfd11cdf275 ### Checklist Delete any items that are not applicable to this PR. - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios (cherry picked from commit 24bfa05)
…159836) # Backport This will backport the following commits from `main` to `8.8`: - [[SecuritySolution] Update checkIndicesExists logic (#159806)](#159806) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Angela Chuang","email":"[email protected]"},"sourceCommit":{"committedDate":"2023-06-15T19:06:30Z","message":"[SecuritySolution] Update checkIndicesExists logic (#159806)\n\n## Summary\r\n\r\nissue: https://github.com/elastic/kibana/issues/159107\r\n\r\n\r\n\r\n**Steps to verify:**\r\n\r\n1. Generate some alerts and enable host or user risk score module.\r\n2. Hard refresh the page, select the alerts data view. \r\n\r\n<img width=\"639\" alt=\"Screenshot 2023-06-15 at 14 54 54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/6295984/412a2a9c-9125-4972-8c95-24dda90ad529\">\r\n\r\n3. Visit overview, host, network and users page. All should `Not`\r\ndisplay the get started page.\r\n\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/6295984/4b942604-f98f-40fe-bbca-9cfd11cdf275\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"24bfa0514efb3eb16b3eb3276679dd53229d01ba","branchLabelMapping":{"^v8.9.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","Team:Threat Hunting","Team: SecuritySolution","Team:Threat Hunting:Explore","v8.9.0","v8.8.2"],"number":159806,"url":"https://github.com/elastic/kibana/pull/159806","mergeCommit":{"message":"[SecuritySolution] Update checkIndicesExists logic (#159806)\n\n## Summary\r\n\r\nissue: https://github.com/elastic/kibana/issues/159107\r\n\r\n\r\n\r\n**Steps to verify:**\r\n\r\n1. Generate some alerts and enable host or user risk score module.\r\n2. Hard refresh the page, select the alerts data view. \r\n\r\n<img width=\"639\" alt=\"Screenshot 2023-06-15 at 14 54 54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/6295984/412a2a9c-9125-4972-8c95-24dda90ad529\">\r\n\r\n3. Visit overview, host, network and users page. All should `Not`\r\ndisplay the get started page.\r\n\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/6295984/4b942604-f98f-40fe-bbca-9cfd11cdf275\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"24bfa0514efb3eb16b3eb3276679dd53229d01ba"}},"sourceBranch":"main","suggestedTargetBranches":["8.8"],"targetPullRequestStates":[{"branch":"main","label":"v8.9.0","labelRegex":"^v8.9.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/159806","number":159806,"mergeCommit":{"message":"[SecuritySolution] Update checkIndicesExists logic (#159806)\n\n## Summary\r\n\r\nissue: https://github.com/elastic/kibana/issues/159107\r\n\r\n\r\n\r\n**Steps to verify:**\r\n\r\n1. Generate some alerts and enable host or user risk score module.\r\n2. Hard refresh the page, select the alerts data view. \r\n\r\n<img width=\"639\" alt=\"Screenshot 2023-06-15 at 14 54 54\"\r\nsrc=\"https://github.com/elastic/kibana/assets/6295984/412a2a9c-9125-4972-8c95-24dda90ad529\">\r\n\r\n3. Visit overview, host, network and users page. All should `Not`\r\ndisplay the get started page.\r\n\r\n\r\n\r\nhttps://github.com/elastic/kibana/assets/6295984/4b942604-f98f-40fe-bbca-9cfd11cdf275\r\n\r\n\r\n### Checklist\r\n\r\nDelete any items that are not applicable to this PR.\r\n\r\n\r\n- [x] [Unit or functional\r\ntests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)\r\nwere updated or added to match the most common scenarios","sha":"24bfa0514efb3eb16b3eb3276679dd53229d01ba"}},{"branch":"8.8","label":"v8.8.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Angela Chuang <[email protected]>
@sukhwindersingh-qasource can you please confirm the fix? |
Hi @stephmilovic ,Sure we will validate this ticket once 8.8.2 BC1 Will be available at production. |
Hi @MadameSheema @stephmilovic @angorayc We have validated this issue on 8.8.2 BC1 build after upgrading it from 8.7.1 and observed that issue looks like , It is Fixed. ✔️ Please find the below Testing Details: Build info
Screen-Cast Overview.-.Kibana.Mozilla.Firefox.2023-06-23.17-04-20.mp4As this issue needs to be validated on 8.9.0 also , so keeping this ticket opened. After availability of 8.9.0 BC1 we will validate it and close the ticket and add QA Validated label Thanks!! |
Hi @MadameSheema @stephmilovic @angorayc We have validated this issue on 8.9.0 BC1 build after upgrading it from 8.7.1 and observed that issue looks like , It is Fixed. ✔️ Please find the below Testing Details: Build info
Screen-Cast Overview.-.Kibana.Mozilla.Firefox.2023-06-26.16-03-29.mp4Hence we are closing this ticket and also marking it as QA Validated. Thanks!! |
Describe the bug:
Build Details:
Preconditions
Steps to Reproduce
Actual Result
Expected Result
Screen-cast
Overview.-.Kibana.Mozilla.Firefox.2023-06-06.16-59-12.mp4
The text was updated successfully, but these errors were encountered: