-
Notifications
You must be signed in to change notification settings - Fork 423
Insights: elastic/integrations
September 20, 2024 – September 27, 2024
Overview
Could not load contribution data
Please try again later
39 Pull requests merged by 21 people
-
GA microsoft_dnsserver integration
#11269 merged
Sep 27, 2024 -
[checkpoint] Drop support for EOL OS version R80.X
#11263 merged
Sep 27, 2024 -
Migrate security service packages to GA
#11210 merged
Sep 27, 2024 -
[vSphere] Add SSL/TLS support for
tcp
input inlog
data stream#11061 merged
Sep 27, 2024 -
Add related.entity to cloudtrail integration
#11115 merged
Sep 27, 2024 -
f5_bigip: url decode user agent strings
#11222 merged
Sep 27, 2024 -
Rename the ingestion-team
#11228 merged
Sep 27, 2024 -
[carbon_black_cloud] Fix alert_v7 CEL pagination logic
#11259 merged
Sep 27, 2024 -
[cisco_ftd] Fix parsing issues with message IDs 210007, 305013, and 302023
#11257 merged
Sep 26, 2024 -
[AWS] Update integration name to Amazon Bedrock
#11256 merged
Sep 26, 2024 -
[vSphere] Release new integration version.
#11255 merged
Sep 26, 2024 -
[vSphere] Update README and fix Resourcepool datastream TSDB
#11242 merged
Sep 26, 2024 -
[Azure docs] Clarify generic vs specialized integrations
#11232 merged
Sep 26, 2024 -
[google_workspace]: Remove link to unpublished security-labs blog from README.
#11216 merged
Sep 26, 2024 -
Update tests using journalctl tool to start a custom independent agent
#11186 merged
Sep 26, 2024 -
[ti_*] Fix
labels.is_ioc_transform_source
values#11231 merged
Sep 26, 2024 -
[Kubernetes] Fix Overview dashboard Kibana id
#11243 merged
Sep 26, 2024 -
forgerock: fix handling of query time ranges
#11240 merged
Sep 26, 2024 -
carbon_black_cloud: fix timestamp type when using cursor value
#11221 merged
Sep 26, 2024 -
Add condition field to Keycloak log datastream
#11213 merged
Sep 26, 2024 -
qualys_vmdr: retain event.original as json
#11248 merged
Sep 26, 2024 -
[Azure] Application Gateway WAF: add event.reason
#10007 merged
Sep 25, 2024 -
[CI] Update find oldest supported script
#11227 merged
Sep 25, 2024 -
[vSphere] Filter alerts and warnings from triggered alarms.
#11230 merged
Sep 25, 2024 -
o365,sentinel_one_cloud_funnel,sysmon_linux,system,windows: tighten ipv4 extraction
#11052 merged
Sep 25, 2024 -
[pfsense] Add SNORT log processing
#11182 merged
Sep 24, 2024 -
[fortinet_fortimanager] Add more ECS fields mappings
#11237 merged
Sep 24, 2024 -
[squid] Add dashboard, improve documentation, GA integration
#11145 merged
Sep 24, 2024 -
[vSphere][network] fix issue with TSDB network name
#11229 merged
Sep 24, 2024 -
Docker: bump package-spec version to 3.2.2
#11196 merged
Sep 24, 2024 -
[Kubernetes] Use filestream fingerprint mode by default for container_logs datastream
#11212 merged
Sep 24, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11223 merged
Sep 24, 2024 -
all: fix sample_event.json final newlines
#11174 merged
Sep 23, 2024 -
[netflow]: Append all ip addresses found to the related.ip field.
#11193 merged
Sep 23, 2024 -
cisco_aironet: add ECS mapping for destination.port
#11103 merged
Sep 23, 2024 -
[vSphere][network] Create network datastream
#10993 merged
Sep 23, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11206 merged
Sep 23, 2024 -
Remove event.original removal processors (integrations AWS & Azure)
#10888 merged
Sep 23, 2024 -
[vSphere][datastorecluster] Add new Datastream Datastore Cluster
#11089 merged
Sep 22, 2024
19 Pull requests opened by 15 people
-
[New Integration] Envoyproxy
#11215 opened
Sep 23, 2024 -
Add in technique.name field to the transform. Remove milliseconds from TQL query.
