Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution][Enhancement] Investigate timeline button should be available under Quick alert details fly out. #104581

Closed
ghost opened this issue Jul 7, 2021 · 8 comments
Closed

[Security Solution][Enhancement] Investigate timeline button should be available under Quick alert details fly out. #104581

ghost opened this issue Jul 7, 2021 · 8 comments
Assignees
@angorayc
Labels
enhancement New value added to drive a business result fixed QA:Validated Issue has been validated by QA Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.15.0

Comments

@ghost
Copy link

ghost commented Jul 7, 2021

Description:
[Enhancement] Investigate timeline button should be available under Quick alert details fly out.

Build Details:
Version: 7.14.0 BC1
Commit: 071a74e
Build: 42292
Artifact Page : https://staging.elastic.co/7.14.0-8eba2f5f/summary-7.14.0.html

Browser Details:
All

Preconditions:

  • Kibana Environment should exist.
  • Endpoint Security and elastic agent should be installed
  • Alerts should be generated

Steps to Reproduce:

  1. Navigate to 'Alerts' tab under Security Solutions
  2. Click on '>' View alert details icon.
  3. Observe that Alert detail fly-out is opened up and Investigate timeline button should be available under Quick alert details fly out.

Actual Result:
Investigate timeline button is not available under Quick alert details fly out.
Instead Investigate in a Timeline icon appears only on hovering at Table data.

Screen-Shot
timeline

Expected Result:
Investigate timeline button should be available under Quick alert details fly out.

What's not working:

  • NA

What's working:

  • NA
@ghost ghost added bug Fixes for quality problems that affect the customer experience enhancement New value added to drive a business result Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Jul 7, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@ghost
Copy link
Author

ghost commented Jul 7, 2021

@manishgupta-qasource Please review

@manishgupta-qasource manishgupta-qasource removed the bug Fixes for quality problems that affect the customer experience label Jul 7, 2021
@manishgupta-qasource
Copy link

Reviewed & Assigned to @MadameSheema

@ghost ghost mentioned this issue Jul 7, 2021
Closed
@MadameSheema MadameSheema added Team:Threat Hunting Security Solution Threat Hunting Team triage_needed labels Jul 7, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-threat-hunting (Team:Threat Hunting)

@MadameSheema
Copy link
Member

@XavierM @asnehalb please note that this enhancement is listed on elastic/security-team#1412 ticket, and per @MikePaquette observations this should be fixed for this release if possible, thanks :)

@MadameSheema MadameSheema removed their assignment Jul 7, 2021
@stephmilovic
Copy link
Contributor

Reviewing this as a team, and we do not have the bandwidth to add this enhancement in 7.14. For 7.15 we planned to add an "Investigate in timeline" action 👍

@angorayc angorayc self-assigned this Jul 15, 2021
@angorayc angorayc mentioned this issue Jul 15, 2021
Merged
4 tasks
@angorayc angorayc mentioned this issue Jul 26, 2021
Closed
2 tasks
@MadameSheema
Copy link
Member

@karanbirsingh-qasource @deepikakeshav-qasource as @mandeepkaur-qasource is out, can you please validate this ticket on the current 7.15BC? Thanks

@ghost
Copy link
Author

ghost commented Aug 26, 2021

Hi @MadameSheema ,

We have validated this defect on 7.15.0 BC2 and found that the issue has been fixed as "Add to Timeline Investigation" button is now available under 'Overview' tab on 'Alert Detail' flu-out.

Build Details:
Versiion: 7.15.0 BC2
Build: 43742
Commit: 113d5f2
Artifact Link: https://staging.elastic.co/7.15.0-d7816905/summary-7.15.0.html

Screen-Shot:
invest

Hence, we are closing this defect.

Thanks!!

@ghost ghost closed this as completed Aug 26, 2021
@ghost ghost added the QA:Validated Issue has been validated by QA label Aug 26, 2021
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@angorayc angorayc

Labels
enhancement New value added to drive a business result fixed QA:Validated Issue has been validated by QA Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Threat Hunting Security Solution Threat Hunting Team v7.15.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@angorayc @stephmilovic @elasticmachine @MadameSheema @manishgupta-qasource