Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Alerting] Expose access to Saved Object References array #85173

Closed
spong opened this issue Dec 7, 2020 · 3 comments
Closed

[Alerting] Expose access to Saved Object References array #85173

spong opened this issue Dec 7, 2020 · 3 comments
Labels
Feature:Alerting Feature:Detection Rules Security Solution rules and Detection Engine Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)

Comments

@spong
Copy link
Member

spong commented Dec 7, 2020

In discussing ways to resolve data integrity issues between Detection Rules and Exception Lists the best path forward seems to be leveraging the existing Saved Object References array, however this isn't currently exposed to those building on top of Alerting SO's. As a workaround, we've been storing our references within AlertParams, which is not searchable, and makes linking back to Rules slow (table scan) unless a back-reference is stored.
@spong spong added Feature:Alerting Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Detection Rules Security Solution rules and Detection Engine labels Dec 7, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-alerting-services (Team:Alerting Services)

This was referenced Dec 7, 2020
Open
Open
@mikecote mikecote mentioned this issue Jan 12, 2021
Closed
@mikecote
Copy link
Contributor

Relates to: #87992

@mikecote
Copy link
Contributor

mikecote commented Feb 5, 2021

I noticed we have two issues that will result in the same functionality. I'm going to close this issue in favour of #87992 and move @spong's description to a comment in the other issue.

@mikecote mikecote closed this as completed Feb 5, 2021
@spong spong mentioned this issue May 28, 2021
Closed
8 tasks
@spong spong mentioned this issue Jun 10, 2021
Closed
@kobelb kobelb added the needs-team Issues missing a team label label Jan 31, 2022
@botelastic botelastic bot removed the needs-team Issues missing a team label label Jan 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature:Alerting Feature:Detection Rules Security Solution rules and Detection Engine Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kobelb @spong @mikecote @elasticmachine