Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fleet] Error when importing more than 10000 saved objects in a Fleet package #148175

Closed
Tracked by #174166
xcrzx opened this issue Dec 29, 2022 · 3 comments · Fixed by #148441
Closed
Tracked by #174166

[Fleet] Error when importing more than 10000 saved objects in a Fleet package #148175

xcrzx opened this issue Dec 29, 2022 · 3 comments · Fixed by #148441
Assignees
@xcrzx
Labels
8.7 candidate bug Fixes for quality problems that affect the customer experience Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team:Fleet Team label for Observability Data Collection Fleet team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.7.0

Comments

@xcrzx
Copy link
Contributor

xcrzx commented Dec 29, 2022
edited

For more context, see the discussion in this ticket: #137420 (comment)

Summary

If we try to install a package that contains more than 10000 saved objects, the installation fails with the following error:

Error installing security_detection_engine 8.4.1: Can't import more than 10000 objects

The max number of objects to import is controlled by the savedObjects.maxImportExportSize config option in kibana.yml. However, we should rely on something other than this setting when installing packages.

Possible solutions:

  1. Split package installation in chunks
  2. Increase the limit programmatically
@xcrzx xcrzx added Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Detection Rule Management Security Detection Rule Management Team Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules 8.7 candidate labels Dec 29, 2022
@xcrzx xcrzx self-assigned this Dec 29, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@banderror banderror mentioned this issue Dec 29, 2022
Closed
12 tasks
@banderror banderror changed the title [Security Solution] Allow importing more that 10000 saved objects in a Fleet package [Fleet] Error when importing more than 10000 saved objects in a Fleet package Dec 29, 2022
@banderror banderror added bug Fixes for quality problems that affect the customer experience impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Fleet Team label for Observability Data Collection Fleet team v8.7.0 labels Dec 29, 2022
@elasticmachine
Copy link
Contributor

Pinging @elastic/fleet (Team:Fleet)

@xcrzx xcrzx mentioned this issue Jan 5, 2023
Merged
@banderror banderror mentioned this issue Jan 5, 2023
Closed
xcrzx added a commit that referenced this issue Jan 13, 2023
@xcrzx
Increase the maximum number of saved objects that could be installed …
47d1a0e 
…with a Fleet package (#148441)

**Resolves: #148175
@banderror banderror mentioned this issue Jan 3, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xcrzx xcrzx

Labels
8.7 candidate bug Fixes for quality problems that affect the customer experience Feature:Prebuilt Detection Rules Security Solution Prebuilt Detection Rules impact:high Addressing this issue will have a high level of impact on the quality/strength of our product. Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team:Fleet Team label for Observability Data Collection Fleet team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. v8.7.0
Projects
None yet
Milestone
No milestone
3 participants
@xcrzx @banderror @elasticmachine