elasticmachine
commented
2 years ago Pinging @elastic/response-ops (Team:ResponseOps)
Open kayapuskarov opened 2 years ago
elasticmachine
commented
2 years ago Pinging @elastic/response-ops (Team:ResponseOps)
elasticmachine
commented
2 years ago Pinging @elastic/response-ops-cases (Feature:Cases)
RubixSolver99
commented
1 year ago Any updates on this by chance?
shanisagiv1
commented
1 year ago Unfortunately no new updates. it's planned and will be shipped in one of the upcoming releases. cant target timelines
philrose66
commented
5 months ago @shanisagiv1 Hi Shani- Phil Rose from the IR team (with Katarina) here, any update on whether this feature is in a planned release or roadmap?
shanisagiv1
commented
5 months ago Hey, thanks for sharing, nothing to update, unfortunately. still on our radar (merge and split) for cases.
ForsetiJan
commented
3 weeks ago Hi all, any news on this?
cnasikas
commented
1 week ago cc @heespi
heespi
commented
5 days ago @ForsetiJan .. there are no concrete plans to tackle this ask in the short term. We´d be looking at this point at the 2025 timeframe.
Describe the feature:
Provide a way for users to merge several cases into one if they are related to the same investigation.
Describe a specific use case for the feature:
It can happen that we get alerted on either multiple alerts that are the same, or multiple alerts that are different but still are associated with the same larger event/investigation and it would be useful if the analyst could merge these into one case.