Update Timeline Template README.md #95814
Conversation
Update to xpack.securitySolution.signalsIndex
|
Pinging @elastic/kibana-docs (Team:Docs) |
Added some clarification to create the `.siem-signals-elastic-default` index or the `hard_reset` will error.
|
Is there anything I need to do for this? |
|
@peasead apologies for the delayed response. Would you mind sharing where you're seeing this issue in our Security docs? I searched our docs for "xpack.security_solution.signalsIndex", "kibana.dev.yml", and variations of both but was unable to find mentions of either. |
|
This is where I saw that. Is that improper? I noticed when I was trying to make a Timeline Template PR. |
|
@peasead ah ok. The readme that you shared looks like internal documentation for devs--I thought you were referring to these public-facing docs (which is what @jmikell821 and I maintain): |
|
@nastasha-solomon do you know what group I need to ping to get the right visibility on this? |
| @@ -35,7 +35,7 @@ source ~/.zshrc | |||
| Open your `kibana.dev.yml` file and add these lines: | |||
|
|
|||
| ```sh | |||
| xpack.security_solution.signalsIndex: .siem-signals-${your user id} | |||
| xpack.securitySolution.signalsIndex: .siem-signals-${your user id} | |||
There was a problem hiding this comment.
Thanks for catching and updating this @peasead! 👍
| @@ -46,6 +46,8 @@ server log [22:05:22.277] [info][status][plugin:alerting@8.0.0] Status changed f | |||
| server log [22:05:22.270] [info][status][plugin:actions@8.0.0] Status changed from uninitialized to green - Ready | |||
| ``` | |||
|
|
|||
| Go into Kibana and load the default detection rules or manually create the `.siem-signals-elastic-default` index. | |||
There was a problem hiding this comment.
Is this necessary? The following step of running the hard_reset.sh script will manage creating the signals index.
|
Is this documentation update waiting on anything from me? |
I think just the feedback around the extra step. I went ahead and updated, so this should be g2g. Approving and setting to auto-merge then. Thanks again for catching and updating this @peasead! 🙂 |
kibanamachine
added
the
backport missing
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
1 similar comment
|
Friendly reminder: Looks like this PR hasn’t been backported yet. |
spong
added
the
auto-backport
## Summary `xpack.security_solution.signalsIndex` is listed to be added to `kibana.dev.yml`, however that generates: ``` FATAL Error: Unknown configuration key(s): "xpack.security_solution.signalsIndex". \ Check for spelling errors and ensure that expected plugins are installed. ``` I think this should be `xpack.securitySolution.signalsIndex` This is for the steps to create a timeline template. ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
💚 Backport successful
This backport PR will be merged automatically after passing CI. |
kibanamachine
removed
the
backport missing
## Summary `xpack.security_solution.signalsIndex` is listed to be added to `kibana.dev.yml`, however that generates: ``` FATAL Error: Unknown configuration key(s): "xpack.security_solution.signalsIndex". \ Check for spelling errors and ensure that expected plugins are installed. ``` I think this should be `xpack.securitySolution.signalsIndex` This is for the steps to create a timeline template. ### Checklist Delete any items that are not applicable to this PR. - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) Co-authored-by: Andrew Pease <7442091+peasead@users.noreply.github.com>
Summary
xpack.security_solution.signalsIndexis listed to be added tokibana.dev.yml, however that generates:I think this should be
xpack.securitySolution.signalsIndexThis is for the steps to create a timeline template.
Checklist
Delete any items that are not applicable to this PR.
For maintainers