[Defend Workflows]Sentinel field names are distorted for sentinelone analyzer alert - Githubissues

elastic / kibana

Your window into the Elastic Stack

https://www.elastic.co/products/kibana

Other

19.49k stars 8.05k forks source link

[Defend Workflows]Sentinel field names are distorted for sentinelone analyzer alert #179896

Open sukhwindersingh-qasource opened 3 months ago

sukhwindersingh-qasource commented 3 months ago

Describe the bug: Sentinel field names are distorted for sentinelone analyzer alert

Build Details:

VERSION: 8.14.0
BUILD: 72871
COMMIT: fcdad9d5b3a46cecfb29bc56ae4949c7106861e7

Preconditions

Kibana should be running.
SentinelOne Cloud Funnel integration should be installed.
SentinelOne Cloud Funnel data should be present.

Steps to Reproduce

Navigate to Timelines tab
Create a timeline with the below query
- _index : logs-sentinel and process.entity_id : and event.category : "process" and process.name: "gpg-connect-agent"
Set the lookup back time as 1 year.
Open the analyzer for the first entry
Now click on Dash process, 2file option.
Click on the file location.
Navigate to page no. 9
Observe Sentinel field names are distorted for sentinelone analyzer alert

Actual result

Sentinel field names are distorted for sentinelone analyzer alert

Expected Result

Sentinel field names Should not be distorted for sentinelone analyzer alert

Screen-Cast

https://github.com/elastic/kibana/assets/108654988/7f46789c-1e95-43cf-aa7c-340dd40968d6

elasticmachine commented 3 months ago

Pinging @elastic/security-solution (Team: SecuritySolution)

sukhwindersingh-qasource commented 3 months ago

@muskangulati-qasource Please review this. Thanks!

muskangulati-qasource commented 3 months ago

Reviewed and assigned to @dasansol92

dasansol92 commented 3 months ago

@tomsonpl this seems to me an UI thing, could you confirm that? Thanks

tomsonpl commented 3 months ago

Hey, I've seen similar issues before, with any data, not only S1. I would say it's something we should ask @elastic/security-threat-hunting about.