Skip to content

Add cold and frozen tier filters to ML integration transforms #16995

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sodhikirti07 merged 6 commits into from
Jan 21, 2026
Merged

Add cold and frozen tier filters to ML integration transforms #16995

sodhikirti07 merged 6 commits into from
Jan 21, 2026

Conversation

@sodhikirti07
Copy link
Contributor

@sodhikirti07 sodhikirti07 commented Jan 19, 2026
edited
Loading

Proposed commit message

Added a filter to exclude data from cold and frozen tiers

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

  • Updated transform queries to exclude data from cold and frozen tiers
  • Updated manifest and changelog

How to test this PR locally

  • Tested this using ITP
  • Manually checked the transform for filter in all packages
image

Related issues

Screenshots

@sodhikirti07 sodhikirti07 requested a review from a team as a code owner January 19, 2026 16:21
@sodhikirti07 sodhikirti07 added Integration:lmd Lateral Movement Detection bugfix Pull request that fixes a bug issue Integration:beaconing Network Beaconing Identification Integration:ded Data Exfiltration Detection Team:Security-Applied ML Elastic Security Protections Machine Learning (ML) team [elastic/sec-applied-ml] Integration:pad Privileged Access Detection labels Jan 19, 2026
@elasticmachine
Copy link

elasticmachine commented Jan 19, 2026

Pinging @elastic/sec-applied-ml (Team:Security-Applied ML)

@susan-shu-c susan-shu-c mentioned this pull request Jan 20, 2026
Closed
5 tasks
susan-shu-c
susan-shu-c approved these changes Jan 20, 2026
View reviewed changes
Copy link
Member

@susan-shu-c susan-shu-c left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks Kirti! Noting what we discussed that the changes in #17010 will be added before merging

@sodhikirti07 sodhikirti07 requested a review from a team January 20, 2026 15:29
@sodhikirti07
Copy link
Contributor Author

sodhikirti07 commented Jan 20, 2026

@elastic/kibana-management Could you approve the changes for the transforms? I know @susan-shu-c has a PR up which will add the team as code owners as well.

@jmcarlock
Copy link
Contributor

jmcarlock commented Jan 20, 2026

LGTM!

@elasticmachine
Copy link

elasticmachine commented Jan 20, 2026

💚 Build Succeeded

History

kapral18
kapral18 approved these changes Jan 21, 2026
View reviewed changes
Copy link

@kapral18 kapral18 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested changes using elastic/elastic-package

LGTM thanks

@sodhikirti07 sodhikirti07 merged commit 82775f3 into main Jan 21, 2026
8 checks passed
@sodhikirti07 sodhikirti07 deleted the add-tier-filter-to-transforms branch January 21, 2026 23:20
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Jan 21, 2026

Package beaconing - 1.5.0 containing this change is available at https://epr.elastic.co/package/beaconing/1.5.0/

@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Jan 21, 2026

Package ded - 2.4.0 containing this change is available at https://epr.elastic.co/package/ded/2.4.0/

@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Jan 21, 2026

Package lmd - 2.6.0 containing this change is available at https://epr.elastic.co/package/lmd/2.6.0/

@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Jan 21, 2026

Package pad - 1.1.0 containing this change is available at https://epr.elastic.co/package/pad/1.1.0/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kapral18 kapral18 kapral18 approved these changes

@jmcarlock jmcarlock jmcarlock approved these changes

@susan-shu-c susan-shu-c susan-shu-c approved these changes

Assignees

No one assigned

Labels

bugfix Pull request that fixes a bug issue Integration:beaconing Network Beaconing Identification Integration:ded Data Exfiltration Detection Integration:lmd Lateral Movement Detection Integration:pad Privileged Access Detection Team:Security-Applied ML Elastic Security Protections Machine Learning (ML) team [elastic/sec-applied-ml]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@sodhikirti07 @elasticmachine @jmcarlock @kapral18 @susan-shu-c