Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add step for setup guide field
Browse files Browse the repository at this point in the history
joepeeples committed Apr 15, 2024

Verified

This commit was signed with the committer’s verified signature.
fizruk Nikolai Kudasov
1 parent 3b081a9 commit c2ec595
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions docs/detections/rules-ui-create.asciidoc
Original file line number Diff line number Diff line change
@@ -459,6 +459,7 @@ false-positive alerts.
.. *Custom highlighted fields* (optional): Specify highlighted fields for personalized alert investigation flows. Fields with values are added to the <<investigation-section,Highlighted fields>> section within the alert details flyout. Fields without values aren't added. After you create the rule, you can find all custom highlighted fields in the About section of the rule details page.
+
NOTE: There's no limit to the number of custom highlighted fields you can add.
.. *Setup guide* (optional): Instructions on rule prerequisites such as required integrations, configuration steps, and anything else needed for the rule to work correctly.
.. *Investigation guide* (optional): Information for analysts investigating
alerts created by the rule. You can also add action buttons to <<invest-guide-run-osquery, run Osquery>> or <<interactive-investigation-guides, launch Timeline investigations>> using alert data.
.. *Author* (optional): The rule's authors.

0 comments on commit c2ec595

Please sign in to comment.