Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ES query returning no records for d-rule alerts #102160

Merged
merged 1 commit into from
Jun 16, 2021
Merged

ES query returning no records for d-rule alerts #102160

merged 1 commit into from
Jun 16, 2021

Conversation

pjhampton
Copy link
Contributor

Summary

There are no detection alerts showing up in the security telemetry feeds.
It seems that there was a bad query configuration that was not captured by the tests based on how mocks were set up.

-     size: 0,      
+     size: MAX_RESULTS_WINDOW,

We are going to deploy this out in the next minor release.

@pjhampton pjhampton added v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.14.0 auto-backport Deprecated - use backport:version if exact versions are needed v7.13.3 labels Jun 15, 2021
@pjhampton pjhampton self-assigned this Jun 15, 2021
@pjhampton pjhampton requested a review from a team as a code owner June 15, 2021 08:14
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

✅ unchanged

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @pjhampton

spong
spong approved these changes Jun 15, 2021
View reviewed changes
Copy link
Member

@spong spong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! 👍

@pjhampton pjhampton merged commit 4cd073f into master Jun 16, 2021
@kibanamachine
Copy link
Contributor

💔 Backport failed

Status Branch Result
7.13 Commit could not be cherrypicked due to conflicts
7.x Commit could not be cherrypicked due to conflicts

To backport manually run:
node scripts/backport --pr 102160

This was referenced Jun 16, 2021
Merged
Closed
@pjhampton
Copy link
Contributor Author

The failed backports were manually fixed 👍

pjhampton added a commit that referenced this pull request Jun 16, 2021
@pjhampton
Bug: ES query returning no records for d-rule alerts. (#102160) (#102347
df34b1b 
)

# Conflicts:
#	x-pack/plugins/security_solution/server/usage/detections/detection_rule_helpers.ts
@kibanamachine
Copy link
Contributor

Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync.

@kibanamachine kibanamachine added the backport missing Added to PRs automatically when the are determined to be missing a backport. label Jun 18, 2021
@pjhampton pjhampton mentioned this pull request Jun 18, 2021
Merged
@kibanamachine kibanamachine removed the backport missing Added to PRs automatically when the are determined to be missing a backport. label Jun 21, 2021
@pjhampton pjhampton mentioned this pull request Nov 18, 2021
Closed
1 task
@spalger spalger deleted the pjhampton/fix-result-size-alerts branch May 8, 2022 22:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@spong spong spong approved these changes

Assignees

@pjhampton pjhampton

Labels
auto-backport Deprecated - use backport:version if exact versions are needed release_note:skip Skip the PR/issue when compiling release notes v7.13.3 v7.14.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@pjhampton @kibanamachine @spong