-
Notifications
You must be signed in to change notification settings - Fork 423
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial Release of Sysdig Secure Integration #10841
Initial Release of Sysdig Secure Integration #10841
Conversation
…usted params and got pipeline tests to pass
…ms. Updated documentation to match and built project
/test |
🚀 Benchmarks reportTo see the full report comment with |
packages/sysdig/kibana/dashboard/sysdig-1b3c9930-f0c2-46c8-9bce-47738b8bfa33.json
Outdated
Show resolved
Hide resolved
packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml
Show resolved
Hide resolved
packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations) |
packages/sysdig/data_stream/alerts/_dev/test/system/test-default-config.yml
Outdated
Show resolved
Hide resolved
packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/sysdig/data_stream/alerts/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/sysdig/data_stream/alerts/_dev/test/pipeline/test-sysdig.log-config.yml
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
PR changes LGTM! Waiting for a manual test in a real scenario to approve it.
Integration was connected to a Sysdig event forwarder for "live environment" testing and data was successfully intercepted! |
💚 Build Succeeded
History
|
Quality Gate passedIssues Measures |
What does this PR do?
This is an initial release of a new integration for Sysdig Secure. It captures events that are created by Sysdig's Rules. It includes:
A data stream for events from Sysdig rules.
Ingest pipeline for events data stream
Mapped fields according to the ECS schema and added Fields metadata in the appropriate yml files
Dashboard and visualizations of events.
Test for pipeline for event data stream.
System test cases for event data stream.
Documentation for users on how to configure Sysdig for this integration.
Checklist
changelog.yml
file.What's Ready to Review
How to test this PR locally
Related issues
Screenshots