[Security Solution]Additional Filter not working under Top risk score contributors Alert Table #168917
Comments
ghost
added
bug
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
MadameSheema
added
Team:Threat Hunting
|
Pinging @elastic/security-threat-hunting (Team:Threat Hunting) |
ghost
added
the
impact:medium
|
Checked that also, yes it looks like a bug. Good thing that top filters work, but definitely those additional filters for Threat Indicator don't work Screen.Recording.2023-10-18.at.15.39.52.mov |
SourinPaul
added
Theme: entity_analytics
Team:Entity Analytics
|
These filters are working now so I think they may have been fixed. By design they do not get added to the global query bar, they are more akin to the status, servertiy, user, host filters at the top of the visualisations. One thing is that there is no indicator that a filter has been applied, I will put up a PR to make that UX a little better. In the video below, rule test2 is a building block rule and rule test3 is a threat indicator: Screen.Recording.2024-02-20.at.11.49.23.mov |
…table (#177275) ## Summary While investigating #168917 I noticed that there is no way to tell if an additional filter has been applied on the alerts table which can be a bit confusing because it filters the whole page. I have added a notification badge to show the number of filters applied, matching the style of the other badges on the table. <img width="1446" alt="Screenshot 2024-02-20 at 12 31 02" src="https://github.com/elastic/kibana/assets/3315046/00f18859-f532-4025-a506-5bdf782d9fe3"> **Video Demo:** https://github.com/elastic/kibana/assets/3315046/628f1165-bfe3-4b20-b60f-07fc6bceebe9 --------- Co-authored-by: Kibana Machine <[email protected]>
ghost
reopened this
|
we have observed this issue to be re-occurring on 8.13 BC2. so we have opened this issue. Kibana/Elasticsearch Stack version Screen-Cast: show_only_threat_indicator.movPlease let me know if any more information need from our end. thanks !! |
…table (elastic#177275) ## Summary While investigating elastic#168917 I noticed that there is no way to tell if an additional filter has been applied on the alerts table which can be a bit confusing because it filters the whole page. I have added a notification badge to show the number of filters applied, matching the style of the other badges on the table. <img width="1446" alt="Screenshot 2024-02-20 at 12 31 02" src="https://github.com/elastic/kibana/assets/3315046/00f18859-f532-4025-a506-5bdf782d9fe3"> **Video Demo:** https://github.com/elastic/kibana/assets/3315046/628f1165-bfe3-4b20-b60f-07fc6bceebe9 --------- Co-authored-by: Kibana Machine <[email protected]>
michaelolo24
removed
Team:Threat Hunting:Investigations
MadameSheema
added
the
Team:Threat Hunting:Investigations
|
Pinging @elastic/security-threat-hunting-investigations (Team:Threat Hunting:Investigations) |
MadameSheema
added
Team:Entity Analytics
|
Pinging @elastic/security-entity-analytics (Team:Entity Analytics) |
Describe the bug:
Additional Filter not working under Top risk score contributors Alert Table
Kibana/Elasticsearch Stack version
Version: 8.11.0 BC2
Commit: 636a833
Build: 67841
Browser and Browser OS Version:
Firefox for windows OS
Version: 118.0.1
Elastic Endpoint Version:
8.11
Original install method:
None
Functional Area:
Host/User Risk Score
Initial Setup:
Steps to reproduce
Additional Observation
Current behavior
Expected behavior:
Screen-Shot:
Hosts.-.Kibana.Mozilla.Firefox.2023-10-16.12-47-30.mp4
additional.filter.mp4
The text was updated successfully, but these errors were encountered: