Skip to content

Add new time interval fields to Sighting entity #474

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gbuisson merged 1 commit into from
Nov 28, 2025
Merged

Add new time interval fields to Sighting entity #474

gbuisson merged 1 commit into from
Nov 28, 2025

Conversation

@gbuisson
Copy link
Contributor

@gbuisson gbuisson commented Nov 26, 2025

Add three new optional ObservedTime fields to the Sighting schema:

  • activity_interval: time when malicious activity occurred
  • detection_interval: time when activity was detected by source engine
  • modification_interval: time when sighting record was created/updated

Closes XDR-41654

@gbuisson
Add time interval fields to Sighting entity
6c1de06 
Add three new optional ObservedTime fields to the Sighting schema:
- activity_interval: time when malicious activity occurred
- detection_interval: time when activity was detected by source engine
- modification_interval: time when sighting record was created/updated

Closes XDR-41654
@gbuisson gbuisson self-assigned this Nov 26, 2025
msprunck
msprunck approved these changes Nov 27, 2025
View reviewed changes
Copy link
Contributor

@msprunck msprunck left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@gbuisson gbuisson changed the title Add time interval fields to Sighting entity Add new time interval fields to Sighting entity Nov 28, 2025
@gbuisson gbuisson merged commit e13bc52 into master Nov 28, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@msprunck msprunck msprunck approved these changes

@yogsototh yogsototh Awaiting requested review from yogsototh yogsototh is a code owner

@ereteog ereteog Awaiting requested review from ereteog ereteog is a code owner

@frenchy64 frenchy64 Awaiting requested review from frenchy64 frenchy64 is a code owner

@turbodog99 turbodog99 Awaiting requested review from turbodog99 turbodog99 is a code owner

@wandersoncferreira wandersoncferreira Awaiting requested review from wandersoncferreira wandersoncferreira is a code owner

@safi safi Awaiting requested review from safi safi is a code owner

@samwagg samwagg Awaiting requested review from samwagg samwagg is a code owner

@marioaquino marioaquino Awaiting requested review from marioaquino marioaquino is a code owner

@t2sw t2sw Awaiting requested review from t2sw t2sw is a code owner

@brookeswanson brookeswanson Awaiting requested review from brookeswanson brookeswanson is a code owner

Assignees

@gbuisson gbuisson

Labels

review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gbuisson @msprunck