-
Notifications
You must be signed in to change notification settings - Fork 190
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Edit max_signals
field for custom rules in UI [classic]
#5106
Conversation
A documentation preview will be available soon. Request a new doc build by commenting
If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here. |
max_signals
field for custom rules in UI [classic]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggested some changes in a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This lines up correctly with the logic we have implemented, thanks @joepeeples!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks awesome! 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This comment was marked as resolved.
This comment was marked as resolved.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
* First draft * Update docs/detections/rules-ui-create.asciidoc * Revise note (in API docs too) * Update ESQL rule steps per https://github.com/elastic/staging-serverless-security-docs/pull/340#issuecomment-2103001892 * Revise alert suppression refs to max_signals * Explain max_signals = Max alerts per run * Add updates to "update rule" API too (cherry picked from commit 3bdfc22)
) * First draft * Update docs/detections/rules-ui-create.asciidoc * Revise note (in API docs too) * Update ESQL rule steps per https://github.com/elastic/staging-serverless-security-docs/pull/340#issuecomment-2103001892 * Revise alert suppression refs to max_signals * Explain max_signals = Max alerts per run * Add updates to "update rule" API too (cherry picked from commit 3bdfc22) Co-authored-by: Joe Peeples <joe.peeples@elastic.co>
Important
Do not merge to
main
until after 8.14.0 release, maybe until 8.15 feature freeze. This is to avoid adding 8.15 features into previous versions' branches (since those branches would be cut frommain
).Contributes to #5029.
Preview
Twin PR for serverless