[8.9] 8.9.0 Release notes (backport #3536) (#3616)

* 8.9.0 Release notes (#3536) * First draft * Adding include to TOC * Fixed file name * Updating anchors and bc tags * Full rewrite of contents * Removing extra breaking changes tag * Removed discrete header * Re-adding header * Update docs/release-notes/8.9.asciidoc * Hopefully fixing bc link * Update docs/release-notes/8.9.asciidoc * Incorporates feedback * edits * Update docs/release-notes/8.9.asciidoc Co-authored-by: Janeen Mikell Roberts <[email protected]> * Update docs/release-notes/8.9.asciidoc * Update docs/release-notes/8.9.asciidoc Co-authored-by: Janeen Mikell Roberts <[email protected]> * Update docs/release-notes/8.9.asciidoc Co-authored-by: Janeen Mikell Roberts <[email protected]> * Update docs/release-notes/8.9.asciidoc * Janeen's input * More edits from Janeen * Update docs/release-notes/8.9.asciidoc * Removing ResponseOps PR * Adds remaining content Adds more known issues, deprecations, and enhancements * EDR team features * Removing bc tags for 8.8.2 rn * Update docs/release-notes/8.8.asciidoc * Update docs/release-notes/8.9.asciidoc * Re-adding bc tags to 8.8.asciidoc file * Update docs/release-notes/8.9.asciidoc Co-authored-by: Joe Peeples <[email protected]> * Update docs/release-notes/8.9.asciidoc Co-authored-by: Joe Peeples <[email protected]> * Update docs/release-notes/8.9.asciidoc Co-authored-by: Joe Peeples <[email protected]> * Updating sum for 160574 and 160577 Incorporating Janeen's feedback * Jatin's feedback * Update docs/release-notes/8.9.asciidoc Co-authored-by: Jonhnathan <[email protected]> --------- Co-authored-by: benironside <[email protected]> Co-authored-by: Janeen Mikell Roberts <[email protected]> Co-authored-by: Joe Peeples <[email protected]> Co-authored-by: Jonhnathan <[email protected]> (cherry picked from commit 04ac0fd) # Conflicts: # docs/release-notes.asciidoc * Update docs/release-notes.asciidoc --------- Co-authored-by: Nastasha Solomon <[email protected]> Co-authored-by: Benjamin Ironside Goldstein <[email protected]>
elastic · Jul 25, 2023 · 3d4e831 · 3d4e831
1 parent 3a30177
commit 3d4e831
Show file tree

Hide file tree

Showing 3 changed files with 76 additions and 5 deletions.
diff --git a/docs/release-notes.asciidoc b/docs/release-notes.asciidoc
@@ -3,6 +3,8 @@
 
 This section summarizes the changes in each release.
 
+* <<release-notes-8.9.0, {elastic-sec} version 8.9.0>>
+* <<release-notes-8.8.2, {elastic-sec} version 8.8.2>>
 * <<release-notes-8.8.1, {elastic-sec} version 8.8.1>>
 * <<release-notes-8.8.0, {elastic-sec} version 8.8.0>>
 * <<release-notes-8.7.1, {elastic-sec} version 8.7.1>>
@@ -39,6 +41,7 @@ This section summarizes the changes in each release.
 :issue: https://github.com/elastic/kibana/issues/
 :pull: https://github.com/elastic/kibana/pull/
 
+include::release-notes/8.9.asciidoc[]
 include::release-notes/8.8.asciidoc[]
 include::release-notes/8.7.asciidoc[]
 include::release-notes/8.6.asciidoc[]

diff --git a/docs/release-notes/8.7.asciidoc b/docs/release-notes/8.7.asciidoc
@@ -231,12 +231,7 @@ GET .kibana*/_search
 [[breaking-changes-8.7.0]]
 ==== Breaking changes
 
-//tag::breaking-changes[]
-// NOTE: The breaking-changes tagged regions are reused in the Elastic Installation and Upgrade Guide. The pull attribute is defined within this snippet so it properly resolves in the output.
-:pull: https://github.com/elastic/kibana/pull/
 There are no breaking changes in 8.7.0.
-//end::breaking-changes[]
-
 
