Open JTMosaic opened 9 months ago
Although this issue mentions Wazuh Dashboard, Security Events section, it is reproducible in the Discover section of OSD.
I just reproduced it on 2.11.1
Hello @JTMosaic,
Will check this out as soon as possible and will try to read up on the other thread. In the meantime, could you verify if this is a relatively recent issue and worked prior to an upgraded version? Or has this been a persisting issue?
Thank you, @kavilla . I've not tried it in prior versions
Any update on this?
Will look into this as soon as possible.
Did a deep dive into this area so will check it out again. Apologies on the delay here. Will have to move it to 2.15.
The "Edit as Query DSL" functionality is generating both bad and incorrect DSL
To Reproduce
This is the exact same DSL. The negation of the operator is not present.
Additionally, if you copy this DSL into a new filter you get a filter which is not editable as filter values and does not display correctly on the dashboard though it does seem to work, albeit without the NOT:
Expected behavior Correct DSL should be generated to make queries easier to save and document
OpenSearch Version wazuh-indexer 4.7.0-1
Dashboards Version wazuh-dashboards 4.7.0-1
Plugins Amazon AWS
This has already been reported to the Wazuh team. See the discussion here