[DOCS] Response console UI for endpoint actions #2289
Conversation
joepeeples
added
Team: Docs
Team: EDR Workflows
- Add licensing, user role note - Add Help panel - Add associated images
joepeeples
requested review from
benironside,
caitlinbetz,
jmikell821,
kevinlog,
nastasha-solomon and
paul-tavares
nastasha-solomon
left a comment
nastasha-solomon
left a comment
There was a problem hiding this comment.
Superb job on these docs, @joepeeples ! I really don't have much to add and the corrections are really minor -- and some are suggestions, not fixes. Let me know if you need another review after you incorporate Kevin/Caitlin's feedback. Otherwise, LGTM!
| NOTE: Some response actions may take a few seconds to complete. Once you enter a command, you can immediately enter another command while the previous action is running. | ||
|
|
||
| Activity in the response console is persistent, so you can navigate away from the page and any pending actions you've submitted will continue to run. To confirm that an action completed, return to the response console to view the console output or check the <<actions-log,actions log>>. | ||
|
|
There was a problem hiding this comment.
Do you need a [[discrete]] tag here?
There was a problem hiding this comment.
Maybe? But the preview isn't breaking into a new topic/page on this heading, so it seems to be working OK without it. And when I tried adding it, I got a bunch of errors. So maybe it's OK without the tag?
Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com>
|
Hi @joepeeples, We have tested the updated docs and found the exceptions in the behavior are not mentioned anywhere in the docs For Example, the endpoint version, the offline agents, and the enrolled agents will have different behavior on the UI. The notes are missing for the same. We will retest this doc once it is fixed. Thanks! |
@caitlinbetz For future-proofing this content, should we say the Agent needs to be "8.4 or higher"? Or just that the endpoint's Agent version should match the Stack version? (I went with the former in the draft I just pushed, but can adjust as needed.) |
Hi @muskangulati-qasource, this information should be in the draft now. Please review again to confirm. Thanks! |
|
Hi @joepeeples, Thank you for all the updates. We have revalidated the Kibana documentation with reference to this PR and found the docs are successfully updated. Hence, we are marking this ticket as 'QA:Validated'. Thank you!! |
muskangulati-qasource
added
QA:Validated
jmikell821
left a comment
jmikell821
left a comment
There was a problem hiding this comment.
Just some slight comments, but overall this looks great! The response action examples were especially useful.
Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com>
* Tidy up Endpoints page, add new options * Rename "activity log" to "actions log" * Add link to new response actions page * Fix link * Rename top-level "Manage" section * Update actions log screenshot * Initial content for response console topic * Add commands, params, actions log * Update troubleshooting with new names * Add response console to "Host isolation" topic * Update response actions topic - Add licensing, user role note - Add Help panel - Add associated images * Update endpoint details flyout screenshot * Fix headings, move image, etc * Minor edit * Update docs/management/admin/response-actions.asciidoc * Expand Tip about PIDs and entity IDs * Apply suggestions from code review Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> * Add link from alert management to response actions * Add info request in review * Update host isolation supported Linux versions * Apply suggestions from Janeen's review Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> (cherry picked from commit 7cb59d2)
* Tidy up Endpoints page, add new options * Rename "activity log" to "actions log" * Add link to new response actions page * Fix link * Rename top-level "Manage" section * Update actions log screenshot * Initial content for response console topic * Add commands, params, actions log * Update troubleshooting with new names * Add response console to "Host isolation" topic * Update response actions topic - Add licensing, user role note - Add Help panel - Add associated images * Update endpoint details flyout screenshot * Fix headings, move image, etc * Minor edit * Update docs/management/admin/response-actions.asciidoc * Expand Tip about PIDs and entity IDs * Apply suggestions from code review Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> * Add link from alert management to response actions * Add info request in review * Update host isolation supported Linux versions * Apply suggestions from Janeen's review Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com> Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> (cherry picked from commit 7cb59d2) Co-authored-by: Joe Peeples <joe.peeples@elastic.co>
Resolves #2211.
Previews: