Remove Detection Rule telemetry from Security Solution (8.0+) #119047
Conversation
pjhampton
added
bug
pjhampton
requested review from
peluja1012,
rylnd,
stevewritescode,
clburn-elastic,
SourinPaul and
a team
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
@elasticmachine merge upstream |
@pjhampton can you expound on this a bit? Is there an expected vs. actual level of interaction? |
|
Thanks, @rylnd. I have replied to you offline. |
|
@elasticmachine merge upstream |
💚 Build Succeeded
Metrics [docs]
History
To update your PR or re-run it, just comment with: cc @pjhampton |
|
@pjhampton we are tracking the broken telemetry as part of https://github.com/elastic/security-team/issues/1018#issuecomment-937323352 and will have it fixed as part of 8.0. As discussed offline, we expect that the downstream ingest process will be update to make this data more usable moving forward. |
|
@rylnd Sounds good. We have this planned on our end for 8.1 FF. |
Summary
I have opened this pull request for discussion.
From some internal wrangling, It seems based on RAC changes that Detection Rule telemetry is bust 8.0+.
After chatting with @stevewritescode we are making the case for removing it completely for these releases - this is because we have found there was been little to no interaction with the data from 7.13 (April 2020).
Related PRs:
There is a cross-team discussion as to the data we want to collect from 8.2 and index it in a way that is useful for technical and non-technical stakeholders.
For maintainers