Update security solution generic timeline templates

[brokensound77]

Summary

Updated the 3 existing Generic timeline templates within the security solution to be a bit more restrictive.

Expand to see the modifications per template

endpoint

before:

after:

network

before:

after:

process

before:

after:

For maintainers

• This was checked for breaking API changes and was labeled appropriately

[paulewing]

@brokensound77 Looks good. Only feedback would be to adjust the network template to source.ip:{source.ip} AND destination.ip:{destination.ip}. Currently the logic is an OR (likely not intended).

[brokensound77]

@brokensound77 Looks good. Only feedback would be to adjust the network template to source.ip:{source.ip} AND destination.ip:{destination.ip}. Currently the logic is an OR (likely not intended).

Thanks @paulewing, just pushed the update

[bm11100]

Templated fields match what was discussed with PM. LGTM.

[kibanamachine]

💚 Build Succeeded

• continuous-integration/kibana-ci/pull-request
• Commit: 8760296

Metrics [docs]

✅ unchanged

History

• 💛 Build #100916 was flaky 7a53c4e

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

[kibanamachine]

Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync.

[kibanamachine]

Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync.

[kibanamachine]

Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync.

[kibanamachine]

Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync.