Skip to content

[DOCS] Alert counts added to Entity pages #2525

New issue
New issue
Closed
#2576
Closed
[DOCS] Alert counts added to Entity pages#2525
#2576
Assignees
jmikell821
Labels
Feature: Entity AnalyticsFeatures or enhancements for any of the Entity pagesTeam: Threat HuntingFormerly Data Visibilityv8.5.0
@jmikell821

Description

@jmikell821
jmikell821
opened on Sep 30, 2022

Related docs meta: #2477
PR: https://github.com/elastic/security-team/issues/4162
Dev: Kristof-Pierre C., Explore team

Affects Host, Network, and User details pages

  • Removes the Unique IP KPI from the Host details page

On all detail pages:

  • Place this component (AlertCountByRuleByStatus) next to AlertByStatus component
  • Click the View Alerts button on the AlertByStatus component will open up a timeline filtered by the current host and an additional field: event.type: signal

The left component (Alert By Status) will be titled Alerts by Severity. The new component on the right will be titled Alerts by rule.

Global filters should apply to both components.

2022-09-30_16-40-49

NOTE: If a user does not have Alert permissions, the card won't display.

Metadata

Metadata

Assignees

Labels

Feature: Entity AnalyticsFeatures or enhancements for any of the Entity pagesTeam: Threat HuntingFormerly Data Visibilityv8.5.0

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions