-
We're deprecating the [Logstash NetFlow module](https://www.elastic.co/guide/en/logstash/current/netflow-module.html) in favor of the newer [Filebeat NetFlow module](https://www.elastic.co/guide/en/be…
-
EQL sequence alert suppression was split into two phases. The first phase implements suppression for the sequence alert and keeps only the building block alerts associated with the non-suppressed sequ…
-
**Epic:** https://github.com/elastic/kibana/issues/174168
**Related to:** https://github.com/elastic/detection-rules/issues/2826
## Summary
We're going to add a new optional field `source_updat…
-
ES|QL query plans can be pretty large, in some cases they can contain thousands of objects.
Eg. the plan of a query like `from *` will likely contain many `FieldAttributes`/`EsFields`.
The plan frag…
-
**Describe the enhancement:**
I'd like to ask you to enhance the protocol decoder (especially the dns decoder) to provide the vlan.id additionally.
In https://discuss.elastic.co/t/supplement-vlan-id…
-
## Dependencies
This issue assumes that https://github.com/elastic/kibana/issues/183533 was already completed, and `kibana.alert.original_time` is already populated. If priorities change and we wan…
-
Please post all questions and issues concerning the Elastic Agent on https://discuss.elastic.co/c/beats
before opening a Github Issue. Your questions will reach a wider audience there,
and if we con…
-
https://github.com/elastic/kibana/pull/127218 added versioned alert schemas for Security Solution alerts, including TypeScript types for the common security alert fields and fields specific to EQL rul…
-
We currently have hand-written model types, whose Transform methods are responsible for setting fields according to our schema. The schema is defined by fields.yml, and is only partially covered by EC…
-
Hi @srijitm,
Thank you for linking me here from the comments on your article. It's brilliantly written and has been a godsend as I re-architect the backend for my start-up.
I was following the…