search

elastic / kibana

Your window into the Elastic Stack
https://www.elastic.co/products/kibana
Other
19.82k stars 8.2k forks source link

[Security Solution] [Bug] A few entities fail to be assigned the values every time for asset criticality via bulk upload #196975

Open muskangulati-qasource opened 2 days ago

muskangulati-qasource commented 2 days ago

Describe the bug A few entities fail to be assigned the values every time for asset criticality via bulk upload

Kibana/Elasticsearch Stack version

VERSION: 8.16.0
BUILD: 79314
COMMIT: 5575428dd3aef69366cddb4ccf07a2a26d30ce48

Steps

  1. Kibana version 8.16.0 or above should exist
  2. Navigate to Stack Management >> Alerts and Insights >> Entity Store
  3. Add a file which has multiple entries atleast 21k
  4. Validate it always shows error that a few entries are not assigned the value. However, the reason is not specified

Expected Result No entities should fail to be assigned the values every time for asset criticality via bulk upload

Screen Recording

https://github.com/user-attachments/assets/3aced91e-8ed9-4bc9-8df3-c231ff3340cd

Test file used user.txt

Error from network logs


 "errors": [
        {
            "message": "[host.name:ip-172-31-83-81]: version conflict, required seqNo [27862], primary term [2]. current document has seqNo [27871] and primary term [2]"
        },
        {
            "message": "[user.name:root]: version conflict, required seqNo [27880], primary term [2]. current document has seqNo [27882] and primary term [2]"
        },
        {
            "message": "[user.name:root]: version conflict, required seqNo [27897], primary term [2]. current document has seqNo [27902] and primary term [2]"
        },
        {
            "message": "[user.name:root]: version conflict, required seqNo [27908], primary term [2]. current document has seqNo [27912] and primary term [2]"
        },
elasticmachine commented 2 days ago

Pinging @elastic/security-solution (Team: SecuritySolution)

muskangulati-qasource commented 2 days ago

@amolnater-qasource please review!

amolnater-qasource commented 2 days ago

Reviewed & assigned to @MadameSheema

elasticmachine commented 2 days ago

Pinging @elastic/security-entity-analytics (Team:Entity Analytics)

jaredburgettelastic commented 4 hours ago

@muskangulati-qasource could you please share with us the file that you used to upload?