Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] "Query Time" is not populated in Rules table for EQL or Threshold Rules #82861

Closed
peluja1012 opened this issue Nov 6, 2020 · 0 comments · Fixed by #93149
Closed

[Security Solution] "Query Time" is not populated in Rules table for EQL or Threshold Rules #82861

peluja1012 opened this issue Nov 6, 2020 · 0 comments · Fixed by #93149
Labels
bug Fixes for quality problems that affect the customer experience Feature:Detection Rules Security Solution rules and Detection Engine Feature:Threshold Rule Security Solution Threshold rule type impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@peluja1012
Copy link
Contributor

Describe the bug:
In the Monitoring tab of the Rule Management Page the Query Time column is not populated for EQL or Threshold Rules. It is properly populated for other rule types such as Custom Query and Threat Match.

Kibana/Elasticsearch Stack version:
Occurs in 7.10

Steps to reproduce:

  1. Create an EQL rule or a Threshold rule
  2. Wait for the rule to execute
  3. Navigate to the Rule Management page and click on the "Monitoring" tab

Current behavior:
Query Time column is not populated for the rule

Expected behavior:
Query Time column should be populated for the rule

Screenshots (if relevant):
image (16)
@peluja1012 peluja1012 added bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Feature:Detection Rules Security Solution rules and Detection Engine Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. labels Nov 6, 2020
@MindyRS MindyRS added the Feature:Threshold Rule Security Solution Threshold rule type label Nov 17, 2020
@rylnd rylnd assigned ecezalp and unassigned banderror Feb 25, 2021
ecezalp added a commit to ecezalp/kibana that referenced this issue Mar 1, 2021
@ecezalp
Add searchDuration to EQL and Threshold rules
8cb3d34 
Closes elastic#82861.
@ecezalp ecezalp mentioned this issue Mar 1, 2021
Merged
1 task
ecezalp added a commit that referenced this issue Mar 2, 2021
@ecezalp
Add searchDuration to EQL and Threshold rules (#93149)
819cb48 
Closes #82861.
ecezalp added a commit to ecezalp/kibana that referenced this issue Mar 2, 2021
@ecezalp
Add searchDuration to EQL and Threshold rules (elastic#93149)
125a16d 
Closes elastic#82861.
ecezalp added a commit that referenced this issue Mar 3, 2021
@ecezalp
Add searchDuration to EQL and Threshold rules (#93149) (#93330)
d420475 
Closes #82861.
ecezalp added a commit to ecezalp/kibana that referenced this issue Mar 3, 2021
@ecezalp
Add searchDuration to EQL and Threshold rules (elastic#93149)
ffc649a 
Closes elastic#82861.
ecezalp added a commit that referenced this issue Mar 3, 2021
@ecezalp
Add searchDuration to EQL and Threshold rules (#93149) (#93335)
dd8f63e 
Closes #82861.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience Feature:Detection Rules Security Solution rules and Detection Engine Feature:Threshold Rule Security Solution Threshold rule type impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add searchDuration to EQL and Threshold rules ecezalp/kibana
4 participants
@peluja1012 @MindyRS @banderror @ecezalp