Skip to content

[Backport 2.18] fixes the duplicate alerts generated by Aggregation Sigma Roles #1438

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: 2.18
Choose a base branch
from
Open

[Backport 2.18] fixes the duplicate alerts generated by Aggregation Sigma Roles #1438

wants to merge 1 commit into from

Conversation

opensearch-trigger-bot[bot]
Copy link
Contributor

Backport 4845337 from #1424.

@github-actions
fixes the duplicate alerts generated by Aggregation Sigma Roles (#1424)
f964dd1 
* De-dupe Alerts generated by Aggregation Sigma Rules fix

Signed-off-by: Riya Saxena <[email protected]>

* De-dupe Alerts generated by Aggregation Sigma Rules fix

Signed-off-by: Riya Saxena <[email protected]>

* De-dupe Alerts generated by Aggregation Sigma Rules fix

Signed-off-by: Riya Saxena <[email protected]>

* tests fix

Signed-off-by: Riya Saxena <[email protected]>

* tests fix

Signed-off-by: Riya Saxena <[email protected]>

---------

Signed-off-by: Riya Saxena <[email protected]>
(cherry picked from commit 4845337)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@GitUseDeveloper
Copy link

how to write a sigma aggregation rule?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@amsiglan amsiglan Awaiting requested review from amsiglan amsiglan is a code owner

@AWSHurneyt AWSHurneyt Awaiting requested review from AWSHurneyt AWSHurneyt is a code owner

@getsaurabh02 getsaurabh02 Awaiting requested review from getsaurabh02 getsaurabh02 is a code owner

@lezzago lezzago Awaiting requested review from lezzago lezzago is a code owner

@praveensameneni praveensameneni Awaiting requested review from praveensameneni praveensameneni is a code owner

@sbcd90 sbcd90 Awaiting requested review from sbcd90 sbcd90 is a code owner

@eirsep eirsep Awaiting requested review from eirsep eirsep is a code owner

@jowg-amazon jowg-amazon Awaiting requested review from jowg-amazon jowg-amazon is a code owner

@engechas engechas Awaiting requested review from engechas engechas is a code owner

@goyamegh goyamegh Awaiting requested review from goyamegh goyamegh is a code owner

@riysaxen-amzn riysaxen-amzn Awaiting requested review from riysaxen-amzn riysaxen-amzn is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

autocut

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@GitUseDeveloper