Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automated endpoint response actions on rules (kill/suspend process) #4890

Merged
merged 6 commits into from
Mar 18, 2024
Merged

Automated endpoint response actions on rules (kill/suspend process) #4890

merged 6 commits into from
Mar 18, 2024

Conversation

joepeeples
Copy link
Contributor

@joepeeples joepeeples commented Mar 8, 2024
edited
Loading

Contributes to #4874.

Previews

Related docs PR

#4885 makes some organizational changes to rearrange the response action pages into a top-level section. This will affect the current PR since it also creates a new page in this section. Expect some light conflicts when either of these is merged, but should be easily resolvable.

Serverless docs

@joepeeples
First (incomplete) draft
ef32b76 
Create new page for automated response actions
@joepeeples joepeeples added Team: EDR Workflows Formerly Defend Workflows, Onboarding and Lifecycle Management Feature: Response actions also includes response console Feature: Rule Actions Docset: ESS Issues that apply to docs in the Stack release v8.13.0 labels Mar 8, 2024
@joepeeples joepeeples self-assigned this Mar 8, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 8, 2024

A documentation preview will be available soon.

Request a new doc build by commenting
  • Rebuild this PR: run docs-build
  • Rebuild this PR and all Elastic docs: run docs-build rebuild

run docs-build is much faster than run docs-build rebuild. A rebuild should only be needed in rare situations.

If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here.

@joepeeples joepeeples mentioned this pull request Mar 8, 2024
Closed
@joepeeples joepeeples marked this pull request as ready for review March 8, 2024 22:22
@joepeeples joepeeples requested a review from a team as a code owner March 8, 2024 22:22
tomsonpl
tomsonpl previously approved these changes Mar 11, 2024
View reviewed changes
Copy link

@tomsonpl tomsonpl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍 Thanks!

ashokaditya
ashokaditya previously approved these changes Mar 11, 2024
View reviewed changes
docs/detections/rules-ui-create.asciidoc Outdated Show resolved Hide resolved
@caitlinbetz caitlinbetz mentioned this pull request Mar 12, 2024
Merged
caitlinbetz
caitlinbetz previously approved these changes Mar 12, 2024
View reviewed changes
@joepeeples joepeeples dismissed stale reviews from caitlinbetz, ashokaditya, and tomsonpl via 3d8350d March 15, 2024 16:05
benironside
benironside approved these changes Mar 18, 2024
View reviewed changes
Copy link
Contributor

@benironside benironside left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Just left one very minor question

docs/detections/rules-ui-create.asciidoc Show resolved Hide resolved
@joepeeples joepeeples merged commit 7966c97 into main Mar 18, 2024
3 checks passed
mergify bot pushed a commit that referenced this pull request Mar 18, 2024
@joepeeples @mergify
Automated endpoint response actions on rules (kill/suspend process) (#…
115a639 
…4890)

* First (incomplete) draft

Create new page for automated response actions

* Update create rule page

* Minor edits for consistency

* Apply suggestions from review

(cherry picked from commit 7966c97)
@mergify mergify bot mentioned this pull request Mar 18, 2024
Merged
joepeeples added a commit that referenced this pull request Mar 18, 2024
@mergify @joepeeples
Automated endpoint response actions on rules (kill/suspend process) (#…
a149509 
…4890) (#4932)

* First (incomplete) draft

Create new page for automated response actions

* Update create rule page

* Minor edits for consistency

* Apply suggestions from review

(cherry picked from commit 7966c97)

Co-authored-by: Joe Peeples <[email protected]>
@joepeeples joepeeples deleted the 4874-auto-process-actions-on-rule branch March 18, 2024 20:53
@joepeeples joepeeples mentioned this pull request Mar 19, 2024
Closed
15 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benironside benironside benironside approved these changes

@caitlinbetz caitlinbetz caitlinbetz left review comments

@tomsonpl tomsonpl tomsonpl left review comments

@ashokaditya ashokaditya ashokaditya left review comments

Assignees

@joepeeples joepeeples

Labels
Docset: ESS Issues that apply to docs in the Stack release Feature: Response actions also includes response console Feature: Rule Actions Team: EDR Workflows Formerly Defend Workflows, Onboarding and Lifecycle Management v8.13.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@joepeeples @ashokaditya @tomsonpl @caitlinbetz @benironside