Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[8.13] SentinelOne bidirectional actions - response console & history (classic/ESS) (backport #4885) #4933

Merged
merged 1 commit into from
Mar 18, 2024

Conversation

mergify[bot]
Copy link
Contributor

@mergify mergify bot commented Mar 18, 2024

Contributes to #4875 by documenting the latest functionality for SentinelOne actions (can be performed from response console and are now displayed in response action history).

Previews

  • Endpoint response actions – Reorg to make a top-level TOC section from this page and its subpages. No content changes on this page.
    • Isolate a host – Small tweaks for more general instruction on opening response console (there are many possible methods).
    • Response actions history – Add mention of agent type category in Type filter menu; small formatting tweaks.
    • Bidirectional response actions – New page explains what bidirectional actions are, lists supported actions for each third-party system. Currently just SentinelOne and a few actions, but this page will grow with future feature releases.
    • Configure bidirectional actions – Rename page to align with new page above.

Terms: "bidirectional"?

This PR leans more heavily on the name "bidirectional" as a category of response actions. Is this term meaningful to customers, or would a different term be better, such as "third-party" or something else?

TOC Reorg

This PR also does some reorg to improve the flow and navigation for response actions, which were previously buried two levels deep under a very broad "Endpoint management" section.

image

Serverless docs

No serverless docs PR open yet. I'll wait until the content is finalized in this classic/ESS PR, then open a serverless docs PR with the same content changes.


This is an automatic backport of pull request #4885 done by Mergify.

…ic/ESS) (#4885)

* Reorder & rename pages for flow

Also matches newer organization scheme in serverless

* More reordering and renaming for flow

Also matches newer organization scheme in serverless

* First (mostly complete) draft

Create new page, update related other pages

* Apply suggestions from review

Co-authored-by: Ash <[email protected]>

* Use "third-party" vs. "bidirectional"

* Follow-up resolve merge conflict

Add new page (automated-response-actions) to the TOC

---------

Co-authored-by: Ash <[email protected]>
(cherry picked from commit 6cf5f34)
@mergify mergify bot requested a review from a team as a code owner March 18, 2024 21:11
@mergify mergify bot added the backport label Mar 18, 2024
Copy link

A documentation preview will be available soon.

Request a new doc build by commenting
  • Rebuild this PR: run docs-build
  • Rebuild this PR and all Elastic docs: run docs-build rebuild

run docs-build is much faster than run docs-build rebuild. A rebuild should only be needed in rare situations.

If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here.

@joepeeples joepeeples merged commit 34ba10a into 8.13 Mar 18, 2024
4 checks passed
@mergify mergify bot deleted the mergify/bp/8.13/pr-4885 branch March 18, 2024 22:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant