Kibana - Unable to sync case with alert


in Kibana, using the SIEM security alert. When i try to create a case and choses option to sync case with alert it throws error below:

"Detected an unhandled Promise rejection.

    Message: illegal_argument_exception
Root causes:
	illegal_argument_exception: unexpected metadata [op:updated_rules] in source

    Stack: Error: Internal Server Error"

Any ideals ?

Hi @BigM1,

Welcome back! Which version of Elastic are you using?

Thanks @carly.richmond !

I'm using version "8.11.1"

Thanks for confirming. Have you recently upgraded at all?

I would recommend upgrading to 8.11.3 to see if that solves the issue. Otherwise it could be a good idea to raise an issue on the GitHub repo if the issue persists.

Hope that helps!

Thanks @carly.richmond ! will try that

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.