#11217 opened
Sep 23, 2024 -
forgerock: fix handling of idm_core object payloads
#11219 opened
Sep 23, 2024 -
GCP Vertex AI LLM Integration
#11225 opened
Sep 24, 2024 -
Add related.entity field to azure activitylogs default ingest pipeline
#11233 opened
Sep 24, 2024 -
[GitLab] Add sidekiq and pages datastreams
#11234 opened
Sep 24, 2024 -
[Cloud Security] enable asset inventory package to support agentless
#11238 opened
Sep 24, 2024 -
Add aws.firehose.arn, aws.firehose.request_id and aws.metrics_names_fingerprint fields
#11239 opened
Sep 24, 2024 -
[AWS Bedrock] Editing for GA
#11244 opened
Sep 25, 2024 -
Cloudtrail add origin and target
#11245 opened
Sep 25, 2024 -
[Elastic Agent] Add data retention policy of 30d to all data streams
#11246 opened
Sep 25, 2024 -
[POC] Deployment mode for CSPM
#11247 opened
Sep 25, 2024 -
[windows] Windows Defender Data stream overhaul to GA
#11249 opened
Sep 25, 2024 -
[Cloud Security][Cloud Security Posture] Update kibana condition
#11252 opened
Sep 26, 2024 -
[POC] Nginx otel integration with OTEL Templates
#11253 opened
Sep 26, 2024 -
[Salesforce] Editing for GA
#11254 opened
Sep 26, 2024 -
[citrix_adc] Make date/time format configurable
#11258 opened
Sep 26, 2024 -
Remove major snapshots check find oldest script
#11265 opened
Sep 27, 2024 -
[Elastic Connectors] Add index name as input var
#11267 opened
Sep 27, 2024
18 Issues closed by 12 people
-
Migrate security service integrations to GA
#11197 closed
Sep 27, 2024 -
F5 BIG-IP - url decode user_agent fields
#11211 closed
Sep 27, 2024 -
Pipeline Errors Daily
#10478 closed
Sep 26, 2024 -
[ti_*] IOC transform destinations incorrectly marked as sources
#11208 closed
Sep 26, 2024 -
[Kubernetes]: Overview dashboard id changed
#11241 closed
Sep 26, 2024 -
[forgerock]: agent does not keep time stamp ranges within API requirements
#11220 closed
Sep 26, 2024 -
[Azure] Update sanitization logic
#10089 closed
Sep 26, 2024 -
Duplication of Categories
#5755 closed
Sep 25, 2024 -
[pfSense] SNORT log processing
#10558 closed
Sep 24, 2024 -
GA Security Integrations for Deployment and Devices
#11005 closed
Sep 24, 2024 -
[squid] Follow up items for Squid rewrite
#10920 closed
Sep 24, 2024 -
[Azure docs] Add firewall documentation for azure-eventhub based integrations
#9157 closed
Sep 24, 2024 -
[Keycloak] Integration missing GeoIP processor
#11179 closed
Sep 24, 2024 -
[iptables.log] Ingest pipeline errors for SPT=0 or DPT=0
#10095 closed
Sep 24, 2024 -
[fortinet_fortigate]: pipeline-error cannot access method/field from a null def reference
#10912 closed
Sep 24, 2024 -
Field formats specified in package not being applied in data view
#2886 closed
Sep 24, 2024 -
NetFlow Records Integration: Append Network Address Translation IP fields to related.ip
#9202 closed
Sep 23, 2024 -
[panw] System tests using Logstash for ingest only write one event per data stream
#8530 closed
Sep 23, 2024
15 Issues opened by 11 people
-
[Check Point]: No documentation for the file option
#11268 opened
Sep 27, 2024 -
[Docs] Discuss deduplication strategies in the Integrations Developer Guide
#11266 opened
Sep 27, 2024 -
[Docs] Discuss patterns for ECS vs vendor prefixed fields in the Integrations Developer Guide
#11264 opened
Sep 27, 2024 -
It is not possible to zero OAuth2.0 credentials via the fleet UI
#11261 opened
Sep 27, 2024 -
[AWS] Support owning account for cross account monitoring
#11260 opened
Sep 26, 2024 -
Azure Logs: use one input per agent policy
#11251 opened
Sep 26, 2024 -
forgerock: add a specific endpoint emulator for sytem tests
#11250 opened
Sep 26, 2024 -
[Cisco ASA]: Deny message not being parsed due to empty access-group
#11236 opened
Sep 24, 2024 -
[Akamai] Remove Tech Preview from Datastreams
#11235 opened
Sep 24, 2024 -
[Stack 8.16.0-SNAPSHOT] [cyberarkpas] Failing test daily: system test: tcp in cyberarkpas.audit
