Open muskangulati-qasource opened 2 days ago
Pinging @elastic/security-solution (Team: SecuritySolution)
@amolnater-qasource please review!
Pinging @elastic/security-entity-analytics (Team:Entity Analytics)
Reviewed & assigned to @MadameSheema
This is a higher priority due to the Serverless release upcoming, will assess.
Tested and confirmed that this problem does not yet exist in Serverless, because the Entity Store is completely unavailable in Serverless, and the dashboard view correctly shows the Risk Enablement. Still a high priority ticket, but not required for Monday's Serverless release.
Describe the bug User risk and Host risk score are not available under Entity Analytics Dashboard even when Entity risk score is enabled but Entity store is disabled
Kibana/Elasticsearch Stack version
Steps
Question Why are we disabling host risk score, user risk score even when Entity Risk Score is enabled. Even when we clear data for entity, it disabled entity store then only Entities table is hidden, but host risk score and user risk score is still enabled.
https://github.com/user-attachments/assets/19519200-673a-4ebb-9a93-eadee6050b71
Screenshots
Entity Risk Score is enabled
Entity Store is disabled
Risk Score and User score is not visible on the Entity Analytics Dashboard