[ESS][8.18] Editing, exporting, and importing prebuilt rules #6563
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nastasha-solomon
added
Team: Detection Engine
Priority: High
|
A documentation preview will be available soon. Request a new doc build by commenting
If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here. |
nastasha-solomon
added
Team: Detections/Response
nastasha-solomon
requested review from
banderror,
nikitaindik,
approksiu and
dplumlee
nikitaindik
reviewed
Mar 6, 2025
nikitaindik
reviewed
Mar 6, 2025
approksiu
reviewed
Mar 7, 2025
approksiu
approved these changes
Mar 17, 2025
14 tasks
banderror
reviewed
Mar 20, 2025
There was a problem hiding this comment.
@nastasha-solomon Thank you, a few suggestions and comments that I think we should address in this PR.
Co-authored-by: Georgii Gorbachev <[email protected]>
banderror
approved these changes
Mar 24, 2025
natasha-moore-elastic
approved these changes
Mar 24, 2025
mergify bot
pushed a commit
that referenced
this pull request
Mar 24, 2025
* First draft * Defined missing bulk actions * Formatting and org fixes * Minor change to tip about modified prebuilt rules * possession! * Incorporate feedback from first round of reviews. * Cleanup * Adds note about imported rules without base verions * Merge branch 'issue-5061-import-export-modify' of github.com:elastic/security-docs into issue-5061-import-export-modify * Edits * Update docs/detections/rules-ui-manage.asciidoc * Update docs/detections/rules-ui-manage.asciidoc * Update docs/detections/rules-ui-manage.asciidoc * Update docs/detections/rules-ui-manage.asciidoc Co-authored-by: Georgii Gorbachev <[email protected]> * Georgii's feedback pt.1 * Update docs/detections/rules-ui-manage.asciidoc * Update docs/detections/rules-ui-manage.asciidoc --------- Co-authored-by: Georgii Gorbachev <[email protected]> (cherry picked from commit ed51c36)
nastasha-solomon
added a commit
to elastic/docs-content
that referenced
this pull request
Mar 24, 2025
…893) Partially addresses elastic/security-docs#5061 by providing docs for editing, exporting, and importing prebuilt rules (customized and non-customized). See twin 8.18 PR (elastic/security-docs#6563) for a breakdown of changes. Previews: - [Modify existing rules settings](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/893/solutions/security/detect-and-alert/manage-detection-rules#edit-rules-settings) - [Export and import rules](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/893/solutions/security/detect-and-alert/manage-detection-rules#import-export-rules-ui)
nastasha-solomon
added a commit
that referenced
this pull request
Mar 24, 2025
…6660) * First draft * Defined missing bulk actions * Formatting and org fixes * Minor change to tip about modified prebuilt rules * possession! * Incorporate feedback from first round of reviews. * Cleanup * Adds note about imported rules without base verions * Merge branch 'issue-5061-import-export-modify' of github.com:elastic/security-docs into issue-5061-import-export-modify * Edits * Update docs/detections/rules-ui-manage.asciidoc * Update docs/detections/rules-ui-manage.asciidoc * Update docs/detections/rules-ui-manage.asciidoc * Update docs/detections/rules-ui-manage.asciidoc Co-authored-by: Georgii Gorbachev <[email protected]> * Georgii's feedback pt.1 * Update docs/detections/rules-ui-manage.asciidoc * Update docs/detections/rules-ui-manage.asciidoc --------- Co-authored-by: Georgii Gorbachev <[email protected]> (cherry picked from commit ed51c36) Co-authored-by: Nastasha Solomon <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Partially addresses #5061 by providing docs for editing, exporting, and importing prebuilt rules (customized and non-customized). Docs for updating customized prebuilt rules are at #6568.
Twin 9.0 and Serverless PR: elastic/docs-content#893
Previews