Acknowledgements
Describe the bug
Since the 11.2.7 release SOC AI rarely closes alerts. Instead, it's adding a comment similar to "The user admin changed alert status from Open to Completed " to the alert history, but leaving the alert open.
Regression Issue
Expected Behavior
Expected behavior is for the alert status to be changed to completed.
Current Behavior
The alert status remains open, and a note stating it was marked as completed is added to alert history.
Reproduction Steps
Run UTMStack with the SOC AI feature enabled.
Possible Solution
This could be solved by reverting to previous release behavior.
Additional Information/Context
No response
UTMStack Version
11.2.7
Operating System and version
Ubuntu 24.04.3
Hypervisor and Version | Server Vendor and Model
XCP-NG | Dell PowerEdge R740
Browser and version
MS Edge147.0.3912.72
Acknowledgements
Describe the bug
Since the 11.2.7 release SOC AI rarely closes alerts. Instead, it's adding a comment similar to "The user admin changed alert status from Open to Completed " to the alert history, but leaving the alert open.
Regression Issue
Expected Behavior
Expected behavior is for the alert status to be changed to completed.
Current Behavior
The alert status remains open, and a note stating it was marked as completed is added to alert history.
Reproduction Steps
Run UTMStack with the SOC AI feature enabled.
Possible Solution
This could be solved by reverting to previous release behavior.
Additional Information/Context
No response
UTMStack Version
11.2.7
Operating System and version
Ubuntu 24.04.3
Hypervisor and Version | Server Vendor and Model
XCP-NG | Dell PowerEdge R740
Browser and version
MS Edge147.0.3912.72