Alerts will have a permanent URL link that users can reference to find and identify a specific Alert
Why are we doing this work
In order to triage alerts, a security operations engineer or a security analyst must be able to share a link to that alert easily.
Relevant links
Design: Based on this discussion, we determined that adding a details page example would be a faster approach than creating a drawer with a link to it.
Non-functional requirements
-
Documentation: -
Performance: -
Testing:
Implementation plan
-
create a details page for threat monitoring alerts like the alert management one (preliminary work: patch.txt) -
frontend move this alert management code into a shared location (!51508 (merged)) -
backend add a details path for threat monitoring alerts similar to alert management. Make the route threat_monitoring/alerts/:id
(!51417 (merged)) -
backend add page property for alert management details data helper method (per !51508 (comment 500422494)) (!51417 (merged)) -
frontend remove default page from alert_details/index method (per !51508 (comment 500422494)) (!51417 (merged))
~~- [ ] frontend allow user to change alert status from standalone page~~ Do in #321891 (closed)
-
Edited by Alexander Turinske