You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: release-notes/elastic-cloud-serverless/known-issues.md
+14-14Lines changed: 14 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -64,20 +64,6 @@ Set the alert delay value to 1 or turn on **Alert flapping detection**.
64
64
65
65
## Resolved
66
66
67
-
:::{dropdown} Installing the {{elastic-defend}} integration or a new agent policy in {{sec-serverless}} forces an upgrade of prebuilt rules
68
-
69
-
On April 10, 2025, it was discovered that when you install a new {{elastic-defend}} integration or agent policy, the installed prebuilt detection rules upgrade to their latest versions (if any new versions are available). The upgraded rules lose any user-added rule actions, exceptions, and customizations.
70
-
71
-
**Workaround**
72
-
73
-
To resolve this issue, before you add an {{elastic-defend}} integration to a policy in {{fleet}}, apply any pending prebuilt rule updates. This will prevent rule actions, exceptions, and customizations from being overwritten.
74
-
75
-
**Resolved**
76
-
77
-
This was resolved on April 14, 2025.
78
-
79
-
:::
80
-
81
67
:::{dropdown} In {{sec-serverless}}, the entity risk score feature may stop persisting risk score documents
82
68
83
69
On May 30, 2025, it was discovered that the entity risk score feature may stop persisting risk score documents if risk scoring was previously turned on. This is due to a bug that prevents the `entity_analytics_create_eventIngest_from_timestamp-pipeline-<space_name>` ingest pipeline (which is set as a default pipeline for the risk scoring index in an earlier {{serverless-short}} release) from being created when {{kib}} starts up.
@@ -113,4 +99,18 @@ After you complete this step, risk scores should automatically begin to successf
113
99
114
100
This was resolved on June 17, 2025.
115
101
102
+
:::
103
+
104
+
:::{dropdown} Installing the {{elastic-defend}} integration or a new agent policy in {{sec-serverless}} forces an upgrade of prebuilt rules
105
+
106
+
On April 10, 2025, it was discovered that when you install a new {{elastic-defend}} integration or agent policy, the installed prebuilt detection rules upgrade to their latest versions (if any new versions are available). The upgraded rules lose any user-added rule actions, exceptions, and customizations.
107
+
108
+
**Workaround**
109
+
110
+
To resolve this issue, before you add an {{elastic-defend}} integration to a policy in {{fleet}}, apply any pending prebuilt rule updates. This will prevent rule actions, exceptions, and customizations from being overwritten.
0 commit comments