Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 24 additions & 0 deletions release-notes/elastic-security/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,30 @@ To check for security updates, go to [Security announcements for the Elastic sta

% *

## 9.1.5 [elastic-security-9.1.5-release-notes]

### Features and enhancements [elastic-security-9.1.5-features-enhancements]
* Adds `customized_fields` and `has_base_version` fields to the internal rule schema [#235394]({{kib-pull}}235394).

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please remove this item from the notes - the PR was incorrectly marked as an enhancement. This change is not user-facing and is a technical preparatory work for the actual enhancement implemented in elastic/kibana#234793 which didn't make it to v9.1.5.

* Adds an {{elastic-defend}} option to remediate orphaned state by attempting to start Elastic Agent service.
* Increases the throughput of {{elastic-defend}} Logstash connections by increasing the maximum size it can upload at once.
* Improves reliability and accuracy of reporting of the {{elastic-defend}}'s {{es}} connection.

### Fixes [elastic-security-9.1.5-fixes]
* Fixes browser fields caching to use the `dataView` ID instead of the index pattern [#234381]({{kib-pull}}234381).
* Removes `null` in confirmation dialog when bulk editing index patterns for rules [#236572]({{kib-pull}}236572).
* Fixes the URL passed to detection rule actions via the `{{context.results_link}}` placeholder [#236067]({{kib-pull}}236067).
* Fixes system prompt updates from the Conversations tab in AI Assistant [#234812]({{kib-pull}}234812).
* Fixes an issue in the Highlighted fields table in the alert details flyout [#234222]({{kib-pull}}234222).
* Fixes an issue in rule exceptions to include the `matches` operator only for supported fields [#233127]({{kib-pull}}233127).
* Adds support in {{elastic-defend}} for installing eBPF event probes on Linux endpoints when cgroup2 is mounted in a non-standard location or not mounted at all.
* Adds support in {{elastic-defend}} for installing eBPF probes on Linux endpoints when taskstats is compiled out of the kernel.
* Fixes an issue in {{elastic-defend}} where Linux network events could have source and destination bytes swapped.
* Removes `.process.thread.capabilities.permitted` and `.process.thread.capabilities.effective` from Linux network events in {{elastic-defend}}.
* Fixes an issue in {{elastic-defend}} where host isolation could auto-release incorrectly. Host isolation now only releases when {{elastic-endpoint}} becomes orphaned. Intermittent {{elastic-agent}} connectivity changes no longer alter the host isolation state.
* Fixes an issue where {{elastic-defend}} would incorrectly calculate throughput capacity when sending documents to output. This may have limited event throughput on extremely busy endpoints.
* Fixes an issue in {{elastic-defend}} installation logging where only the first character of install paths (usually 'C') would be logged.


## 9.1.4 [elastic-security-9.1.4-release-notes]

### Features and enhancements [elastic-security-9.1.4-features-enhancements]
Expand Down
8 changes: 6 additions & 2 deletions release-notes/elastic-security/known-issues.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ Known issues are significant defects or limitations that may impact your impleme
% :::


:::{dropdown} Filters may not apply correctly on the Alerts page
::::{dropdown} Filters may not apply correctly on the Alerts page
Applies to: 9.1.0, 9.1.1, 9.1.2, and 9.1.3

**Impact**
Expand All @@ -36,7 +36,11 @@ You can turn off the {{kib}} `courier:ignoreFilterIfFieldNotInIndex` [advanced s
Ensure you give any users who will need access to the new space the appropriate permissions.
:::

:::
**Resolved**<br>

Resolved in {{stack}} 9.1.4

::::

:::{dropdown} The {{elastic-agent}} Docker image is not available at `docker.elastic.co/beats/elastic-agent:9.0.0`

Expand Down
Loading