Skip to content

[Security Rules][Backport] Integrate security_detection_engine OOM testing pipeline in 9.1 #16114

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 26, 2025
Merged

[Security Rules][Backport] Integrate security_detection_engine OOM testing pipeline in 9.1 #16114

merged 1 commit into from
Nov 26, 2025

Conversation

@maximpn
Copy link
Contributor

@maximpn maximpn commented Nov 25, 2025

Partially addresses: elastic/kibana#188090

Summary

#15829 manual backport to backport-security_detection_engine-9.1.

@maximpn maximpn self-assigned this Nov 25, 2025
@maximpn maximpn changed the base branch from main to backport-security_detection_engine-9.1 November 25, 2025 14:30
@maximpn
Copy link
Contributor Author

maximpn commented Nov 25, 2025

/test

@elasticmachine
Copy link

elasticmachine commented Nov 25, 2025
edited
Loading

💔 Build Failed

Failed CI Steps

History

cc @maximpn

@maximpn maximpn added the Integration:security_detection_engine Prebuilt Security Detection Rules label Nov 25, 2025
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Nov 25, 2025

🚀 Benchmarks report

Package abnormal_security 👍(5) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 5917.16 4587.16 -1330 (-22.48%) 💔

Package apache 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
error 5291.01 3610.11 -1680.9 (-31.77%) 💔

Package apache_tomcat 👍(4) 💚(4) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
thread_pool 9259.26 6802.72 -2456.54 (-26.53%) 💔

Package armis 👍(1) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alert 3558.72 2493.77 -1064.95 (-29.93%) 💔

Package atlassian_bitbucket 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 5181.35 3875.97 -1305.38 (-25.19%) 💔

Package auth0 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
logs 2638.52 2197.8 -440.72 (-16.7%) 💔

Package authentik 👍(2) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
event 2570.69 2100.84 -469.85 (-18.28%) 💔

Package aws_mq 👍(2) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
rabbitmq_general_logs 14084.51 10526.32 -3558.19 (-25.26%) 💔

Package awsfirehose 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
logs 3322.26 2695.42 -626.84 (-18.87%) 💔

Package azure 👍(8) 💚(1) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
springcloudlogs 4926.11 3115.26 -1810.85 (-36.76%) 💔
graphactivitylogs 1594.9 1165.5 -429.4 (-26.92%) 💔
platformlogs 4566.21 3144.65 -1421.56 (-31.13%) 💔

Package azure_frontdoor 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
access 2512.56 2105.26 -407.3 (-16.21%) 💔

Package azure_openai 👍(0) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
logs 1307.19 932.84 -374.35 (-28.64%) 💔
metrics 500000 250000 -250000 (-50%) 💔

Package barracuda_cloudgen_firewall 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 10752.69 8771.93 -1980.76 (-18.42%) 💔

Package beyondinsight_password_safe 👍(3) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
session 8264.46 5882.35 -2382.11 (-28.82%) 💔
useraudit 9433.96 7194.24 -2239.72 (-23.74%) 💔

Package bitdefender 👍(1) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
push_statistics 71428.57 55555.56 -15873.01 (-22.22%) 💔

Package bitwarden 👍(0) 💚(3) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
collection 21739.13 13698.63 -8040.5 (-36.99%) 💔
event 2724.8 2252.25 -472.55 (-17.34%) 💔

Package blacklens 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alerts 9345.79 5319.15 -4026.64 (-43.09%) 💔

Package carbon_black_cloud 👍(3) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
asset_vulnerability_summary 16129.03 11235.96 -4893.07 (-30.34%) 💔
watchlist_hit 4629.63 3906.25 -723.38 (-15.63%) 💔

Package ceph 👍(4) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
cluster_health 26315.79 20833.33 -5482.46 (-20.83%) 💔
osd_tree 25641.03 13333.33 -12307.7 (-48%) 💔

Package checkpoint_email 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
event 2155.17 1776.2 -378.97 (-17.58%) 💔

Package cisco_duo 👍(5) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
activity 4291.85 3558.72 -733.13 (-17.08%) 💔
telephony_v2 47619.05 34482.76 -13136.29 (-27.59%) 💔

Package cisco_secure_email_gateway 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 1633.99 1179.25 -454.74 (-27.83%) 💔

Package citrix_adc 👍(2) 💚(3) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
interface 5847.95 4901.96 -945.99 (-16.18%) 💔

Package cloudflare_logpush 👍(16) 💚(1) 💔(4)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
nel_report 31250 25641.03 -5608.97 (-17.95%) 💔
workers_trace 9523.81 6451.61 -3072.2 (-32.26%) 💔
casb 8928.57 6329.11 -2599.46 (-29.11%) 💔
firewall_event 5050.51 3533.57 -1516.94 (-30.04%) 💔

Package couchbase 👍(6) 💚(1) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
xdcr 26315.79 22222.22 -4093.57 (-15.56%) 💔
cache 16666.67 12820.51 -3846.16 (-23.08%) 💔
query_index 9523.81 4201.68 -5322.13 (-55.88%) 💔

Package couchdb 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
server 4329 3663 -666 (-15.38%) 💔

Package crowdstrike 👍(6) 💚(3) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
falcon 5128.21 3868.47 -1259.74 (-24.56%) 💔

Package cyberark_epm 👍(3) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
policyaudit_aggregated_event 3731.34 2832.86 -898.48 (-24.08%) 💔

Package cyberark_pta 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
events 7633.59 6024.1 -1609.49 (-21.08%) 💔

Package cyera 👍(1) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
event 5952.38 3759.4 -2192.98 (-36.84%) 💔
issue 4291.85 2898.55 -1393.3 (-32.46%) 💔

Package cylance 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
protect 66666.67 37037.04 -29629.63 (-44.44%) 💔

Package darktrace 👍(2) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
system_status_alert 5405.41 4098.36 -1307.05 (-24.18%) 💔

Package elastic_package_registry 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
metrics 4608.29 3891.05 -717.24 (-15.56%) 💔

Package elasticsearch 👍(4) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
slowlog 5076.14 3745.32 -1330.82 (-26.22%) 💔

Package eset_protect 👍(2) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
device_task 4545.45 3802.28 -743.17 (-16.35%) 💔

Package falco 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alerts 1499.25 1172.33 -326.92 (-21.81%) 💔

Package first_epss 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
vulnerability 55555.56 45454.55 -10101.01 (-18.18%) 💔

Package forgerock 👍(2) 💚(1) 💔(8)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
idm_core 50000 34482.76 -15517.24 (-31.03%) 💔
idm_sync 34482.76 23809.52 -10673.24 (-30.95%) 💔
am_authentication 27777.78 11235.96 -16541.82 (-59.55%) 💔
am_config 41666.67 11111.11 -30555.56 (-73.33%) 💔
idm_access 21739.13 12500 -9239.13 (-42.5%) 💔
idm_activity 40000 20000 -20000 (-50%) 💔
idm_authentication 45454.55 21276.6 -24177.95 (-53.19%) 💔
idm_config 34482.76 27027.03 -7455.73 (-21.62%) 💔

Package fortinet_fortiproxy 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 1321 972.76 -348.24 (-26.36%) 💔

Package gitlab 👍(4) 💚(2) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
application 2915.45 2222.22 -693.23 (-23.78%) 💔

Package goflow2 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
sflow 3367 2347.42 -1019.58 (-30.28%) 💔

Package golang 👍(0) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
heap 3952.57 3289.47 -663.1 (-16.78%) 💔

Package google_workspace 👍(9) 💚(2) 💔(11)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
drive 7092.2 2832.86 -4259.34 (-60.06%) 💔
gcp 10309.28 6410.26 -3899.02 (-37.82%) 💔
group_enterprise 5154.64 3225.81 -1928.83 (-37.42%) 💔
login 10101.01 7352.94 -2748.07 (-27.21%) 💔
access_transparency 2092.05 1677.85 -414.2 (-19.8%) 💔
token 3875.97 2680.97 -1195 (-30.83%) 💔
vault 10204.08 7194.24 -3009.84 (-29.5%) 💔
alert 3436.43 2688.17 -748.26 (-21.77%) 💔
context_aware_access 5847.95 3048.78 -2799.17 (-47.87%) 💔
data_studio 11494.25 5235.6 -6258.65 (-54.45%) 💔
device 2369.67 1703.58 -666.09 (-28.11%) 💔

Package hashicorp_vault 👍(0) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 8333.33 6802.72 -1530.61 (-18.37%) 💔

Package hpe_aruba_cx 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 838.93 581.06 -257.87 (-30.74%) 💔

Package island_browser 👍(1) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
device 3389.83 2666.67 -723.16 (-21.33%) 💔
user 13157.89 9523.81 -3634.08 (-27.62%) 💔

Package jamf_protect 👍(2) 💚(0) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
telemetry_legacy 1996.01 1345.9 -650.11 (-32.57%) 💔
web_threat_events 9433.96 6329.11 -3104.85 (-32.91%) 💔
web_traffic_events 6097.56 4854.37 -1243.19 (-20.39%) 💔

Package kafka 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 9433.96 4716.98 -4716.98 (-50%) 💔

Package keeper_security_siem_integration 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 6711.41 5524.86 -1186.55 (-17.68%) 💔

Package kibana 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 6329.11 4901.96 -1427.15 (-22.55%) 💔

Package kubernetes 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
container_logs 200000 142857.14 -57142.86 (-28.57%) 💔

Package lastpass 👍(1) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
event_report 2403.85 1158.75 -1245.1 (-51.8%) 💔

Package lumos 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
activity_logs 22727.27 12987.01 -9740.26 (-42.86%) 💔

Package m365_defender 👍(1) 💚(0) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alert 958.77 592.42 -366.35 (-38.21%) 💔
incident 1048.22 712.76 -335.46 (-32%) 💔
vulnerability 15151.52 2183.41 -12968.11 (-85.59%) 💔

Package microsoft_defender_endpoint 👍(2) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
vulnerability 4201.68 1776.2 -2425.48 (-57.73%) 💔

Package microsoft_exchange_server 👍(1) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
imap4_pop3 22727.27 18518.52 -4208.75 (-18.52%) 💔
messagetracking 10526.32 7692.31 -2834.01 (-26.92%) 💔

Package microsoft_sqlserver 👍(0) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 1655.63 1355.01 -300.62 (-18.16%) 💔
log 12195.12 7874.02 -4321.1 (-35.43%) 💔

Package mimecast 👍(6) 💚(2) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
ttp_ip_logs 23255.81 12195.12 -11060.69 (-47.56%) 💔
ttp_url_logs 15384.62 10309.28 -5075.34 (-32.99%) 💔
archive_search_logs 9803.92 8264.46 -1539.46 (-15.7%) 💔

Package mongodb_atlas 👍(6) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
disk 14705.88 8064.52 -6641.36 (-45.16%) 💔

Package mysql 👍(1) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
error 32258.06 23809.52 -8448.54 (-26.19%) 💔
replica_status 2967.36 1754.39 -1212.97 (-40.88%) 💔

Package netscout 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
sightline 100000 76923.08 -23076.92 (-23.08%) 💔

Package netskope 👍(2) 💚(2) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
events 2398.08 1733.1 -664.98 (-27.73%) 💔

Package network_traffic 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
memcached 1851.85 891.27 -960.58 (-51.87%) 💔

Package nginx 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
access 2793.3 2247.19 -546.11 (-19.55%) 💔

Package nginx_ingress_controller 👍(0) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
access 2673.8 2232.14 -441.66 (-16.52%) 💔
error 29411.76 22727.27 -6684.49 (-22.73%) 💔

Package nozomi_networks 👍(4) 💚(0) 💔(4)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 5681.82 4016.06 -1665.76 (-29.32%) 💔
health 20000 11904.76 -8095.24 (-40.48%) 💔
node_cve 5181.35 3300.33 -1881.02 (-36.3%) 💔
session 8695.65 6172.84 -2522.81 (-29.01%) 💔

Package o365 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 2314.81 1730.1 -584.71 (-25.26%) 💔

Package o365_metrics 👍(14) 💚(3) 💔(4)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
sharepoint_site_usage_storage 19607.84 15625 -3982.84 (-20.31%) 💔
teams_user_activity_user_counts 10638.3 7042.25 -3596.05 (-33.8%) 💔
teams_user_activity_user_detail 1700.68 1443 -257.68 (-15.15%) 💔
groups_activity_group_detail 2169.2 1751.31 -417.89 (-19.26%) 💔

Package okta 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
system 1522.07 1291.99 -230.08 (-15.12%) 💔

Package opencanary 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
events 2207.51 1536.1 -671.41 (-30.41%) 💔

Package oracle_weblogic 👍(1) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
access 9433.96 7407.41 -2026.55 (-21.48%) 💔
domain 22727.27 12048.19 -10679.08 (-46.99%) 💔

Package panw_cortex_xdr 👍(1) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alerts 1390.82 1146.79 -244.03 (-17.55%) 💔
incidents 9708.74 7812.5 -1896.24 (-19.53%) 💔

Package prisma_cloud 👍(2) 💚(2) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
host_profile 3508.77 2506.27 -1002.5 (-28.57%) 💔

Package proofpoint_on_demand 👍(1) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 2032.52 1445.09 -587.43 (-28.9%) 💔

Package proofpoint_tap 👍(1) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
clicks_blocked 2777.78 2331 -446.78 (-16.08%) 💔
message_blocked 3460.21 2570.69 -889.52 (-25.71%) 💔

Package proxysg 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 4310.34 3125 -1185.34 (-27.5%) 💔

Package qualys_vmdr 👍(2) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
user_activity 11764.71 9523.81 -2240.9 (-19.05%) 💔

Package rabbitmq 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 6849.32 5780.35 -1068.97 (-15.61%) 💔

Package rapid7_insightvm 👍(2) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
asset 6451.61 3311.26 -3140.35 (-48.68%) 💔

Package rubrik 👍(6) 💚(0) 💔(6)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
unmanaged_objects 31250 26315.79 -4934.21 (-15.79%) 💔
virtual_machines 41666.67 32258.06 -9408.61 (-22.58%) 💔
drives 13333.33 8849.56 -4483.77 (-33.63%) 💔
mssql_databases 25641.03 17857.14 -7783.89 (-30.36%) 💔
node_statistics 17543.86 10000 -7543.86 (-43%) 💔
physical_hosts 40000 20408.16 -19591.84 (-48.98%) 💔

Package salesforce 👍(2) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
login 17857.14 12195.12 -5662.02 (-31.71%) 💔
setupaudittrail 7246.38 5263.16 -1983.22 (-27.37%) 💔

Package sentinel_one 👍(6) 💚(4) 💔(4)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alert 3691.4 2525.25 -1166.15 (-31.59%) 💔
activity 5917.16 4217.63 -1699.53 (-28.72%) 💔
application_risk 12285.01 9140.77 -3144.24 (-25.59%) 💔
group 31347.96 25252.53 -6095.43 (-19.44%) 💔

Package sonicwall_firewall 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 1703.58 1434.72 -268.86 (-15.78%) 💔

Package sophos_central 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alert 1494.77 1191.9 -302.87 (-20.26%) 💔

Package splunk 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alert 997.01 715.31 -281.7 (-28.25%) 💔

Package spycloud 👍(0) 💚(2) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
compass 2840.91 2325.58 -515.33 (-18.14%) 💔

Package squid 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 4716.98 3571.43 -1145.55 (-24.29%) 💔

Package stormshield 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 2288.33 1605.14 -683.19 (-29.86%) 💔

Package sublime_security 👍(0) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
email_message 1106.19 698.81 -407.38 (-36.83%) 💔
message_event 12658.23 7299.27 -5358.96 (-42.34%) 💔

Package swimlane 👍(1) 💚(0) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit_logs 2421.31 1926.78 -494.53 (-20.42%) 💔
swimlane_api 2816.9 2183.41 -633.49 (-22.49%) 💔
tenant_api 8928.57 2262.44 -6666.13 (-74.66%) 💔

Package system 👍(1) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
syslog 500000 333333.33 -166666.67 (-33.33%) 💔

Package system_audit 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
package 66666.67 43478.26 -23188.41 (-34.78%) 💔

Package tenable_io 👍(3) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
plugin 5681.82 3802.28 -1879.54 (-33.08%) 💔

Package tenable_sc 👍(1) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
asset 2932.55 2012.07 -920.48 (-31.39%) 💔

Package tencent_cloud 👍(1) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
clb 3048.78 2463.05 -585.73 (-19.21%) 💔
scf 17543.86 8928.57 -8615.29 (-49.11%) 💔

Package ti_abusech 👍(5) 💚(4) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
ja3_fingerprints 22222.22 8038.59 -14183.63 (-63.83%) 💔
malwarebazaar 14492.75 11933.17 -2559.58 (-17.66%) 💔
malwarebazaar 14492.75 8620.69 -5872.06 (-40.52%) 💔

