maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/x-pack/plugins/case
History
Jonathan Buttner 4739eab490
[Security Solution][Case][Bug] Prevent closing collection when pushing (#93095) 
* Prevent closing collection when pushing

* Fixing translations
2021-03-01 17:11:47 -05:00
..
common [Security Solution][Case] Fix subcases bugs on detections and case view (#91836) 2021-02-26 15:35:43 +02:00
server [Security Solution][Case][Bug] Prevent closing collection when pushing (#93095) 2021-03-01 17:11:47 -05:00
jest.config.js Elastic License 2.0 (#90099) 2021-02-03 18:12:39 -08:00
kibana.json [Security Solution][Case] Sync cases with alerts (#84731) 2020-12-14 21:11:53 +02:00
package.json [Case] Detection rules for case (#88726) 2021-02-12 09:03:53 -05:00
README.md [Security Solution][Case] Improve cases and actions docs (#87817) 2021-01-25 17:41:25 +02:00

README.md

Case Workflow

Experimental Feature

Elastic is developing a Case Management Workflow. Follow our progress:

Action types

See Kibana Actions for more information.

Case

ID: .case

The params properties are modelled after the arguments to the Cases API.

config

This action has no config properties.

secrets

This action type has no secrets properties.

params

Property Description Type
subAction The sub action to perform. It can be create, update, and addComment string
subActionParams The parameters of the sub action object

subActionParams (create)

Property Description Type
tile The cases title. string
description The cases description. string
tags String array containing words and phrases that help categorize cases. string[]
connector Object containing the connectors configuration. connector
settings Object containing the cases settings. settings

subActionParams (update)

Property Description Type
id The ID of the case being updated. string
tile The updated case title. string
description The updated case description. string
tags The updated case tags. string
connector Object containing the connectors configuration. connector
status The updated case status, which can be: open, in-progress or closed. string
settings Object containing the cases settings. settings
version The current case version. string

subActionParams (addComment)

Property Description Type
type The type of the comment. user
comment The comment. string

connector

Property Description Type
id ID of the connector used for pushing case updates to external systems. string
name The connector name. string
type The type of the connector. Must be one of these: .servicenow, jira, .resilient, and .none string
fields Object containing the connectors fields. fields

fields

For ServiceNow connectors:

Property Description Type
urgency The urgency of the incident. string
severity The severity of the incident. string
impact The impact of the incident. string

For Jira connectors:

Property Description Type
issueType The issue type of the issue. string
priority The priority of the issue. string
parent The key of the parent issue (Valid when the issue type is Sub-task). string

For IBM Resilient connectors:

Property Description Type
issueTypes The issue types of the issue. string[]
severityCode The severity code of the issue. string

settings

Property Description Type
syncAlerts Turn on or off alert synching. boolean