Skip to content

[Internal]: Persist and View Historical AD Discoveries #1939

New issue
New issue
Open
Open
[Internal]: Persist and View Historical AD Discoveries#1939
Assignees
natasha-moore-elastic
Labels
Team:ExperienceIssues owned by the Experience Docs Team
@dhru42

Description

@dhru42
dhru42
opened on Jun 26, 2025

Description

What

Document new functionality in Attack Discovery that allows users to:

  1. Manually persist/save attack discoveries on demand.
  2. View a historical list of saved discoveries via the UI.

Key Notes

  • Discoveries are saved automatically.
  • Once saved, discoveries are available for later review, reporting, and tracking over time.

Why

To inform users of the new ability to persist and revisit attack discoveries. This enables tracking over time, audit trails, and enhanced reporting.

Resources

Epic: https://github.com/elastic/security-team/issues/9489
PR: elastic/kibana#218906
elastic/kibana#225029

UX Design
Final mocks

Click through

Which documentation set does this change impact?

Elastic On-Prem and Cloud (all)

Feature differences

n/a

What release is this request related to?

8.19 and 9.1

Serverless release

tbd

Collaboration model

The documentation team

Point of contact.

Main contact: @dhru42 @andrew-goldstein

Stakeholders: @jamesspi

Metadata

Metadata

Assignees

Labels

Team:ExperienceIssues owned by the Experience Docs Team

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions