IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Post-upgrade steps (optional) Index template script »
Elastic Docs Elastic Security Solution [8.1] Post-upgrade steps (optional)

Migrate detection alerts enriched with threat intelligence

edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

Migrate detection alerts enriched with threat intelligence

edit

After upgrading to Elastic Stack version 7.15.x from a release between 7.12.0 and 7.14.2, you need to migrate detection alerts enriched with threat intelligence data to ensure threat intelligence properly displays in Elastic Security.

To migrate detection alerts:

  1. Ensure that all detection rules are deactivated prior to upgrading your Elastic Stack.
  2. Upgrade Kibana. See Upgrade Kibana for more information.
  3. Visit the Overview or Alerts page in Elastic Security to update the detection alert indices.
  4. Migrate old alerts using the Detection Alerts Migration API.
  5. Reactivate all detection rules.

Deactivate all detection rules

edit

To deactivate all detection rules:

  1. Go to DetectRules.
  2. Click the Select All Rules button above the All rules table.
  3. Click Bulk actionsDisable.

Reactivate all detection rules

edit

To reactivate all detection rules:

  1. Go to DetectRules.
  2. Click the Select All Rules button above the All rules table.
  3. Click Bulk actionsEnable.
« Post-upgrade steps (optional) Index template script »