Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Office365 view presents incorrect value for max event level #4355

Closed
sempervictus opened this issue Jul 24, 2022 · 5 comments · Fixed by #4508
Closed

Office365 view presents incorrect value for max event level #4355

sempervictus opened this issue Jul 24, 2022 · 5 comments · Fixed by #4508
Assignees
Labels
type/bug Bug issue

Comments

@sempervictus
Copy link

Wazuh Elastic Rev Security
4.3.6 7.10.2 4xxx Basic
Browser
all

Description
Max rule level value seems to be inverted (min).
image

@sempervictus sempervictus added the type/bug Bug issue label Jul 24, 2022
@AlexRuiz7
Copy link
Member

Hello @sempervictus

Thanks for using Wazuh and reporting this bug with us.

We'll further investigate this and fix it as soon as possible.

Best regards,
Alex

@AlexRuiz7 AlexRuiz7 moved this to Triage in Release 4.4.0 Jul 25, 2022
@gdiazlo gdiazlo moved this from Triage to Todo in Release 4.4.0 Aug 29, 2022
@vikman90 vikman90 added this to the Release 4.4.0 milestone Aug 31, 2022
@Tostti Tostti moved this from Todo to In Progress in Release 4.4.0 Sep 12, 2022
@Tostti
Copy link
Member

Tostti commented Sep 13, 2022

I have been investigating this issue.
The problem is due to an incorrect term in the aggregation of office / Max Rule Level on the file components/overview/metrics/metrics.tsx. I will proceed to fix it

@Tostti
Copy link
Member

Tostti commented Sep 13, 2022

The issue was that the aggregation was using the timestamp term instead of rule.level.

Before the changes
image

After the changes
image

@sempervictus
Copy link
Author

Awesome, thank you for hunting that down.

@Tostti Tostti moved this from In Progress to In Review in Release 4.4.0 Sep 13, 2022
@Tostti
Copy link
Member

Tostti commented Sep 14, 2022

Closing after merge of #4508
Backports was merged too.

@Tostti Tostti closed this as completed Sep 14, 2022
Repository owner moved this from In Review to Done in Release 4.4.0 Sep 14, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type/bug Bug issue
Projects
No open projects
Status: Done
Development

Successfully merging a pull request may close this issue.

6 participants