Skip to content

[DED] Add info to clarify network and file events#14718

Merged
susan-shu-c merged 4 commits intomainfrom
update-ded-docs
Jul 29, 2025
Merged

[DED] Add info to clarify network and file events#14718
susan-shu-c merged 4 commits intomainfrom
update-ded-docs

Conversation

@susan-shu-c
Copy link
Copy Markdown
Member

@susan-shu-c susan-shu-c commented Jul 28, 2025
edited
Loading

Proposed commit message

Clarify network and file events in Data Exfiltration Detection

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

Related issues

Screenshots

@susan-shu-c susan-shu-c marked this pull request as ready for review July 28, 2025 18:21
@susan-shu-c susan-shu-c requested review from a team as code owners July 28, 2025 18:21
sodhikirti07
sodhikirti07 reviewed Jul 28, 2025
View reviewed changes
Comment thread packages/ded/docs/README.md
sodhikirti07
sodhikirti07 approved these changes Jul 28, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@sodhikirti07 sodhikirti07 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes lgtm!

qn895
qn895 approved these changes Jul 28, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@qn895 qn895 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@andrewkroh andrewkroh added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. Integration:ded Data Exfiltration Detection Team:Security-Applied ML Elastic Security Protections Machine Learning (ML) team [elastic/sec-applied-ml] labels Jul 28, 2025
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Jul 28, 2025

Pinging @elastic/sec-applied-ml (Team:Security-Applied ML)

@susan-shu-c susan-shu-c enabled auto-merge (squash) July 28, 2025 20:05
@susan-shu-c
Copy link
Copy Markdown
Member Author

susan-shu-c commented Jul 28, 2025

Hmm, similar to this PR which we discussed before, the build for DED fails if the pivot transform's destination index and ingest pipeline version isn't bumped, so I bumped it

@susan-shu-c susan-shu-c disabled auto-merge July 28, 2025 20:40
@elastic-sonarqube
Copy link
Copy Markdown

elastic-sonarqube Bot commented Jul 28, 2025

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Jul 28, 2025

💚 Build Succeeded

History

@susan-shu-c susan-shu-c merged commit f77af4f into main Jul 29, 2025
9 checks passed
@susan-shu-c susan-shu-c deleted the update-ded-docs branch July 29, 2025 13:06
@elastic-vault-github-plugin-prod
Copy link
Copy Markdown

elastic-vault-github-plugin-prod Bot commented Jul 29, 2025

Package ded - 2.3.4 containing this change is available at https://epr.elastic.co/package/ded/2.3.4/

@andrewkroh andrewkroh added the enhancement New feature or request label Aug 7, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@qn895 qn895 qn895 approved these changes

@sodhikirti07 sodhikirti07 sodhikirti07 approved these changes

Assignees

No one assigned

Labels

documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Integration:ded Data Exfiltration Detection Team:Security-Applied ML Elastic Security Protections Machine Learning (ML) team [elastic/sec-applied-ml]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@susan-shu-c @elasticmachine @qn895 @sodhikirti07 @andrewkroh