Hello,
Version 7.9.2
I was trying to clean up / close some old alerts and I get the following error:
Known issue?
In the Kibana logs I find a 409:
Request referrer:
https://kiburl:5601/app/security/detections?filters=!((%27$state%27:(store:appState),meta:(alias:%27Noisy%20SIEM%20Rules%27,disabled:!t,key:signal.rule.tags,negate:!t,params:!(Noisy),type:phrases,value:Noisy),query:(bool:(minimum_should_match:1,should:!((match_phrase:(signal.rule.tags:Noisy)))))),(%27$state%27:(store:appState),meta:(alias:!n,disabled:!f,key:signal.status,negate:!t,params:(query:closed),type:phrase),query:(match:(signal.status:(query:closed,type:phrase)))),(%27$state%27:(store:appState),meta:(alias:!n,disabled:!f,key:signal.rule.tags,negate:!f,params:!(APM),type:phrases,value:APM),query:(bool:(minimum_should_match:1,should:!((match_phrase:(signal.rule.tags:APM)))))),(%27$state%27:(store:appState),meta:(alias:!n,disabled:!f,key:signal.rule.name,negate:!f,params:(query:%27Web%20Application%20Suspicious%20Activity:%20No%20User%20Agent%20(excl%20known%20url.path%20values)%27),type:phrase),query:(match:(signal.rule.name:(query:%27Web%20Application%20Suspicious%20Activity:%20No%20User%20Agent%20(excl%20known%20url.path%20values)%27,type:phrase)))))&timerange=(global:(linkTo:!(timeline),timerange:(from:%272019-11-23T21:22:16.942Z%27,fromStr:now-1y,kind:relative,to:%272020-11-23T21:22:16.942Z%27,toStr:now)),timeline:(linkTo:!(global),timerange:(from:%272019-11-23T21:22:16.942Z%27,fromStr:now-1y,kind:relative,to:%272020-11-23T21:22:16.942Z%27,toStr:now)))
Grtz
Willem