[Enhancement]: Add docs for data view on Alerts page #4653
Assignees
Labels
Comments
stefnestor
added a commit
to stefnestor/security-docs
that referenced
this issue
Jul 5, 2024
👋 howdy, team! Playing forward a couple ballpark Githubs (kindly see their sub-internal-links) elastic#4653 , elastic/kibana#172534 , can we expand [this doc's](https://www.elastic.co/guide/en/security/master/data-views-in-sec.html#_create_or_modify_a_data_view) note to more heavily indicate even CCS is not possible on the Alerts UI?
joepeeples
added a commit
that referenced
this issue
Jul 17, 2024
* (Doc+) Alerts UI cannot be CCS 👋 howdy, team! Playing forward a couple ballpark Githubs (kindly see their sub-internal-links) #4653 , elastic/kibana#172534 , can we expand [this doc's](https://www.elastic.co/guide/en/security/master/data-views-in-sec.html#_create_or_modify_a_data_view) note to more heavily indicate even CCS is not possible on the Alerts UI? * feedback Co-authored-by: Joe Peeples <[email protected]> --------- Co-authored-by: Joe Peeples <[email protected]>
mergify bot
pushed a commit
that referenced
this issue
Jul 17, 2024
* (Doc+) Alerts UI cannot be CCS 👋 howdy, team! Playing forward a couple ballpark Githubs (kindly see their sub-internal-links) #4653 , elastic/kibana#172534 , can we expand [this doc's](https://www.elastic.co/guide/en/security/master/data-views-in-sec.html#_create_or_modify_a_data_view) note to more heavily indicate even CCS is not possible on the Alerts UI? * feedback Co-authored-by: Joe Peeples <[email protected]> --------- Co-authored-by: Joe Peeples <[email protected]> (cherry picked from commit 5c199b0)
mergify bot
pushed a commit
that referenced
this issue
Jul 17, 2024
* (Doc+) Alerts UI cannot be CCS 👋 howdy, team! Playing forward a couple ballpark Githubs (kindly see their sub-internal-links) #4653 , elastic/kibana#172534 , can we expand [this doc's](https://www.elastic.co/guide/en/security/master/data-views-in-sec.html#_create_or_modify_a_data_view) note to more heavily indicate even CCS is not possible on the Alerts UI? * feedback Co-authored-by: Joe Peeples <[email protected]> --------- Co-authored-by: Joe Peeples <[email protected]> (cherry picked from commit 5c199b0)
joepeeples
pushed a commit
that referenced
this issue
Jul 17, 2024
* (Doc+) Alerts UI cannot be CCS 👋 howdy, team! Playing forward a couple ballpark Githubs (kindly see their sub-internal-links) #4653 , elastic/kibana#172534 , can we expand [this doc's](https://www.elastic.co/guide/en/security/master/data-views-in-sec.html#_create_or_modify_a_data_view) note to more heavily indicate even CCS is not possible on the Alerts UI? * feedback Co-authored-by: Joe Peeples <[email protected]> --------- Co-authored-by: Joe Peeples <[email protected]> (cherry picked from commit 5c199b0) Co-authored-by: Stef Nestor <[email protected]>
joepeeples
pushed a commit
that referenced
this issue
Jul 17, 2024
* (Doc+) Alerts UI cannot be CCS 👋 howdy, team! Playing forward a couple ballpark Githubs (kindly see their sub-internal-links) #4653 , elastic/kibana#172534 , can we expand [this doc's](https://www.elastic.co/guide/en/security/master/data-views-in-sec.html#_create_or_modify_a_data_view) note to more heavily indicate even CCS is not possible on the Alerts UI? * feedback Co-authored-by: Joe Peeples <[email protected]> --------- Co-authored-by: Joe Peeples <[email protected]> (cherry picked from commit 5c199b0) Co-authored-by: Stef Nestor <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
We need to extend documentation about data view selection on Alerts page. Looks like we would need to add a new section here.
A user asks whether it is possible to update "Security Data View" which is used on "Alerts" page to add remote alerts’ indices. Right now, we show only
.alerts-security.alerts-defaultand customer wants to have.alerts-security.alerts-default, remote-cluster:.alerts-security.alerts-defaultindex patterns, to see alerts from remote clusters as well.UPDATED:
It is not possible to change data view for the Alerts page and the data view for the page bound to
.alerts-security.alerts-defaultindex pattern.Would be nice to add a docs note about that.
Related links / assets
No response
Which documentation set needs improvement?
ESS and serverless
Software version
This functionality was introduced in 8.0, so ideally we would add these new docs 8.0+ or any possible version starting from 8.0.
Collaborators
PM:
Designer:
Developer:
Others (if applicable):
Timeline / deliverables
If we can add these docs in 8.13 that would be awesome.
The text was updated successfully, but these errors were encountered: