Kibana: [Security Solution] "Select all X Alerts" button ignores the time range and will close ALL open alerts for that rule

Created on 29 Oct 2020  路  2Comments  路  Source: elastic/kibana

Describe the bug:
Alert bulk close functionality ignores the time range filter and will close ALL open alerts for a given rule

Kibana/Elasticsearch Stack version:
Occurs in 7.9

Steps to reproduce:

  1. Navigate to Detections page
  2. Update the time range in the global KQL bar
  3. In the Alerts table click on "Select all X alerts"
  4. Notice that you receive a confirmation button saying "Successfully closed Y alerts" where Y > X. It is closing more alerts than expected

Current behavior:
The bulk close functionality is ignoring the time range and closing more alerts than expected

Expected behavior:
The bulk close functionality should respected the time range filter

Screenshots (if relevant):
bug_bulk_close_time_range mov

Detection Rules SecuritySolution Detections and Resp bug fixed high v7.10.0
Source
picture peluja1012

Most helpful comment

Tested and working on 7.10-BC5

picture MadameSheema on 6 Nov 2020
🎉2

All 2 comments

Tested and working on 7.10-BC5

MadameSheema picture MadameSheema on 6 Nov 2020
🎉2

Bug Conversion:

Created 01 new Test-Case for this Ticket

Thanks

deepikakeshav-qasource picture deepikakeshav-qasource on 24 Nov 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

spalger picture spalger  路  3Comments
timroes picture timroes  路  3Comments
timmolter picture timmolter  路  3Comments
treussart picture treussart  路  3Comments
MaartenUreel picture MaartenUreel  路  3Comments