-
Notifications
You must be signed in to change notification settings - Fork 191
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Co-authored-by: benironside <91905639+benironside@users.noreply.github.com> Co-authored-by: Joe Peeples <joe.peeples@elastic.co> Co-authored-by: Janeen Mikell-Straughn <57149392+jmikell821@users.noreply.github.com> Co-authored-by: nastasha-solomon <79124755+nastasha-solomon@users.noreply.github.com>
- Loading branch information
5 people
authored
Jun 28, 2022
1 parent
09df482
commit 0389dc0
Showing
2 changed files
with
72 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| [[release-notes-header-8.3.0]] | ||
| == 8.3 | ||
|
|
||
| [discrete] | ||
| [[release-notes-8.3.0]] | ||
| == 8.3.0 | ||
|
|
||
| [discrete] | ||
| [[breaking-changes-8.3.0]] | ||
| ==== Breaking changes | ||
| // tag::breaking-changes[] | ||
| // NOTE: The breaking-changes tagged regions are reused in the Elastic Installation and Upgrade Guide. The pull attribute is defined within this snippet so it properly resolves in the output. | ||
| :pull: https://github.com/elastic/kibana/pull/ | ||
| * Updates Elastic prebuilt {ml} detection rules for some Windows and Linux anomalies with new `v3` {ml} jobs. A confirmation modal is displayed when updating rules if `v1`/`v2` jobs are installed. If you're using 8.2 or earlier versions of {beats} or {agent}, you may need to duplicate prebuilt rules or create new custom rules _before_ you update the prebuilt rules. Once you update the prebuilt rules, they will only use `v3` {ml} jobs. Refer to <<ml-job-compatibility>> for more information.({pull}128334[#128334]). | ||
| // end::breaking-changes[] | ||
|
|
||
| [discrete] | ||
| [[features-8.3.0]] | ||
| ==== Features | ||
| * Renames Endpoint Security integration to "{endpoint-cloud-sec}" ({pull}132752[#132752]). | ||
| * Adds a new {security-guide}/detection-response-dashboard.html[Detection & Response dashboard], which provides focused visibility into the day-to-day operations of your security environment ({pull}130670[#130670], {pull}128335[#128335], {pull}129021[#129021], {pull}128087[#128087], {pull}131828[#131828], {pull}131029[#131029]). | ||
| * Introduces a new optional design for the main navigation menu ({pull}132210[#132210], {pull}131437[#131437], {pull}133719[#133719]). | ||
| * Adds a *User risk* tab to the User details flyout ({pull}130256[#130256]). | ||
| * Adds an *Authentications* tab to the User details flyout ({pull}129456[#129456]). | ||
| * Adds the ability to investigate Osquery results in Timeline ({pull}128596[#128596]). | ||
| * Allows multiple alerts to be added to a case ({pull}130958[#130958]). | ||
| * Adds the option to delete case comments from a case ({pull}130254[#130254]). | ||
| * Provides an option to select a severity level for a case ({pull}131626[#131626]). | ||
| * Adds the experimental *Alerts* tab to cases, which allows users to inspect attached alerts ({pull}131883[#131883]). | ||
| * Adds the *Average time to close* metric to the Cases page ({pull}131909[#131909]). | ||
|
|
||
| [discrete] | ||
| [[bug-fixes-8.3.0]] | ||
| ==== Bug fixes and enhancements | ||
| * Separates array values with commas in the Alerts table ({pull}133297[#133297]). | ||
| * Exposes the EQL search settings `event_category_field`, `tiebreaker_field`, and `timestamp_field` through the rules API and UI for event correlation rules ({pull}132247[#132247]). | ||
| * Adds the *Session ID* field to the *Highlighted fields* section of the Alert details flyout ({pull}132219[#132219]). | ||
| * Adds Dashboards and Threat Hunting Landing pages ({pull}130905[#130905]). | ||
| * Allows highlighted fields to be investigated in Timeline ({pull}131255[#131255]). | ||
| * Adds the *Run Osquery* option to the *More actions* menu (*...*) in the Alerts table ({pull}131790[#131790]). | ||
| * Improves the performance of these actions on the bulk rule actions endpoint ({pull}130924[#130924]). | ||
| ** `add_tags` | ||
| ** `delete_tags` | ||
| ** `set_tags` | ||
| ** `add_index_patterns` | ||
| ** `delete_index_patterns` | ||
| ** `set_index_patterns` | ||
| ** `set_timeline` | ||
| * Fixes a bug that caused the rule details page to crash when users opened a deleted or non-existent rule ({pull}133867[#133867]). | ||
| * Allows threshold alerts to be investigated in Timeline if filters are not provided ({pull}133733[#133733]). | ||
| * Prevents events from being added to cases from Timeline ({pull}133410[#133410]). | ||
| * Fixes a bug that prevented the Users and Hosts pages from resetting after being sorted ({pull}133111[#133111]). | ||
| * Removes the filter and investigate in Timeline options from the {agent} status in highlighted fields ({pull}132829[#132829], {pull}132586[#132586]). | ||
| * Improves the copy of Timeline tooltips ({pull}132756[#132756]). | ||
| * Fixes a validation bug that occurred when users were building a rule exception and changed the exception statement’s operator ({pull}131989[#131989]). | ||
| * Adds a checkmark to the pagination selection on the *Exceptions lists* page ({pull}131979[#131979]). | ||
| * Re-adds the success message that displays when users export an exceptions list ({pull}131952[#131952]). | ||
| * Updates import toast logic to accurately report the total number of failures ({pull}131873[#131873]). | ||
| * Ensures an error is not generated when the `agent.version` provided by an alert is in an unexpected format ({pull}131272[#131272]). | ||
| * Improves error checks for threshold rules ({pull}131088[#131088]). | ||
| * Expands support for migrating legacy rule actions ({pull}130511[#130511]). | ||
| * Fixes a bug that caused the *Add Rule Exception* flyout to unexpectedly close when users create the first exception for the rule from an alert ({pull}130187[#130187]). | ||
| * Corrects Rule name sorting so detection rules are ordered alphabetically, regardless of their casing ({pull}130105[#130105]). | ||
| * Improves the *Reporter* column in the Cases table ({pull}132200[#132200]). | ||
| * Adds the option to create a new case to the Select case pane ({pull}128882[#128882]). | ||
| * Allows {kibana-ref}/pre-configured-connectors.html[preconfigured connectors] to be used with cases ({pull}130372[#130372]). | ||
| * Inserts the deprecated icon next to deprecated preconfigured connectors ({pull}132237[#132237]). | ||
| * Updates the Case table so that all tags assigned to the case are displayed when users go to the case and hover over the *Tags* column ({pull}132023[#132023]). | ||
| * Adds Oauth support to the {sn} ITSM, SecOps, and ITOM connectors ({pull}131248[#131248]). | ||
| * Adds a setting to specify a list of allowed email domains, which can be used with the email connector ({pull}129001[#129001]). |