[SIEM][Detections] Create Enable Rule onboarding flow #65943
Labels
enhancement
New value added to drive a business result
Feature:Detection Rules
Anything related to Security Solution's Detection Rules
Team: SecuritySolution
Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Team:SIEM
Comments
spong
added
enhancement
|
Pinging @elastic/siem (Team:SIEM) |
spong
changed the title
|
Per discussion with @MikePaquette and @mchopda this ticket scoped out of 7.9 release. Users will still have pre-built Endpoint Rule default on, but does not see an onboarding flow in the UI. They may see and turn them on/off in the Rules Management page. |
|
Closing as we are tracking on-boarding improvements for enabling Elastic Endpoint rules here https://github.com/elastic/security-team/issues/203 |
MindyRS
added
the
Team: SecuritySolution
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As part of #65942, two new pre-packaged rules will be introduced to ensure any alert can be used within an investigation. Since it is most beneficial to the user if these rules are enabled right after they're installed, this issue is for displaying a brief onboarding flow after the pre-packaged rules have been installed.
The text was updated successfully, but these errors were encountered: