Documents how to change the default security index #4695
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
A documentation preview will be available soon.
Request a new doc build by commenting
If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here. |
|
@benironside sorry, I did not really clarify well what docs we want to add. I updated the original ticket and added UPDATED section there:
Let me know if you have questions about it. |
e40pud
previously approved these changes
Jan 30, 2024
|
|
||
| image::images/dataview-filter-example.gif[video showing how to filter the active data view] | ||
|
|
||
| This only allows you to add index patterns that match indices that currently contain data (other index patterns are unavailable). Note that any changes made are saved in the current browser window and won't persist if you open a new tab. | ||
|
|
||
| To permanently modify a {data-source}, delete an existing {data-source} or create a new one, you need the required permissions. | ||
| To learn more, refer to {apm-app-ref}/data-views.html[{kib} {data-sources-cap}]. | ||
| NOTE: You cannot update the data view for the Alerts page. It always shows data from `.alerts-security.alerts-default`. |
There was a problem hiding this comment.
@e40pud can we tweak the UI copy so it aligns with this note? The current copy could be interpreted as: you must go elsewhere to update the data view for the Alerts page.
If it's still possible to change the copy, I'd suggest this:
You can't modify the data view for the Alerts page.
If that version is too blunt and overly formal, here's a slightly softer version:
This page's data view can't be adjusted.
There was a problem hiding this comment.
It is not bound to Alerts page only. Same happens on rule details page. Also, there is another similar message that we show on the timeline. So, general message looks better to me.
Screen.Recording.2024-01-31.at.16.47.22.mov
There was a problem hiding this comment.
Ah, interesting. Thanks for pointing out these other areas @e40pud -- I wasn't aware of them. Would it be ok if we continued this conversation in https://github.com/elastic/security-docs/issues/4718 so that we're not blocking this doc issue from being closed and merged?
Co-authored-by: Nastasha Solomon <[email protected]>
Co-authored-by: Nastasha Solomon <[email protected]>
This was referenced Jan 31, 2024
benironside
added a commit
that referenced
this pull request
Jan 31, 2024
* First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
mergify bot
pushed a commit
that referenced
this pull request
Jan 31, 2024
* First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8)
benironside
added a commit
that referenced
this pull request
Jan 31, 2024
* First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Jan 31, 2024
) (#4731) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Jan 31, 2024
) (#4726) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Jan 31, 2024
…4695) (#4721) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Feb 1, 2024
) (#4730) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Feb 1, 2024
) (#4729) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Feb 1, 2024
) (#4722) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Feb 1, 2024
) (#4728) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Feb 1, 2024
) (#4727) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Feb 1, 2024
) (#4725) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Feb 1, 2024
) (#4724) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
benironside
added a commit
that referenced
this pull request
Feb 1, 2024
) (#4723) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit 225f3c8) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
joepeeples
added a commit
that referenced
this pull request
Jul 17, 2024
Serverless follow up to #4695
mergify bot
pushed a commit
that referenced
this pull request
Jul 19, 2024
* Add admonition to serverless Serverless follow up to #5513 * Update serverless to match ESS Serverless follow up to #4695 * Fix URL variable/attribute Should use `kibana-ref` instead of apm-app-ref since this has nothing to do with APM * No-op change to trigger build (i hope) (cherry picked from commit 9e7d734) # Conflicts: # docs/serverless/explore/data-views-in-sec.mdx
mergify bot
pushed a commit
that referenced
this pull request
Jul 19, 2024
* Add admonition to serverless Serverless follow up to #5513 * Update serverless to match ESS Serverless follow up to #4695 * Fix URL variable/attribute Should use `kibana-ref` instead of apm-app-ref since this has nothing to do with APM * No-op change to trigger build (i hope) (cherry picked from commit 9e7d734) # Conflicts: # docs/serverless/explore/data-views-in-sec.mdx
joepeeples
added a commit
that referenced
this pull request
Jul 19, 2024
…kport #5582) (#5586) * (Doc+) Alerts UI cannot be CCS [serverless] + bonus fixes (#5582) * Add admonition to serverless Serverless follow up to #5513 * Update serverless to match ESS Serverless follow up to #4695 * Fix URL variable/attribute Should use `kibana-ref` instead of apm-app-ref since this has nothing to do with APM * No-op change to trigger build (i hope) (cherry picked from commit 9e7d734) # Conflicts: # docs/serverless/explore/data-views-in-sec.mdx * Delete docs/serverless directory and its contents --------- Co-authored-by: Joe Peeples <[email protected]> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
joepeeples
added a commit
that referenced
this pull request
Jul 19, 2024
…kport #5582) (#5585) * (Doc+) Alerts UI cannot be CCS [serverless] + bonus fixes (#5582) * Add admonition to serverless Serverless follow up to #5513 * Update serverless to match ESS Serverless follow up to #4695 * Fix URL variable/attribute Should use `kibana-ref` instead of apm-app-ref since this has nothing to do with APM * No-op change to trigger build (i hope) (cherry picked from commit 9e7d734) # Conflicts: # docs/serverless/explore/data-views-in-sec.mdx * Delete docs/serverless directory and its contents --------- Co-authored-by: Joe Peeples <[email protected]> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
acorretti
pushed a commit
that referenced
this pull request
Nov 19, 2024
) (#4729) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit eb7373e) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
acorretti
pushed a commit
that referenced
this pull request
Nov 19, 2024
) (#4727) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit eb7373e) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
acorretti
pushed a commit
that referenced
this pull request
Nov 19, 2024
) (#4730) * Documents how to change the default security index (#4695) * First draft * incorporates feedback * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> * Update docs/getting-started/data-views-in-sec.asciidoc Co-authored-by: Nastasha Solomon <[email protected]> --------- Co-authored-by: Nastasha Solomon <[email protected]> (cherry picked from commit eb7373e) # Conflicts: # docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc * Update docs/getting-started/data-views-in-sec.asciidoc --------- Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
First pass at fixing #4653.
@e40pud please let me know what you think, if we should add any more info and if this addresses the need. Thanks!