Package ti_custom 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
indicator 2439.02 2036.66 -402.36 (-16.5%) 💔

Package ti_cybersixgill 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
threat 3278.69 2570.69 -708 (-21.59%) 💔

Package ti_domaintools 👍(3) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
nad_feed 71428.57 58823.53 -12605.04 (-17.65%) 💔

Package ti_eset 👍(1) 💚(0) 💔(6)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
botnet 13888.89 7575.76 -6313.13 (-45.45%) 💔
cc 20408.16 9009.01 -11399.15 (-55.86%) 💔
domains 15384.62 7299.27 -8085.35 (-52.55%) 💔
files 22222.22 6993.01 -15229.21 (-68.53%) 💔
ip 23809.52 7874.02 -15935.5 (-66.93%) 💔
url 27027.03 14705.88 -12321.15 (-45.59%) 💔

Package ti_google_threat_intelligence 👍(13) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
trending 6802.72 5494.51 -1308.21 (-19.23%) 💔

Package ti_otx 👍(0) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
pulses_subscribed 3194.89 2164.5 -1030.39 (-32.25%) 💔
threat 8695.65 5714.29 -2981.36 (-34.29%) 💔

Package ti_rapid7_threat_command 👍(2) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alert 3773.58 3125 -648.58 (-17.19%) 💔

Package ti_recordedfuture 👍(2) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
triggered_alert 7936.51 4566.21 -3370.3 (-42.47%) 💔

Package trellix_epo_cloud 👍(1) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
event 2680.97 2145.92 -535.05 (-19.96%) 💔
group 26315.79 18867.92 -7447.87 (-28.3%) 💔

Package tychon 👍(13) 💚(4) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
cmrs 43478.26 35714.29 -7763.97 (-17.86%) 💔
epp 1901.14 1515.15 -385.99 (-20.3%) 💔

Package varonis 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
logs 7633.59 4329 -3304.59 (-43.29%) 💔

Package vsphere 👍(3) 💚(3) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
datastore 32258.06 25641.03 -6617.03 (-20.51%) 💔
virtualmachine 45454.55 31250 -14204.55 (-31.25%) 💔

Package websphere_application_server 👍(1) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
jdbc 10101.01 6944.44 -3156.57 (-31.25%) 💔
servlet 20408.16 13333.33 -7074.83 (-34.67%) 💔

Package wiz 👍(4) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
cloud_configuration_finding 5376.34 2450.98 -2925.36 (-54.41%) 💔

Package zerofox 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alerts 3496.5 2375.3 -1121.2 (-32.07%) 💔

Package zeronetworks 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 3831.42 3039.51 -791.91 (-20.67%) 💔

Package zscaler_zia 👍(3) 💚(3) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
alerts 3846.15 3194.89 -651.26 (-16.93%) 💔
firewall 1795.33 1406.47 -388.86 (-21.66%) 💔

Package zscaler_zpa 👍(2) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 4166.67 3460.21 -706.46 (-16.96%) 💔
user_status 5263.16 4000 -1263.16 (-24%) 💔

To see the full report comment with /test benchmark fullreport

@andrewkroh andrewkroh removed the Integration:security_detection_engine Prebuilt Security Detection Rules label Nov 25, 2025
@maximpn maximpn requested a review from mrodm November 26, 2025 08:38
@maximpn maximpn marked this pull request as ready for review November 26, 2025 08:38
@maximpn maximpn requested a review from a team as a code owner November 26, 2025 08:38
mrodm
mrodm approved these changes Nov 26, 2025
View reviewed changes
Copy link
Collaborator

@mrodm mrodm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍
Those packages failing in CI are unrelated to this change.

@mrodm mrodm merged commit 1c6c632 into elastic:backport-security_detection_engine-9.1 Nov 26, 2025
6 of 7 checks passed
@maximpn maximpn deleted the integrate-oom-testing-for-security-detection-engine-9-1 branch November 26, 2025 09:59
@maximpn maximpn mentioned this pull request Nov 27, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mrodm mrodm mrodm approved these changes

Assignees

@maximpn maximpn

Labels

backport

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@maximpn @elasticmachine @mrodm @andrewkroh