-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Solution] [Detections] adds log info level for logging in cloud #89941
Conversation
Pinging @elastic/security-solution (Team: SecuritySolution) |
Pinging @elastic/security-detections-response (Team:Detections and Resp) |
@@ -70,6 +70,7 @@ export const searchAfterAndBulkCreate = async ({ | |||
interval, | |||
buildRuleMessage, | |||
}); | |||
const tuplesToBeLogged = [...totalToFromTuples]; | |||
logger.debug(buildRuleMessage(`totalToFromTuples: ${totalToFromTuples.length}`)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the execution of the big loop throws an error then the new info
line won't get hit so I don't think removing the debug statement would be beneficial in that case.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Checked out, tested locally and verified new info logger upon rule execution for both successful and failed rule executions. LGTM! This is going to be critical for identifying issues, so thanks for taking the time to get this in for 7.11 @dhurley14! 🎉 🙂
💚 Build SucceededMetrics [docs]
To update your PR or re-run it, just comment with: |
…om/kibana into pr/89570 * 'sessions/save-all-sessions' of https://github.com/lizozom/kibana: (44 commits) [ML] Functional tests - skip DFA clone tests [Uptime] Fix synthetics detail step count (elastic#89940) Fixes the permissions to require cluster.manage in order to create an index and in order to update an index (elastic#89947) [Security Solution] [Detections] adds log info level for logging in cloud (elastic#89941) [Time to Visualize] Dashboard By Value Testing Lens (elastic#89581) [Uptime] Expand synthetic journey step thumbnail on hover (elastic#89179) TS project refs: Migrates snapshot_restore to a TS Project (elastic#89653) docs: APM 7.11 updates (elastic#89789) move skip to higher level (elastic#86952) Revert "Migrations v2: don't auto-create indices + FTR/esArchiver support (elastic#85778)" Revert "Revert "Enable v2 so migrations, disable in FTR tests (elastic#89297)"" Revert "Enable v2 so migrations, disable in FTR tests (elastic#89297)" [data.search] Allow search response to follow new hits format (elastic#88115) [Maps] Change 'create multi-layer map' title to be use-case focused (elastic#89520) skip flaky suite (elastic#86952) [Security Solution] Remove focustrap (elastic#89905) [Workplace Search] Add remaining i18n support for the Content Sources tree (elastic#89910) [esArchiver] log when migrations complete and we're done loading data (elastic#89938) Add --ssl flag to make resolver generator use ssl with kbn and elasticsearch clients (elastic#89873) TS project refs: Migrates grokdebugger (elastic#89652) ...
Summary
Adds an
info
log level statement to execute at the end of a successful rule run whether any signals were found and what date ranges the search executed over.Checklist
Delete any items that are not applicable to this PR.
For maintainers