[Defend Workflows]observer.serial_number field for SentinelOne's Alerts is showing as agent status in Timeline.
#174235
Assignees
Labels
bug
Fixes for quality problems that affect the customer experience
impact:medium
Addressing this issue will have a medium level of impact on the quality/strength of our product.
OLM Sprint
QA:Validated
Issue has been validated by QA
Team:Defend Workflows
“EDR Workflows” sub-team of Security Solution
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
v8.12.0
Comments
sukhwindersingh-qasource
added
bug
|
Pinging @elastic/security-defend-workflows (Team:Defend Workflows) |
|
Pinging @elastic/security-solution (Team: SecuritySolution) |
|
@muskangulati-qasource Please review this |
|
Reviewed and assigned to @dasansol92 |
|
My guess is it's a UI issue when displaying it and not a mapping issue, since the search by |
|
Hi @ashokaditya , |
|
@sukhwindersingh-qasource thanks for providing the event data. I can see that it has a serial_number as expected. |
|
It's a bug, working on it, Great catch @sukhwindersingh-qasource 🙇 |
patrykkopycinski
added a commit
that referenced
this issue
Jan 12, 2024
…ed fields (#174421) ## Summary Fixes #174235 <img width="1809" alt="image" src="https://github.com/elastic/kibana/assets/5188868/43f120c7-8bbd-4e5a-9824-5db4fda9f35c">
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this issue
Jan 12, 2024
…ed fields (elastic#174421) ## Summary Fixes elastic#174235 <img width="1809" alt="image" src="https://github.com/elastic/kibana/assets/5188868/43f120c7-8bbd-4e5a-9824-5db4fda9f35c"> (cherry picked from commit 5344f86)
kibanamachine
referenced
this issue
Jan 13, 2024
…ghlighted fields (#174421) (#174802) # Backport This will backport the following commits from `main` to `8.12`: - [[sentinel_one] Fix agent status field name in Alert details highlighted fields (#174421)](#174421) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Patryk Kopyciński","email":"contact@patrykkopycinski.com"},"sourceCommit":{"committedDate":"2024-01-12T23:03:06Z","message":"[sentinel_one] Fix agent status field name in Alert details highlighted fields (#174421)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana/issues/174235\r\n\r\n<img width=\"1809\" alt=\"image\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/43f120c7-8bbd-4e5a-9824-5db4fda9f35c\">","sha":"5344f86769536b901c19d6ce894c5b614a3836ac","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","v8.12.1","v8.13.0"],"title":"[sentinel_one] Fix agent status field name in Alert details highlighted fields","number":174421,"url":"https://github.com/elastic/kibana/pull/174421","mergeCommit":{"message":"[sentinel_one] Fix agent status field name in Alert details highlighted fields (#174421)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana/issues/174235\r\n\r\n<img width=\"1809\" alt=\"image\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/43f120c7-8bbd-4e5a-9824-5db4fda9f35c\">","sha":"5344f86769536b901c19d6ce894c5b614a3836ac"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"8.12","label":"v8.12.1","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.13.0","branchLabelMappingKey":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/174421","number":174421,"mergeCommit":{"message":"[sentinel_one] Fix agent status field name in Alert details highlighted fields (#174421)\n\n## Summary\r\n\r\nFixes https://github.com/elastic/kibana/issues/174235\r\n\r\n<img width=\"1809\" alt=\"image\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/43f120c7-8bbd-4e5a-9824-5db4fda9f35c\">","sha":"5344f86769536b901c19d6ce894c5b614a3836ac"}}]}] BACKPORT--> Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
Bug Conversion
Thanks! |
|
Hi @dasansol92, We have tested this ticket on the BC1 build for 8.12.1. Please find below the testing details: Build Details Screenshots & Observations
Please let us know if anything else is required from our side. Thank you! |
|
Thanks @muskangulati-qasource , @tomsonpl could you take a look at this? Thanks! |
patrykkopycinski
added a commit
that referenced
this issue
Feb 10, 2024
## Summary Fixes #174235 <img width="1906" alt="Zrzut ekranu 2024-02-5 o 11 54 15" src="https://github.com/elastic/kibana/assets/5188868/5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890"> <img width="1910" alt="Zrzut ekranu 2024-02-5 o 11 53 53" src="https://github.com/elastic/kibana/assets/5188868/425efd0b-242e-4bb7-b034-13b34c1dde44"> Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>
ashokaditya
pushed a commit
to ashokaditya/kibana
that referenced
this issue
Feb 12, 2024
) ## Summary Fixes elastic#174235 <img width="1906" alt="Zrzut ekranu 2024-02-5 o 11 54 15" src="https://github.com/elastic/kibana/assets/5188868/5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890"> <img width="1910" alt="Zrzut ekranu 2024-02-5 o 11 53 53" src="https://github.com/elastic/kibana/assets/5188868/425efd0b-242e-4bb7-b034-13b34c1dde44"> Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com> (cherry picked from commit 361398c) # Conflicts: # x-pack/plugins/security_solution/public/timelines/components/timeline/body/renderers/formatted_field.tsx
ashokaditya
