Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Automatic Import] Copy related information from more fields #196423

Open
ilyannn opened this issue Oct 15, 2024 · 0 comments
Open

[Automatic Import] Copy related information from more fields #196423

ilyannn opened this issue Oct 15, 2024 · 0 comments
Labels
enhancement New value added to drive a business result Feature:AutomaticImport Team:Security-Scalability Team label for Security Integrations Scalability Team

Comments

@ilyannn
Copy link
Contributor

ilyannn commented Oct 15, 2024
edited
Loading

Context

LLM was previously trying to add information from fields that are not simply accessible, e.g. inventing the syntax like:

ai_falcon_202410141910.audit.event.AuditKeyValues.[?Key=='assigned_to_uid'].ValueString | [0]

Since this syntax does not exist, we have restricted LLM In #196207 from seeing these fields.

Action Item

We can check the approach used for accessing this field in manually created integrations and implement similar way in Automatic Import.

See https://elastic.slack.com/archives/C063A65FKQ8/p1728979224510749 for the discussion.
@botelastic botelastic bot added the needs-team Issues missing a team label label Oct 15, 2024
@ilyannn ilyannn added the Team:Security-Scalability Team label for Security Integrations Scalability Team label Oct 15, 2024
@botelastic botelastic bot removed the needs-team Issues missing a team label label Oct 15, 2024
@ilyannn ilyannn added the enhancement New value added to drive a business result label Oct 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New value added to drive a business result Feature:AutomaticImport Team:Security-Scalability Team label for Security Integrations Scalability Team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ilyannn