LaZyDK
commented
2 years ago This happens when the Kibana Integration template is edited. Working as intended.
Open rsdrakh opened 2 years ago
LaZyDK
commented
2 years ago This happens when the Kibana Integration template is edited. Working as intended.
rsdrakh
commented
2 years ago Nothing was edited, all was used out of the box (except for the initial config of the integration), if that is intended behaviour then it is both not user friendly and not consistent to the behaviour of other Cisco integrations.
LaZyDK @.***> schrieb am Fr., 12. Aug. 2022, 13:43:
This happens when the Kibana Integration template is edited. Working as intended.
— Reply to this email directly, view it on GitHub https://github.com/elastic/integrations/issues/3958#issuecomment-1213024483, or unsubscribe https://github.com/notifications/unsubscribe-auth/AH4WMOE7NGHYSZC5K23C3ADVYY2FJANCNFSM55S4I4NQ . You are receiving this because you authored the thread.Message ID: @.***>
LaZyDK
commented
2 years ago Yes, you updated the integration, and with this the template was edited. The template is not edited with all upgrade, this you can see here on github. It is consistent with all other integrations in Elastic.
rsdrakh
commented
2 years ago Updating an Integration should never ever overwrite custom settings that were there before the upgrade. Because why should it? No matter if I update one or all policies. "Works as intended" can still be very unfriendly to our customers. Is this behaviour documented anywhere, while it is intended?
LaZyDK @.***> schrieb am Fr., 12. Aug. 2022, 14:04:
Yes, you updated the integration, and with this the template was edited. The template is not edited with all upgrade, this you can see here on github. It is consistent with all other integrations in Elastic.
— Reply to this email directly, view it on GitHub https://github.com/elastic/integrations/issues/3958#issuecomment-1213040116, or unsubscribe https://github.com/notifications/unsubscribe-auth/AH4WMOBC7H52OXXSN7YNWHLVYY4TNANCNFSM55S4I4NQ . You are receiving this because you authored the thread.Message ID: @.***>
smnschneider
commented
2 years ago I agree with @rsdrakh. This behavior should be reconsidered. Removing user data should not be the case at all. Why should there be a difference updating all or just one integration?
botelastic[bot]
commented
1 year ago Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!
smnschndr
commented
1 year ago Keep it up 👍
elasticmachine
commented
2 months ago Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)
Update from 2.2.1 to 2.3.0 on Elasticsearch 8.3.2 Issue could be reproduced with a different agent policy.
The set value used to be "0.0.0.0" and was reset to "localhost".
Cisco IOS also behaves like this. Cisco ASA does not behave like this.