Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Detection Engine health telemetry #166397

Open
1 task
banderror opened this issue Sep 13, 2023 · 2 comments
Open
1 task

[Security Solution] Detection Engine health telemetry #166397

banderror opened this issue Sep 13, 2023 · 2 comments
Assignees
@banderror
Labels
epic Feature:Rule Monitoring Security Solution Detection Rule Monitoring area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@banderror
Copy link
Contributor

banderror commented Sep 13, 2023
edited
Loading

Related to: #125642

Summary

Telemetry for detection rules is one of the important mechanisms to have to be able to monitor and troubleshoot issues in Serverless prod. We already have some telemetry for rules, but it doesn't seem to work correctly / show accurate statistics. For instance, it shows that there are no gaps across all clusters in the last 30 days, which we know is not true.

We need to fix what we have now and develop it further by adding more metrics to track.

Sub-tasks

Fixing existing telemetry
Preview Give feedback
  1. [Security Solution] Fix usage collector telemetry for detection rules #166399
    Feature:Rule Monitoring Team: SecuritySolution Team:Detection Rule Management Team:Detections and Resp

Extending telemetry
Preview Give feedback
No tasks being tracked yet.
@banderror banderror added Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. epic Feature:Rule Monitoring Security Solution Detection Rule Monitoring area Team:Detection Rule Management Security Detection Rule Management Team 8.11 candidate labels Sep 13, 2023
@banderror banderror self-assigned this Sep 13, 2023
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@banderror banderror changed the title [Security Solution] Detection Engine health telemetry (Draft) [Security Solution] Detection Engine health telemetry Sep 13, 2023
@banderror banderror mentioned this issue Sep 13, 2023
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@banderror banderror

Labels
epic Feature:Rule Monitoring Security Solution Detection Rule Monitoring area Team:Detection Rule Management Security Detection Rule Management Team Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@banderror @elasticmachine