Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution][ML] Updates siem group name to security #73218

Merged
merged 4 commits into from
Jul 28, 2020
Merged

[Security Solution][ML] Updates siem group name to security #73218

merged 4 commits into from
Jul 28, 2020

Conversation

spong
Copy link
Member

@spong spong commented Jul 25, 2020
edited
Loading

Summary

Resolves #69319

Updates siem grouping to security, and enables cloudtrail module, fixing mis-match between the newly updated modules (#71696).

Also updates all module icons to be consistent:

Auditbeat (Before/After):

Packetbeat (Before/After):

Winlogbeat (Before/After):

@spong spong added bug Fixes for quality problems that affect the customer experience Team:SIEM v8.0.0 v7.10.0 v7.9.0 labels Jul 25, 2020
@spong spong requested a review from rylnd July 25, 2020 00:13
@spong spong requested review from a team as code owners July 25, 2020 00:13
@spong spong self-assigned this Jul 25, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/siem (Team:SIEM)

@spong spong added the release_note:skip Skip the PR/issue when compiling release notes label Jul 25, 2020
@spong
Copy link
Member Author

spong commented Jul 27, 2020

@elasticmachine merge upstream

rylnd
rylnd approved these changes Jul 27, 2020
View reviewed changes
Copy link
Contributor

@rylnd rylnd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested this both on an existing install and a fresh install, and things are behaving as expected/described. This will fix a few intermediate issues with a fresh install on master, too, so LGTM :shipit: 🚀

@spong spong requested a review from a team as a code owner July 27, 2020 21:11
blaklaybul
blaklaybul approved these changes Jul 27, 2020
View reviewed changes
Copy link
Contributor

@blaklaybul blaklaybul left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Build metrics

async chunks size

id value diff baseline
securitySolution 7.3MB +75.0B 7.3MB

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@spong spong merged commit 765c2d1 into elastic:master Jul 28, 2020
@spong spong deleted the ml-group-name-fixes branch July 28, 2020 01:52
@spong spong mentioned this pull request Jul 28, 2020
Merged
spong added a commit to spong/kibana that referenced this pull request Jul 28, 2020
@spong
[Security Solution][ML] Updates siem group name to security (elastic#…
886734c 
…73218)

## Summary

Resolves elastic#69319

Updates `siem` grouping to `security`, and enables cloudtrail module, fixing mis-match between the newly updated modules (elastic#71696).


<p align="center">
  <img width="500" src="https://user-images.githubusercontent.com/2946766/88444121-b6b27480-cdd8-11ea-886a-9b4cadbaede8.png" />
</p>

<p align="center">
  <img width="500" src="https://user-images.githubusercontent.com/2946766/88444181-16108480-cdd9-11ea-9fba-aff1e4c38da3.png" />
</p>


Also updates all module icons to be consistent:

Auditbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592057-9a9e1580-d01a-11ea-97bb-d1096a4ae85f.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592020-8b1ecc80-d01a-11ea-8f2d-aa5cba94924e.png" />
</p>

Packetbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592205-e18c0b00-d01a-11ea-9553-9c87527c600b.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592270-f8caf880-d01a-11ea-94a8-5428d2c6ddea.png" />
</p>

Winlogbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592286-fff20680-d01a-11ea-87dd-4150debc988c.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592351-2021c580-d01b-11ea-863f-efd26d0105ab.png" />
</p>



- [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
- [X] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials
  - Working w/ @benskelker on updated ML Jobs & nomenclature
spong added a commit to spong/kibana that referenced this pull request Jul 28, 2020
@spong
[Security Solution][ML] Updates siem group name to security (elastic#…
b74414e 
…73218)

## Summary

Resolves elastic#69319

Updates `siem` grouping to `security`, and enables cloudtrail module, fixing mis-match between the newly updated modules (elastic#71696).


<p align="center">
  <img width="500" src="https://user-images.githubusercontent.com/2946766/88444121-b6b27480-cdd8-11ea-886a-9b4cadbaede8.png" />
</p>

<p align="center">
  <img width="500" src="https://user-images.githubusercontent.com/2946766/88444181-16108480-cdd9-11ea-9fba-aff1e4c38da3.png" />
</p>


Also updates all module icons to be consistent:

Auditbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592057-9a9e1580-d01a-11ea-97bb-d1096a4ae85f.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592020-8b1ecc80-d01a-11ea-8f2d-aa5cba94924e.png" />
</p>

Packetbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592205-e18c0b00-d01a-11ea-9553-9c87527c600b.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592270-f8caf880-d01a-11ea-94a8-5428d2c6ddea.png" />
</p>

Winlogbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592286-fff20680-d01a-11ea-87dd-4150debc988c.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592351-2021c580-d01b-11ea-863f-efd26d0105ab.png" />
</p>



- [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
- [X] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials
  - Working w/ @benskelker on updated ML Jobs & nomenclature
@spong spong mentioned this pull request Jul 28, 2020
Merged
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jul 28, 2020
@gmmorris
Merge branch 'master' into event-log/use-alerts-actions-clients
76c0b24 
* master: (44 commits)
  [Search] add server logs (elastic#72454)
  [SIEM][Timelines] Updates timeline template callout text (elastic#73334)
  Fix App status  flaky test (elastic#72853)
  [Functional Tests] Increase the timeout when locating the tableview] (elastic#73243)
  Use "Apply_filter_trigger" in dashboard drilldown (elastic#71468)
  fix dashboard index pattern race condition (elastic#72899)
  [Functional Tests] Increase waitTime for timelion to fetch the results (elastic#73255)
  [Functional Tests] Fix flakiness on TSVB chart on switching index patterns test (elastic#73238)
  updates cypress to v4.11.0 (elastic#73327)
  [Metrics UI] Saved views bugs (elastic#72518)
  [Ingest Manager] Convert select agent config step to use combo box (elastic#73172)
  Exclude `version` from package config attributes that are copied, add safeguard to package config bulk create (elastic#73128)
  [Security Solution][ML] Updates siem group name to security (elastic#73218)
  [Security Solution] Show proper icon for termination status of all processes (elastic#73235)
  [Security Solution][Resolver] Show origin node details in panel on load (elastic#73313)
  [Security solution] Threat hunting test coverage improvements (elastic#73276)
  [Security Solution][Exceptions] - Update exception item comments to include id (elastic#73129)
  [Enterprise Search] Error state UI tweaks to account for current Cloud SSO behavior (elastic#73324)
  [dev/build/docker_generator] convert to typescript (elastic#73339)
  [APM] Fix focus map link on service map (elastic#73338)
  ...
spong added a commit that referenced this pull request Jul 28, 2020
@spong
[Security Solution][ML] Updates siem group name to security (#73218) (#…
c1be2a2 
…73391)

## Summary

Resolves #69319

Updates `siem` grouping to `security`, and enables cloudtrail module, fixing mis-match between the newly updated modules (#71696).


<p align="center">
  <img width="500" src="https://user-images.githubusercontent.com/2946766/88444121-b6b27480-cdd8-11ea-886a-9b4cadbaede8.png" />
</p>

<p align="center">
  <img width="500" src="https://user-images.githubusercontent.com/2946766/88444181-16108480-cdd9-11ea-9fba-aff1e4c38da3.png" />
</p>


Also updates all module icons to be consistent:

Auditbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592057-9a9e1580-d01a-11ea-97bb-d1096a4ae85f.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592020-8b1ecc80-d01a-11ea-8f2d-aa5cba94924e.png" />
</p>

Packetbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592205-e18c0b00-d01a-11ea-9553-9c87527c600b.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592270-f8caf880-d01a-11ea-94a8-5428d2c6ddea.png" />
</p>

Winlogbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592286-fff20680-d01a-11ea-87dd-4150debc988c.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592351-2021c580-d01b-11ea-863f-efd26d0105ab.png" />
</p>



- [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
- [X] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials
  - Working w/ @benskelker on updated ML Jobs & nomenclature
spong added a commit that referenced this pull request Jul 28, 2020
@spong
[Security Solution][ML] Updates siem group name to security (#73218) (#…
c6ae39e 
…73390)

## Summary

Resolves #69319

Updates `siem` grouping to `security`, and enables cloudtrail module, fixing mis-match between the newly updated modules (#71696).


<p align="center">
  <img width="500" src="https://user-images.githubusercontent.com/2946766/88444121-b6b27480-cdd8-11ea-886a-9b4cadbaede8.png" />
</p>

<p align="center">
  <img width="500" src="https://user-images.githubusercontent.com/2946766/88444181-16108480-cdd9-11ea-9fba-aff1e4c38da3.png" />
</p>


Also updates all module icons to be consistent:

Auditbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592057-9a9e1580-d01a-11ea-97bb-d1096a4ae85f.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592020-8b1ecc80-d01a-11ea-8f2d-aa5cba94924e.png" />
</p>

Packetbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592205-e18c0b00-d01a-11ea-9553-9c87527c600b.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592270-f8caf880-d01a-11ea-94a8-5428d2c6ddea.png" />
</p>

Winlogbeat (Before/After):
<p align="center">
    <img width="260" src="https://user-images.githubusercontent.com/2946766/88592286-fff20680-d01a-11ea-87dd-4150debc988c.png" /><img width="300" src="https://user-images.githubusercontent.com/2946766/88592351-2021c580-d01b-11ea-863f-efd26d0105ab.png" />
</p>



- [X] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
- [X] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials
  - Working w/ @benskelker on updated ML Jobs & nomenclature
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blaklaybul blaklaybul blaklaybul approved these changes

@rylnd rylnd rylnd approved these changes

Assignees

@spong spong

Labels
bug Fixes for quality problems that affect the customer experience release_note:skip Skip the PR/issue when compiling release notes Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.9.0 v7.10.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Security][Detections] Update ML Jobs group from SIEM to Security
6 participants
@spong @elasticmachine @kibanamachine @rylnd @blaklaybul @MindyRS