#11224 opened
Sep 24, 2024 -
[GitLab] Add support for other GitLab logs
#11218 opened
Sep 23, 2024 -
GA Security Integrations for Windows platform
#11214 opened
Sep 23, 2024 -
[Stack 8.16.0-SNAPSHOT] [system] Failing test daily: system test: default in system.process
#11207 opened
Sep 23, 2024 -
CrowdStrike integration not working
#11204 opened
Sep 21, 2024
63 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
[Amazon Security Lake] - OCSF v1.1 update with major refactor & adding support for dynamic template and mappings & system tests
#10405 commented on
Sep 26, 2024 • 33 new comments -
aws.securityhub_findings: Improve support for CDR
#11158 commented on
Sep 26, 2024 • 29 new comments -
[tychon] New integration
#10811 commented on
Sep 27, 2024 • 12 new comments -
[Cisco Duo] Integration updates
#11200 commented on
Sep 23, 2024 • 10 new comments -
[cisco_asa] Remove test for missing message_id
#11191 commented on
Sep 23, 2024 • 1 new comment -
cisco_aironet: add ECS mapping for event.severity
#11105 commented on
Sep 23, 2024 • 1 new comment -
feat: add tags and processors on GCP Pubsub metrics
#10560 commented on
Sep 22, 2024 • 0 new comments -
akamai: handle input leniently
#10158 commented on
Sep 27, 2024 • 0 new comments -
Fix JSON Typos on AWS API Gateway Documentation
#9932 commented on
Sep 23, 2024 • 0 new comments -
[Integration Update] Add Sessions, Policy, Factors and Devices data to Okta Entity Analytics
#10426 commented on
Sep 27, 2024 • 0 new comments -
[Enhancement] Scaling options for each integration/data stream
#11195 commented on
Sep 27, 2024 • 0 new comments -
Incorrect `null` handling in `if` conditions and elsewhere
#8646 commented on
Sep 27, 2024 • 0 new comments -
[CheckPoint] Drop support for EOL OS
#10977 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [sophos] Failing test daily: pipeline test: test-sophos-xg.log in sophos.xg
#10908 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [sophos] Failing test daily: pipeline test: test-sophos-18-5-firewall.log in sophos.xg
#10907 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [mongodb_atlas] Failing test daily: system test: (elastic-agent logs - default) in mongodb_atlas.hardware
#10625 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [mongodb_atlas] Failing test daily: system test: (elastic-agent logs - default) in mongodb_atlas.process
#10624 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [cyberarkpas] Failing test daily: system test: tls in cyberarkpas.audit
#10620 commented on
Sep 27, 2024 • 0 new comments -
[M365 Defender] - Add a new data stream to support vulnerability logs
#7482 commented on
Sep 21, 2024 • 0 new comments -
[Prometheus] Added dynamic_<dataset|namespace> settings to prometheus datasets
#10592 commented on
Sep 25, 2024 • 0 new comments -
[Check Point Harmony Endpoint] New Integration - WIP
#10780 commented on
Sep 27, 2024 • 0 new comments -
[cisco_asa] Fix Event code 106023 - Source/Destination IP not being parsed into respective source.ip or destination.ip field when interface nameif has a full colon (:)
#10917 commented on
Sep 26, 2024 • 0 new comments -
Test elastic-package#2087 - DO NOT MERGE
#11055 commented on
Sep 26, 2024 • 0 new comments -
Populate missing community_id attributes for Cisco and Sophos devices
#11067 commented on
Sep 26, 2024 • 0 new comments -
Cisco Meraki metrics package [WIP]
#11069 commented on
Sep 24, 2024 • 0 new comments -
[panw_metrics] Add Palo Alto Networks metrics integration
#11099 commented on
Sep 26, 2024 • 0 new comments -
aws: improve error.message and add event.kind:pipeline_error for pipeline errors
#11112 commented on
Sep 25, 2024 • 0 new comments -
[Kubernetes] Include kubeadm parameter
#11187 commented on
Sep 25, 2024 • 0 new comments -
[cisco_ftd] Fix grok failure with username with spaces on ftd messageID.
#11198 commented on
Sep 23, 2024 • 0 new comments -
Feature 5255 aruba qcorp
#11201 commented on
Sep 20, 2024 • 0 new comments -
[custom_ti] Add support for basic authentication
#11202 commented on
Sep 21, 2024 • 0 new comments -
[Cloud Security] Added deployment_mode and properties CSPM, Elastic Connector
#11203 commented on
Sep 23, 2024 • 0 new comments -
Two "metrics" columns are displayed for linux integration on Agent details page.
#881 commented on
Sep 21, 2024 • 0 new comments -
[custom_ti] Add Basic auth to integration
#11192 commented on
Sep 21, 2024 • 0 new comments -
Elastic-Agent: Microsoft SQL Server Integration - manage failover in a Microsoft SQL cluster
#4272 commented on
Sep 23, 2024 • 0 new comments -
aws.securityhub_findings: Update datastream to leverage Cloud Security workflows
#11038 commented on
Sep 23, 2024 • 0 new comments -
[Anomali] Support ThreatStream API
#9610 commented on
Sep 23, 2024 • 0 new comments -
[Bug] Convert ZScaler dashboards to use links panel
#11199 commented on
Sep 23, 2024 • 0 new comments -
[Azure docs] Create a detailed setup guide to show users how to take the most out of Azure Logs
#9955 commented on
Sep 24, 2024 • 0 new comments -
aws.securityhub_findings: Implement mappings for Cloud Security Workflow
#11040 commented on
Sep 24, 2024 • 0 new comments -
[ci] Add team labels to failing test issues
#10354 commented on
Sep 24, 2024 • 0 new comments -
GA Security Integrations
#10985 commented on
Sep 24, 2024 • 0 new comments -
[Azure docs] Document how to collect any logs using the generic Event Hub integration
#4581 commented on
Sep 25, 2024 • 0 new comments -
[System] add support to ignore all "unknown" or "unavailable" filesystems
#11189 commented on
Sep 25, 2024 • 0 new comments -
Update integration to include hide_in_deployment modes
#10867 commented on
Sep 25, 2024 • 0 new comments -
Move non-ECS fields in Network Packet Capture datastream fields out of root namespace
#8185 commented on
Sep 25, 2024 • 0 new comments -
[IAzure Logs]: Integration eats up memory and dies
#11056 commented on
Sep 25, 2024 • 0 new comments -
[New Integration] Vertex AI
#10856 commented on
Sep 25, 2024 • 0 new comments -
Update integration to include deployment mode
#10847 commented on
Sep 25, 2024 • 0 new comments -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [cisco_ios] Failing test daily: pipeline test: test-asr920.log in cisco_ios.log
#11071 commented on
Sep 26, 2024 • 0 new comments -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [cisco_ios] Failing test daily: pipeline test: test-cisco-ios.log in cisco_ios.log
#11072 commented on
Sep 26, 2024 • 0 new comments -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [cyberarkpas] Failing test daily: system test: tls in cyberarkpas.audit
#11075 commented on
Sep 26, 2024 • 0 new comments -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [kibana] Failing test daily: system test: default (variant: kibana_8.10.0) in kibana.audit
#11130 commented on
Sep 26, 2024 • 0 new comments -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [mongodb_atlas] Failing test daily: system test: (elastic-agent logs - default) in mongodb_atlas.process
#11077 commented on
Sep 26, 2024 • 0 new comments -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [mongodb_atlas] Failing test daily: system test: (elastic-agent logs - default) in mongodb_atlas.hardware
#11076 commented on
Sep 26, 2024 • 0 new comments -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [sophos] Failing test daily: pipeline test: test-sophos-18-5-firewall.log in sophos.xg
#11083 commented on
Sep 26, 2024 • 0 new comments -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [sophos] Failing test daily: pipeline test: test-sophos-xg.log in sophos.xg
#11084 commented on
Sep 26, 2024 • 0 new comments -
[Mimecast]Add support for Brand Exploit Protect alerts
#11161 commented on
Sep 26, 2024 • 0 new comments -
[Mimecast]Add support for Cloud Integrated Logs
#11160 commented on
Sep 26, 2024 • 0 new comments -
Make sure that main ECS fields are mapped in the Elastic Agent integration
#8252 commented on
Sep 26, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [cisco_ios] Failing test daily: pipeline test: test-asr920.log in cisco_ios.log
#10903 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [cisco_ios] Failing test daily: pipeline test: test-cisco-ios.log in cisco_ios.log
#10904 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [cloudflare] Failing test daily: system test: cursor in cloudflare.logpull
#10872 commented on
Sep 27, 2024 • 0 new comments