Mikaayenson
commented
6 months ago Is this really related DAC or should this target main?
Open eric-forte-elastic opened 6 months ago
Mikaayenson
commented
6 months ago Is this really related DAC or should this target main?
eric-forte-elastic
commented
6 months ago Is this really related DAC or should this target main?
Good point! This should target main :+1:
brokensound77
commented
5 months ago This might be a duplicate of (or should be added as part of #3556
Mikaayenson
commented
5 months ago We should make this measurable and time bound in the design of this (potentially even making this a meta itself).
IMO this is still very ambiguous, so we should design and decide on what do move forward on.
eric-forte-elastic
commented
5 months ago We should make this measurable and time bound in the design of this (potentially even making this a meta itself).
- What code refactors specifically for maintenance do we want to do
- What specific performance refactors will we include.
IMO this is still very ambiguous, so we should design and decide on what do move forward on.
Updated to make this a meta and have time bound constraints for implementation.
eric-forte-elastic
commented
1 month ago Deprioritized in favor of Falco integration work PM request, moving to Q3.
Related Issue
https://github.com/elastic/detection-rules/issues/3618
This is a decoupled issue from https://github.com/elastic/detection-rules/issues/3618 to reduce the complexity of the PR review and to more atomically test the changes. Additionally this captures the desire to refactor to make this process smoother while decoupling it from other approaches to solving BYOS.
Summary
We may need to refactor the integrations validation for increased performance and ease of maintenance. This issue is to track the 4 steps needed to address this concern.
Steps/tasks 1-2 should take approximately half a sprint to complete, with the LOE cutoff for proceeding being 1 full sprint of refactoring work.