Open sukhwindersingh-qasource opened 1 day ago
Pinging @elastic/security-solution (Team: SecuritySolution)
Pinging @elastic/security-defend-workflows (Team:Defend Workflows)
Please review this @muskangulati-qasource Thanks!!
Reviewed and assigned to @dasansol92
@sukhwindersingh-qasource Thanks for creating this. If I'm not wrong, this is because there is an endpoint event with an empty process.name
value in the system. Is this also happening for other fields?
@gergoabraham Could that be related to the recent changes we made in this area?
Hi @dasansol92,
Yes, the issue is caused by empty fields in the host events related to process.name. We could hide these empty fields from the suggestions, as selecting an empty value doesn’t serve any purpose.
Screen-shot
Please let us know if anything else is required from our end,
Thanks!
Describe the bug:
Build Details:
VERSION: 8.16.0-snapshot BUILD: 79197 COMMIT: 2601f8aa203cd733a7669a59398a185ed8af12c4
Login Credentials
Preconditions
Steps to Reproduce
process.name
is
value
fieldActual result
Expected Result
Screen-cast
https://github.com/user-attachments/assets/30602927-9332-42c2-a582-d3e8febfb28f
Logs