Note for Elastic Security users added to 7.x to 9.x upgrade doc #4391
Conversation
Vale Linting ResultsSummary: 1 suggestion found 💡 Suggestions (1)
|
🔍 Preview links for changed docs |
shainaraskas
left a comment
shainaraskas
left a comment
There was a problem hiding this comment.
I think the experience team should validate this as well
| It's highly recommended to start this upgrade from the latest 7.17.x patch release to ensure that you’re using the most recent version of the Elastic Upgrade Assistant. You should also upgrade to the latest available 8.19.x patch release so that the same benefits apply when you later upgrade to 9.x. | ||
|
|
||
| :::::{note} | ||
| If you use the [{{elastic-sec}} solution](/solutions/security.md), read the full [Upgrade {{elastic-sec}} from 7.17 to 8.x](https://www.elastic.co/guide/en/security/8.19/upgrade-7.17-8x.html) guide when planning the upgrade. |
There was a problem hiding this comment.
perhaps this should be a warning?
| If you use the [{{elastic-sec}} solution](/solutions/security.md), read the full [Upgrade {{elastic-sec}} from 7.17 to 8.x](https://www.elastic.co/guide/en/security/8.19/upgrade-7.17-8x.html) guide when planning the upgrade. | |
| If you use the [{{elastic-sec}} solution](/solutions/security.md), then you need to perform additional steps as part of the upgrade process. Review [Upgrade {{elastic-sec}} from 7.17 to 8.x](https://www.elastic.co/guide/en/security/8.19/upgrade-7.17-8x.html) before you begin your upgrade. |
There was a problem hiding this comment.
I'm in favor of switching the admonition to a warning and using the stronger, more direct language. There's a good amount of pre and post checks that users will need to complete when moving from 7.17->8.x, so the more emphasis, the better.
nastasha-solomon
left a comment
nastasha-solomon
left a comment
There was a problem hiding this comment.
Just left one suggestion that's totally optional. Otherwise, lgtm - thank you!
| If you use the [{{elastic-sec}} solution](/solutions/security.md), read the full [Upgrade {{elastic-sec}} from 7.17 to 8.x](https://www.elastic.co/guide/en/security/8.19/upgrade-7.17-8x.html) guide when planning the upgrade. | ||
|
|
||
| In particular: | ||
| * Export all custom detection rules as a backup before upgrading, in case there are issues with the detection engine after the upgrade. |
There was a problem hiding this comment.
We don't explicitly recommend this in the guide for upgrading from 7.17.x -> 8.x, but there's really no harm in advising it here. If anything, it's sound advice for upgrading to any Security version.
|
|
||
| In particular: | ||
| * Export all custom detection rules as a backup before upgrading, in case there are issues with the detection engine after the upgrade. | ||
| * Review [alert schema changes](https://www.elastic.co/guide/en/security/8.19/alert-schema.html) if alerts are forwarded to an external SOAR, or if you directly query alert data in custom dashboards or tools. |
There was a problem hiding this comment.
| * Review [alert schema changes](https://www.elastic.co/guide/en/security/8.19/alert-schema.html) if alerts are forwarded to an external SOAR, or if you directly query alert data in custom dashboards or tools. | |
| * Review [alert schema changes](https://www.elastic.co/guide/en/security/8.19/alert-schema.html) if alerts are forwarded to an external SOAR, or if you directly query alert data in custom dashboards or visualizations. |
|
|
||
| It's highly recommended to start this upgrade from the latest 7.17.x patch release to ensure that you’re using the most recent version of the Elastic Upgrade Assistant. You should also upgrade to the latest available 8.19.x patch release so that the same benefits apply when you later upgrade to 9.x. | ||
|
|
||
| :::::{note} |
There was a problem hiding this comment.
@natasha-moore-elastic or @jmikell821 can you please take a look at this change.
There was a problem hiding this comment.
hah. never mind, @nastasha-solomon beat me to it (again!)
There was a problem hiding this comment.
me jumping on PR reviews:
When we added that document we didn't realized we already had documented some specific steps and checks for Elastic Security users regarding detection rules.
This PR adds a note for the 7.17 --> 8.19 upgrade step to remind Elastic Security users to read that doc and highlights some of the items.
Closes #3619