Comments (10)
@tomsonpl ,
Yes, and no.
For endpoint, we do allow isolate
to be create for hosts that are already isolated (similar with release
). For SentinelOne, Patryk implemented code in the Connector that first checks that the host is in the correct state. Not sure why that was done that way - perhaps the S1 system rejects it? 🤷
That being said - this is expected behaviour for HTTP API requests for all agent types - meaning: if there is an error along the way, we don't create the action documents because that could just fill up the index with "junk".
Note, however, that automated response actions behaviour is a bit different because there is no user behind it. For automated response actions, we do create a failed response action in this case.
from kibana.
@muskangulati-qasource Thanks for bringing this up. This is expected as the action request is not created. We show response history for actions that are actually created and that have pending/failed/successful responses.
from kibana.
Pinging @elastic/security-defend-workflows (Team:Defend Workflows)
from kibana.
@ashokaditya could you take a closer look to this one?
from kibana.
Out of curiosity, is this expected only for S1 actions, or also Endpoint's ?
from kibana.
Thanks @paul-tavares :)
from kibana.
@ashokaditya @paul-tavares can we close this as won't do then?
cc: @arvindersingh-qasource
from kibana.
Yes - it should be closed. Its working as intended.
from kibana.
Thank you for the update @dasansol92 and @paul-tavares .
We are closing this issue as it is WORKING AS DESIGNED. We will keep note of the same.
Thank you!
from kibana.
Bug Conversion
No Test case is required since it is expected behavior!
Thanks!
from kibana.
Related Issues (20)
- [ML] Add support for returning `pt_tiny_elser` from the `ml.trainedModelsProvider.getELSER()` helper function HOT 1
- [Papercuts] Add space around loading spinners HOT 1
- [Cloud Security][Bugs] Detection rule count didn't get updated when new Detection rule is created in certain manner HOT 1
- Required node version in packages.json from release tar.gz so old I cannot build kibana for Archlinux users anymore. HOT 2
- [ResponseOps][MW] Maintenance window: The road to GA HOT 1
- [Dashboard] More Resize Options for Visuals HOT 2
- [Fleet]: Ingest Overview Metrics and Agent Info Metrics are not visible under agents tab of new space. HOT 3
- [Security Solution] [Bug] Time for the next run is not specified for the Bulk upload Asset criticality HOT 3
- [Lens][ES|QL] Re-running the query should keep the selected configuration if possible HOT 5
- [APM] Dependencies Operations - trace cannot be found - with OTel HOT 1
- yarn kbn bootstrap 安装依赖时,停在了canvas这一步
- Remove `visualization:visualize:legacyHeatmapChartsLibrary` from Advanced Setting HOT 1
- Remove `visualization:colorMapping` Advanced Setting HOT 1
- Remove `visualization:useLegacyTimeAxis` Advanced Setting HOT 1
- Remove `metrics:allowCheckingForFailedShards` Advanced Setting HOT 1
- [RCA] Rule condition chart for count aggregation with KQL filter shows error HOT 1
- [Obs Alerts table] Error on clicking alert reason message HOT 1
- [Infra][ECO] Create an API to detect if there is metrics data HOT 1
- [Infra][ECO] Show a callout to prompt users to ingest metrics data HOT 6
- Failing test: Entity Analytics - Risk Engine Integration Tests - ESS Env - Trial License.x-pack/test/security_solution_api_integration/test_suites/entity_analytics/risk_engine/trial_license_complete_tier/risk_scoring_task/task_execution·ts - Entity Analytics - Risk Engine @ess @serverless @serverlessQA Risk Scoring Task Execution with auditbeat data with some alerts containing hosts initializing the risk engine @skipInServerlessMKI @skipInServerless starts the latest transform HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kibana.