Defend Advanced Policy Options for Registry Event Filtering Enforceme…

…nt (elastic#186564) ## Summary Adds a Defend Advanced Policy option to allow 8.15.0 users to opt out of Registry Event Filtering. ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) ### For maintainers - [ ] This was checked for breaking API changes and was [labeled appropriately](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
ashokaditya · Jul 2, 2024 · 5cb60aa · 5cb60aa
1 parent 75874ca
commit 5cb60aa
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/...plugins/security_solution/public/management/pages/policy/models/advanced_policy_schema.ts b/...plugins/security_solution/public/management/pages/policy/models/advanced_policy_schema.ts
@@ -1908,4 +1908,15 @@ export const AdvancedPolicySchema: AdvancedPolicySchemaType[] = [
       }
     ),
   },
+  {
+    key: 'windows.advanced.events.registry.enforce_registry_filters',
+    first_supported_version: '8.15',
+    documentation: i18n.translate(
+      'xpack.securitySolution.endpoint.policy.advanced.windows.advanced.events.registry.enforce_registry_filters',
+      {
+        defaultMessage:
+          'Reduce data volume by filtering out registry events which are not relevant to behavioral protections.  Default: true',
+      }
+    ),
+  },
 ];