Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] [Bug] The entity store does not get enables after upgrade #197574

Closed
muskangulati-qasource opened this issue Oct 24, 2024 · 5 comments
Closed

[Security Solution] [Bug] The entity store does not get enables after upgrade #197574

muskangulati-qasource opened this issue Oct 24, 2024 · 5 comments
Assignees
@jaredburgettelastic
Labels
bug Fixes for quality problems that affect the customer experience fixed impact:critical This issue should be addressed immediately due to a critical level of impact on the product. QA:Validated Issue has been validated by QA Team:Entity Analytics Security Entity Analytics Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. triage_needed v8.16.0

Comments

@muskangulati-qasource
Copy link

Describe the bug
The entity store does not get enables after upgrade

Kibana/Elasticsearch Stack version

VERSION: 8.16.0
BUILD: 79314
COMMIT: 5575428dd3aef69366cddb4ccf07a2a26d30ce48

Pre conditions:

  1. Kibana build for version 8.15.3 should be available
  2. Multiple agents should be deployed
  3. Alerts should be present for different hosts and users

Steps:

  1. Login to the above mentioned build
  2. Create a non-default space
  3. In the default space, enable entity risk score, and asset criticality
  4. Upgrade the build to 8.16.0
  5. Navigate to the Dashboards tab under Security
  6. Select Entity Analytics
  7. Click on enable button for Entity store
  8. Disable Entity store and enable risk score
  9. Save the same
  10. Try to enable Entity store, the user will not be able to successfully achieve the same

Expected Result
The entity store should get enabled after upgrade

Screen Recording

Bug1.mp4
@muskangulati-qasource muskangulati-qasource added bug Fixes for quality problems that affect the customer experience impact:critical This issue should be addressed immediately due to a critical level of impact on the product. Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:Entity Analytics Security Entity Analytics Team triage_needed v8.16.0 labels Oct 24, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-entity-analytics (Team:Entity Analytics)

@amolnater-qasource
Copy link

Reviewed & assigned to @MadameSheema

@machadoum machadoum added fixed QA:Needs Validation Issue needs to be validated by QA labels Nov 5, 2024
@machadoum
Copy link
Member

I tested it again, and it looks good to me. I won't close it so QA can validate it.

@muskangulati-qasource
Copy link
Author

Hi @machadoum,

We have validated the issue on the latest build and found the issue is fixed.

Please find below the testing details:
Upgrade from:

8.15.4 --> 8.16.0

Screen Recording

Entity.Analytics.mp4

Hence, we are closing this issue and marking it as 'QA Validated'.

Thank you!

@muskangulati-qasource muskangulati-qasource added QA:Validated Issue has been validated by QA and removed QA:Needs Validation Issue needs to be validated by QA labels Nov 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jaredburgettelastic jaredburgettelastic

Labels
bug Fixes for quality problems that affect the customer experience fixed impact:critical This issue should be addressed immediately due to a critical level of impact on the product. QA:Validated Issue has been validated by QA Team:Entity Analytics Security Entity Analytics Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. triage_needed v8.16.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@machadoum @elasticmachine @MadameSheema @muskangulati-qasource @amolnater-qasource @jaredburgettelastic