Conversation
github-actions
bot
added
Architecture
Preview links (active after the
|
There was a problem hiding this comment.
Connections should not link out to Actions platform. See in my doc the additional info I included about SentinelOne Credentials.
Separately - should "setup" be its own subpage like for Dev Agent?
|
Added an Editorial Review card: DOCS-13727 |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 556cb7b75b
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
|
|
||
| ### Key capabilities | ||
|
|
||
| Bits AI Security Analyst investigations are autonomous. If a detection rule is enabled, Bits AI autonomously investigates signals associated with it. |
There was a problem hiding this comment.
This overview sentence says any enabled detection rule is investigated, but the setup section below narrows that to eligible rules above the configured severity and notes that some custom rules are not eligible (content/en/bits_ai/bits_ai_security_analyst.md:68-75). Readers who enable a low-severity rule, apply a query filter, or use an ineligible custom rule will expect Bits AI to run and will interpret the missing investigation as a product failure.
Useful? React with 👍 / 👎.
|
|
||
| Bits AI Security Analyst investigations are autonomous. If a detection rule is enabled, Bits AI autonomously investigates signals associated with it. | ||
|
|
||
| In the [Cloud SIEM Signals Explorer][5], you can click the **Bits AI Security Analyst** tab to only show signals that Bits AI investigated. In the Severity column, a Bits AI status displays as Investigating, Benign, or Suspicious. |
There was a problem hiding this comment.
This line documents the list view as showing Investigating, Benign, or Suspicious in the Severity column, but the screenshot added in the same commit shows an Investigated badge alongside the verdict badges. As written, the page tells users to look for a state that the UI does not display, making the instructions inconsistent with the screenshot and harder to follow during triage.
Useful? React with 👍 / 👎.
3 participants
What does this PR do? What is the motivation?
New documentation for Bits AI Security Analyst.
Merge instructions
Please hold off on merging until I have approval from the PM. Thanks!
Merge readiness:
For Datadog employees:
Your branch name MUST follow the
<name>/<description>convention and include the forward slash (/). Without this format, your pull request will not pass CI, the GitLab pipeline will not run, and you won't get a branch preview. Getting a branch preview makes it easier for us to check any issues with your PR, such as broken links.If your branch doesn't follow this format, rename it or create a new branch and PR.
[6/5/2025] Merge queue has been disabled on the documentation repo. If you have write access to the repo, the PR has been reviewed by a Documentation team member, and all of the required checks have passed, you can use the Squash and Merge button to merge the PR. If you don't have write access, or you need help, reach out in the #documentation channel in Slack.
AI assistance
Additional notes