 [discrete]
 [[deprecations-8.7.0]]

diff --git a/docs/release-notes/8.9.asciidoc b/docs/release-notes/8.9.asciidoc
@@ -0,0 +1,73 @@
+[[release-notes-header-8.9.0]]
+== 8.9.0
+
+[discrete]
+[[release-notes-8.9.0]]
+=== 8.9
+
+[discrete]
+[[known-issue-8.9.0]]
+==== Known issues
+
+* On the new Detection rule monitoring dashboard, total `Rule executions` will not always equal the sum of `Succeeded`, `Warning`, and `Failed` executions. This is expected because rules can write multiple statuses per execution. One typical example is gap detection: if a rule detects a gap in rule execution it will write an intermediate `Failed` status, then continue to run, and write a final status (such as `Warning`) before finishing its execution.
+* Rule changes can't be saved if the rule's action frequency is shorter than the rule's run interval.
+* The `upload` response action does not report the correct amount of available disk space. The correct amount is approximately four gigabytes. 
+
+[discrete]
+[[breaking-changes-8.9.0]]
+==== Breaking changes
+//tag::breaking-changes[]
+// NOTE: The breaking-changes tagged regions are reused in the Elastic Installation and Upgrade Guide. The pull attribute is defined within this snippet so it properly resolves in the output.
+// THIS ALSO MEANS IF YOU USE LINKS HERE, THEY SHOULD BE FULL URLS WITH NO ATTRIBUTES
+
+:pull: https://github.com/elastic/kibana/pull/
+
+There are no breaking changes in 8.9.0.
+
+//end::breaking-changes[]
+
+[discrete]
+[[deprecations-8.9.0]]
+==== Deprecations
+* Removes the option to use the legacy navigation menu ({pull}158094[#158094]).
+* General prebuilt threat indicator match rules were deprecated and replaced with improved indicator-type rules. 
+
+[discrete]
+[[features-8.9.0]]
+==== New features
+* Allows you to install the Cloud Security Posture Management (CSPM) integration via CloudFormation ({pull}159994[#159994]).
+* Creates a new dashboard, Cloud Native Vulnerability Management, that provides an overview of vulnerabilities on your cloud hosts ({pull}159699[#159699]).
+* Allows you to group vulnerabilities by resource (host) on the Vulnerabilities Findings page, and creates a Resource flyout that displays detailed vulnerability findings for individual hosts ({pull}159873[#159873], {pull}158987[#158987]).
+* Adds a new custom dashboard, "Detection rule monitoring" ({pull}159875[#159875]).
+* Allows you to anonymize event field values sent to AI Assistant ({pull}159857[#159857]).
+* Adds a *Chat* button that opens AI Assistant to the alert details flyout ({pull}159633[#159633]).
+* Updates AI Assistant to let you create and delete custom system prompts and default conversations ({pull}159365[#159365]).
+* Allows you to add alert tags ({pull}157786[#157786]).
+* Adds the ability to automatically isolate a host through a rule’s endpoint response action ({pull}152424[#152424]). 
+* Moves response actions to General Availability.
+* Adds a new response action that allows you to upload files to an endpoint that has {elastic-endpoint} installed ({pull}157208[#157208]).
+* Makes the Lateral Movement Detection advanced analytics package General Availability, and adds the ability to detect malicious activities in Windows RDP events (https://github.com/elastic/integrations/pull/6588[#6588]).
+
+[discrete]
+[[enhancements-8.9.0]]
+==== Enhancements
+* Makes it easier to set up exceptions by auto-populating exception conditions and values with relevant alert data.  
+* Adds a *Last response* dropdown menu to the Rules table that allows you to filter rules by the status of their last execution ("Succeeded", "Warning", or "Failed") ({pull}159865[#159865]).
+* Creates a Lens dashboard for monitoring the use of tokens by AI Assistant ({pull}159075[#159075]).
+* Creates a connector for D3 Security ({pull}158569[#158569]).
+* Improves the interface for installing and upgrading Elastic prebuilt rules ({pull}158450[#158450]).
+* Shows a rule's actions on its details page ({pull}158189[#158189]).
+* Allows you to add Lens visualizations to cases from the visualization's *More actions* menu ({pull}154918[#154918]).
+* Adds a tooltip to snoozed rules that shows exactly when alerting will resume ({pull}157407[#157407]).
+* Enhances the Data Exfiltration Detection package by adding the ability to detect exfiltration anomalies through USB devices and Airdrop (https://github.com/elastic/integrations/pull/6577[#6577]).
+
+[discrete]
+[[bug-fixes-8.9.0]]
+==== Bug fixes
+* Fixes a bug that prevented rule exceptions from being auto-populated when you created a new exception from an alert's **Take action** menu.
+* Fixes a UI bug that overlaid **Default Risk score** values as you created a new rule.
+* Fixes a bug that restricted the number of cloud accounts that could appear on the Cloud Security Posture dashboard to 10 ({pull}157233[#157233]).
+* Fixes a bug that allowed you to save a rule with an alert filter missing a query ({pull}159690[#159690]).
+* Fixes unexpected filtering behavior on the Alerts page. Now, when you select a filter that excludes all alerts, an empty table now appears as expected ({pull}160374[#160374]).
+* Fixes a UI bug where the **Label** field in the Investigation Guide form incorrectly turns red when the entered value is correct ({pull}160574[#160574], {pull}160577[#160577]).
+* Fixes a bug that caused rules to snooze longer than specified ({pull}152873[#152873]).