added a commit
that referenced
this issue
Feb 12, 2024
) (#176663) # Backport This will backport the following commits from `main` to `8.12`: - [[SentinelOne] Fix Agent status on Timeline Alert details (#176210)](#176210) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Patryk Kopyciński","email":"contact@patrykkopycinski.com"},"sourceCommit":{"committedDate":"2024-02-10T12:28:32Z","message":"[SentinelOne] Fix Agent status on Timeline Alert details (#176210)\n\n## Summary\r\n \r\nFixes #174235 \r\n\r\n<img width=\"1906\" alt=\"Zrzut ekranu 2024-02-5 o 11 54 15\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890\">\r\n\r\n<img width=\"1910\" alt=\"Zrzut ekranu 2024-02-5 o 11 53 53\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/425efd0b-242e-4bb7-b034-13b34c1dde44\">\r\n\r\nCo-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>","sha":"361398cd9d8af89210dfb8c70dd0631e22ec5beb","branchLabelMapping":{"^v8.13.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["bug","release_note:skip","OLM Sprint","v8.13.0","v8.12.2"],"number":176210,"url":"https://github.com/elastic/kibana/pull/176210","mergeCommit":{"message":"[SentinelOne] Fix Agent status on Timeline Alert details (#176210)\n\n## Summary\r\n \r\nFixes #174235 \r\n\r\n<img width=\"1906\" alt=\"Zrzut ekranu 2024-02-5 o 11 54 15\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890\">\r\n\r\n<img width=\"1910\" alt=\"Zrzut ekranu 2024-02-5 o 11 53 53\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/425efd0b-242e-4bb7-b034-13b34c1dde44\">\r\n\r\nCo-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>","sha":"361398cd9d8af89210dfb8c70dd0631e22ec5beb"}},"sourceBranch":"main","suggestedTargetBranches":["8.12"],"targetPullRequestStates":[{"branch":"main","label":"v8.13.0","labelRegex":"^v8.13.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/176210","number":176210,"mergeCommit":{"message":"[SentinelOne] Fix Agent status on Timeline Alert details (#176210)\n\n## Summary\r\n \r\nFixes #174235 \r\n\r\n<img width=\"1906\" alt=\"Zrzut ekranu 2024-02-5 o 11 54 15\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890\">\r\n\r\n<img width=\"1910\" alt=\"Zrzut ekranu 2024-02-5 o 11 53 53\"\r\nsrc=\"https://github.com/elastic/kibana/assets/5188868/425efd0b-242e-4bb7-b034-13b34c1dde44\">\r\n\r\nCo-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>","sha":"361398cd9d8af89210dfb8c70dd0631e22ec5beb"}},{"branch":"8.12","label":"v8.12.2","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Patryk Kopyciński <contact@patrykkopycinski.com>
dasansol92
added
the
QA:Ready for Testing
CoenWarmer
pushed a commit
to CoenWarmer/kibana
that referenced
this issue
Feb 15, 2024
…ed fields (elastic#174421) ## Summary Fixes elastic#174235 <img width="1809" alt="image" src="https://github.com/elastic/kibana/assets/5188868/43f120c7-8bbd-4e5a-9824-5db4fda9f35c">
CoenWarmer
pushed a commit
to CoenWarmer/kibana
that referenced
this issue
Feb 15, 2024
) ## Summary Fixes elastic#174235 <img width="1906" alt="Zrzut ekranu 2024-02-5 o 11 54 15" src="https://github.com/elastic/kibana/assets/5188868/5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890"> <img width="1910" alt="Zrzut ekranu 2024-02-5 o 11 53 53" src="https://github.com/elastic/kibana/assets/5188868/425efd0b-242e-4bb7-b034-13b34c1dde44"> Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>
CoenWarmer
pushed a commit
to CoenWarmer/kibana
that referenced
this issue
Feb 15, 2024
) ## Summary Fixes elastic#174235 <img width="1906" alt="Zrzut ekranu 2024-02-5 o 11 54 15" src="https://github.com/elastic/kibana/assets/5188868/5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890"> <img width="1910" alt="Zrzut ekranu 2024-02-5 o 11 53 53" src="https://github.com/elastic/kibana/assets/5188868/425efd0b-242e-4bb7-b034-13b34c1dde44"> Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>
|
Hi @dasansol92 Thanks for the update. We have tested this issue on latest Kibana v8.13.0 and found that issue is now fixed. Please find the below observationsBuild DetailsObservations
Hence, we are closing this ticket as QA Approved. Thanks. |
arvindersingh-qasource
added
QA:Validated
fkanout
pushed a commit
to fkanout/kibana
that referenced
this issue
Mar 4, 2024
) ## Summary Fixes elastic#174235 <img width="1906" alt="Zrzut ekranu 2024-02-5 o 11 54 15" src="https://github.com/elastic/kibana/assets/5188868/5f40dc64-c0fc-4fbf-b4b9-d8ee6e75c890"> <img width="1910" alt="Zrzut ekranu 2024-02-5 o 11 53 53" src="https://github.com/elastic/kibana/assets/5188868/425efd0b-242e-4bb7-b034-13b34c1dde44"> Co-authored-by: Ash <1849116+ashokaditya@users.noreply.github.com>
|
PR /pull/176210 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug:
observer.serial_numberfield for SentinelOne's Alerts is showing asagent statusin Timeline.Build Details:
Preconditions
Steps to Reproduce
observer.serial_numberfield for SentinelOne's Alerts is showing asagent statusin Timeline.Actual result
observer.serial_numberfield for SentinelOne's Alerts is showing asagent statusin Timeline.Expected Result
Screen-Cast
Alerts page
Timeline
Cases
The text was updated successfully, but these errors were encountered: