From 65bf05f7e207728e3fa43280ff6347c2546a9253 Mon Sep 17 00:00:00 2001
From: "nastasha.solomon" <nastasha.solomon@elastic.co>
Date: Thu, 21 Nov 2024 15:31:35 -0500
Subject: [PATCH 1/2] First draft

---
 docs/release-notes.asciidoc      |  2 ++
 docs/release-notes/8.17.asciidoc | 59 ++++++++++++++++++++++++++++++++
 2 files changed, 61 insertions(+)
 create mode 100644 docs/release-notes/8.17.asciidoc

diff --git a/docs/release-notes.asciidoc b/docs/release-notes.asciidoc
index ca01ecb5a8..b65b623ff4 100644
--- a/docs/release-notes.asciidoc
+++ b/docs/release-notes.asciidoc
@@ -3,6 +3,7 @@
 
 This section summarizes the changes in each release.
 
+* <<release-notes-8.17.0, {elastic-sec} version 8.17.0>>
 * <<release-notes-8.16.0, {elastic-sec} version 8.16.0>>
 * <<release-notes-8.15.4, {elastic-sec} version 8.15.4>>
 * <<release-notes-8.15.3, {elastic-sec} version 8.15.3>>
@@ -67,6 +68,7 @@ This section summarizes the changes in each release.
 * <<release-notes-8.0.0, {elastic-sec} version 8.0.0>>
 * <<release-notes-8.0.0-rc2, {elastic-sec} version 8.0.0-rc2>>
 
+include::release-notes/8.17.asciidoc[]
 include::release-notes/8.16.asciidoc[]
 include::release-notes/8.15.asciidoc[]
 include::release-notes/8.14.asciidoc[]
diff --git a/docs/release-notes/8.17.asciidoc b/docs/release-notes/8.17.asciidoc
new file mode 100644
index 0000000000..5225a9f2cc
--- /dev/null
+++ b/docs/release-notes/8.17.asciidoc
@@ -0,0 +1,59 @@
+[[release-notes-header-8.17.0]]
+== 8.17
+
+[discrete]
+[[known-issue-8.17.0]]
+==== Known issues
+
+// tag::known-issue[]
+[discrete]
+.Duplicate alerts can be produced from manually running threshold rules 
+[%collapsible]
+====
+*Details* +
+On November 12, 2024, it was discovered that manually running threshold rules could produce duplicate alerts if the date range was already covered by a scheduled rule execution.
+
+====
+// end::known-issue[]
+
+// tag::known-issue[]
+[discrete]
+.Manually running custom query rules with suppression could suppress more alerts than expected
+[%collapsible]
+====
+*Details* +
+On November 12, 2024, it was discovered that manually running a custom query rule with suppression could incorrectly inflate the number of suppressed alerts. 
+
+====
+// end::known-issue[]
+
+[discrete]
+[[features-8.17.0]]
+==== New features
+* Adds Signer option to Mac trusted apps ({kibana-pull}197821[#197821]).
+
+[discrete]
+[[enhancements-8.17.0]]
+==== Enhancements
+* Check user permissions before initialising entity engine ({kibana-pull}198661[#198661]).
+
+[discrete]
+[[bug-fixes-8.17.0]]
+==== Bug fixes
+* Fixes a bug in Automatic Import where icons were not shown after the integration was installed ({kibana-pull}201139[#201139]).
+* Only refresh the asset criticality index after bulk upload ({kibana-pull}200897[#200897]).
+* Fetching Assistant Knowledge Base fails when current user's username contains a : character ({kibana-pull}200131[#200131]).
+* Index Values are not available in dropdown under New Index Enter for Knowledge Base ({kibana-pull}199990[#199990]).
+* Fixes `required_fields` being removed after rule `PATCH` calls ({kibana-pull}199901[#199901]).
+* Update file validation because the file type is empty on windows ({kibana-pull}199791[#199791]).
+* API changes for right placement of deleting the old component template ({kibana-pull}199734[#199734]).
+* Improve asset criticality bulk error when entities are duplicated ({kibana-pull}199651[#199651]).
+* Fixes Asset Criticality index issue when setting up entity engines concurrently ({kibana-pull}199486[#199486]).
+* Fixes issue with duplicate timeline reloading ({kibana-pull}198652[#198652]).
+* Refactor UI on insights ({kibana-pull}197349[#197349]).
+* Explicitly Skip two mocked data tests form serverless MKI runs ({kibana-pull}196871[#196871]).
+* Bug: update timestamp on criticality soft delete ({kibana-pull}196722[#196722]).
+* Fixes a bug where quickly disabling and re-enabling event aggregation will result in aggregation being disabled.
+* On Linux endpoints, enable process information enrichment for file and network events when process events are disabled.
+* Fixes a time skew bug when Linux VMs using ebpf event probes are suspended and then resumed.
+* Fixes a bug where the Linux system call, setsid, was not properly gathered for RHEL 9/CentOS Stream 9 process events.
\ No newline at end of file

From e0c4f7bbf63e79de966c98f1db6ecfe1ccb53b3f Mon Sep 17 00:00:00 2001
From: "nastasha.solomon" <nastasha.solomon@elastic.co>
Date: Thu, 21 Nov 2024 15:48:20 -0500
Subject: [PATCH 2/2] Adds ver header

---
 docs/release-notes/8.17.asciidoc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/release-notes/8.17.asciidoc b/docs/release-notes/8.17.asciidoc
index 5225a9f2cc..63c8b77a55 100644
--- a/docs/release-notes/8.17.asciidoc
+++ b/docs/release-notes/8.17.asciidoc
@@ -1,6 +1,10 @@
 [[release-notes-header-8.17.0]]
 == 8.17
 
+[discrete]
+[[release-notes-8.17.0]]
+=== 8.17.0
+
 [discrete]
 [[known-issue-8.17.0]]
 ==== Known issues