Add new terms rule type to Detections API create/update rule docs #3914
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Documentation previews: |
|
This pull request does not have a backport label. Could you fix it @marshallmain? 🙏
NOTE: |
There was a problem hiding this comment.
Thanks for raising the PR, @marshallmain! LGTM, just a couple of suggestions:
- Can we add the following text to the list of rule types at the start of the
rules-api-createpage (on line 36, after Machine learning rules):
New terms: Generates an alert for each new term detected in source documents within a specified time range.
- Can we add request and response examples for creating a new terms rule to the
rules-api-createpage? Just to keep the consistency, as the page contains examples for all other rule types.
Thanks for the heads-up – once we merge this PR, I can raise a separate one to update the description to |
Co-authored-by: natasha-moore-elastic <[email protected]>
Hey @marshallmain, just flagging these two points again in case you missed them. |
Co-authored-by: natasha-moore-elastic <[email protected]>
natasha-moore-elastic
approved these changes
Sep 19, 2023
mergify bot
pushed a commit
that referenced
this pull request
Sep 20, 2023
) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155)
mergify bot
pushed a commit
that referenced
this pull request
Sep 20, 2023
) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155)
mergify bot
pushed a commit
that referenced
this pull request
Sep 20, 2023
) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155)
This was referenced Sep 20, 2023
Merged
mergify bot
pushed a commit
that referenced
this pull request
Sep 20, 2023
) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155)
mergify bot
pushed a commit
that referenced
this pull request
Sep 20, 2023
) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155)
mergify bot
pushed a commit
that referenced
this pull request
Sep 20, 2023
) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155)
mergify bot
pushed a commit
that referenced
this pull request
Sep 20, 2023
) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155)
This was referenced Sep 20, 2023
Merged
Merged
Merged
marshallmain
added a commit
that referenced
this pull request
Sep 26, 2023
) (#3975) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155) Co-authored-by: Marshall Main <[email protected]>
marshallmain
added a commit
that referenced
this pull request
Sep 26, 2023
) (#3976) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155) Co-authored-by: Marshall Main <[email protected]>
marshallmain
added a commit
that referenced
this pull request
Sep 26, 2023
) (#3977) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155) Co-authored-by: Marshall Main <[email protected]>
marshallmain
added a commit
that referenced
this pull request
Sep 26, 2023
) (#3978) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155) Co-authored-by: Marshall Main <[email protected]>
marshallmain
added a commit
that referenced
this pull request
Sep 26, 2023
) (#3979) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155) Co-authored-by: Marshall Main <[email protected]>
marshallmain
added a commit
that referenced
this pull request
Sep 26, 2023
) (#3980) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155) Co-authored-by: Marshall Main <[email protected]>
marshallmain
added a commit
that referenced
this pull request
Sep 26, 2023
) (#3981) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit cbd0155) Co-authored-by: Marshall Main <[email protected]>
joepeeples
added a commit
that referenced
this pull request
May 22, 2024
* Add alert suppression clarification note Per /pull/3879 * Clarify note in new terms rule create Per /pull/3943 * Update images for QA bugs Per /pull/3946 * Add new terms rule type to create rule API docs Per /pull/3914 * Add new terms rule type to *update* rule API docs Per /pull/3914
acorretti
pushed a commit
that referenced
this pull request
Nov 19, 2024
) (#3978) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit 67448e0) Co-authored-by: Marshall Main <[email protected]>
acorretti
pushed a commit
that referenced
this pull request
Nov 19, 2024
) (#3979) * Add new terms rule type to Detections API create/update rule docs * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Update copy for history_window_start recommended format * Apply suggestions from code review Co-authored-by: natasha-moore-elastic <[email protected]> * Add example request and response for new terms rule * Fix copy paste errors --------- Co-authored-by: natasha-moore-elastic <[email protected]> (cherry picked from commit 67448e0) Co-authored-by: Marshall Main <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds API docs for the new terms rule type, introduced in elastic/kibana#134526 (stack v8.4.0). Support for multiple values in
new_terms_fieldswas added in 8.6 (elastic/kibana#143943), so if we backport as far as 8.4 and 8.5 we should modify theMust contain 1-3 field names.text to reflect the limitation (something likeMust contain 1 field name.instead).