Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SIEM][Detection Engine] Closing of signals does not update count correctly on the signals table #59956

Closed
FrankHassanabad opened this issue Mar 11, 2020 · 2 comments
Closed

[SIEM][Detection Engine] Closing of signals does not update count correctly on the signals table #59956

FrankHassanabad opened this issue Mar 11, 2020 · 2 comments
Labels
bug Fixes for quality problems that affect the customer experience Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM

Comments

@FrankHassanabad
Copy link
Contributor

See gif below, when using SIEM signals you can close signals and the count does not consistently update. Below you can see it did not subtract 3 closed signals from the count when it should have:

counts_not_updating_signals_table

Steps to reproduce:

  1. Create signals by adding some rules such as 'host.name: *'
  2. Run the rule for a few minutes and shut it down so you have signals
  3. Go the signals table and refresh your web page
  4. Click to close 3 signals and see if it updates the count or not. If does update the count, do it a few more times until you see it not work correctly.

** Workaround **
Refresh your page

Expected behavior:
It should always update the count correctly when you close signals.

Kibana version:
7.6.1, 7.x, master

Elasticsearch version:
7.6.1, 7.x, master

Server OS version:
Cloud

Browser version:
Chrome 80+

Browser OS version:
Chrome 80+

Original install method (e.g. download page, yum, from source, etc.):
cloud
@FrankHassanabad FrankHassanabad added bug Fixes for quality problems that affect the customer experience Team:SIEM labels Mar 11, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@MadameSheema MadameSheema mentioned this issue Mar 12, 2020
Merged
@FrankHassanabad
Copy link
Contributor Author

This has been fixed by other work involving wait_for and timeline table fixes generically.

@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Oct 27, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@FrankHassanabad @MindyRS @elasticmachine