Skip to content

[8.19] Prebuilt rule reversion documentation #6937

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 21, 2025
Merged

[8.19] Prebuilt rule reversion documentation #6937

merged 3 commits into from
Jul 21, 2025

Conversation

nastasha-solomon
Copy link
Contributor

@nastasha-solomon nastasha-solomon commented Jul 17, 2025
edited
Loading

Contributes to elastic/docs-content#1940 by documenting how to check modified prebuilt rule fields and revert them.

Previews:

Corresponding 9.19 and Serverless docs: elastic/docs-content#2175

@nastasha-solomon nastasha-solomon self-assigned this Jul 17, 2025
@github-actions GitHub Actions
Copy link

A documentation preview will be available soon.

Request a new doc build by commenting
  • Rebuild this PR: run docs-build
  • Rebuild this PR and all Elastic docs: run docs-build rebuild

run docs-build is much faster than run docs-build rebuild. A rebuild should only be needed in rare situations.

If your PR continues to fail for an unknown reason, the doc build pipeline may be broken. Elastic employees can check the pipeline status here.

@nastasha-solomon nastasha-solomon mentioned this pull request Jul 17, 2025
Merged
@nastasha-solomon nastasha-solomon marked this pull request as ready for review July 17, 2025 21:54
@nastasha-solomon nastasha-solomon requested a review from a team as a code owner July 17, 2025 21:54
dplumlee
dplumlee approved these changes Jul 17, 2025
View reviewed changes
Copy link
Contributor

@dplumlee dplumlee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This language looks good to me @nastasha-solomon, do you think it's worth putting any documentation for the "missing base version" case where we suggest they update the rule instead? Can't remember exactly how we split that description up in the rule upgrade docs but we have similar levels of explanation between the two features in-app

@nastasha-solomon
Copy link
Contributor Author

Ooh, yeah good idea. I'll add that in a few hours. Thanks!

This was referenced Jul 17, 2025
Closed
Closed
nastasha-solomon added a commit to elastic/docs-content that referenced this pull request Jul 21, 2025
@nastasha-solomon
[SECURITY][9.1 & Serverless] Prebuilt rule reversion documentation (#…
f2ccc7b 
…2175)

Contributes to #1940 by
documenting how to check modified prebuilt rule fields and revert them.

Previews:
- [Modify existing rules
settings](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/2175/solutions/security/detect-and-alert/manage-detection-rules#edit-rules-settings)
- Added a note to the end about how to spot and view modified fields on
prebuilt rules.
- [Revert modifications to prebuilt
rules](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/2175/solutions/security/detect-and-alert/manage-detection-rules#revert-rule-changes)
- New section

**Corresponding 8.19 PR**:
elastic/security-docs#6937
@nastasha-solomon nastasha-solomon merged commit 5f9171f into 8.19 Jul 21, 2025
4 checks passed
@nastasha-solomon nastasha-solomon deleted the rule-reversion-8.19 branch July 21, 2025 17:27
@nastasha-solomon nastasha-solomon mentioned this pull request Jul 23, 2025
Closed
16 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dplumlee dplumlee dplumlee approved these changes

Assignees

@nastasha-solomon nastasha-solomon

Labels

Team: Detections/Response Detections and Response v8.19.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nastasha-solomon @dplumlee