When an Alert in Elastic Security is generated from a Machine Learning rule, it doesn't contain the data_stream.namespace field.
This is a problem when trying to use namespaces for data coming from Elastic Agent to identify different customers, environments, etc when setting up multi-tenancy.
Steps to Reproduce
Set up Elastic Agent on a host. Enable non-ML-based Rules and an ML-based Rule. Trigger the Rules and compare the Alert data.
Elasticsearch Version
8.14
Kibana Version
8.14
Installed Plugins
No response
Java Version
bundled
OS Version
n/a
Problem Description
When an Alert in Elastic Security is generated from a Machine Learning rule, it doesn't contain the
data_stream.namespace
field.This is a problem when trying to use namespaces for data coming from Elastic Agent to identify different customers, environments, etc when setting up multi-tenancy.
Steps to Reproduce
Set up Elastic Agent on a host. Enable non-ML-based Rules and an ML-based Rule. Trigger the Rules and compare the Alert data.
Logs (if relevant)
No response