-
Notifications
You must be signed in to change notification settings - Fork 423
Insights: elastic/integrations
Overview
Could not load contribution data
Please try again later
217 Pull requests merged by 63 people
-
GA microsoft_dnsserver integration
#11269 merged
Sep 27, 2024 -
[checkpoint] Drop support for EOL OS version R80.X
#11263 merged
Sep 27, 2024 -
Migrate security service packages to GA
#11210 merged
Sep 27, 2024 -
[vSphere] Add SSL/TLS support for
tcp
input inlog
data stream#11061 merged
Sep 27, 2024 -
Add related.entity to cloudtrail integration
#11115 merged
Sep 27, 2024 -
f5_bigip: url decode user agent strings
#11222 merged
Sep 27, 2024 -
Rename the ingestion-team
#11228 merged
Sep 27, 2024 -
[carbon_black_cloud] Fix alert_v7 CEL pagination logic
#11259 merged
Sep 27, 2024 -
[cisco_ftd] Fix parsing issues with message IDs 210007, 305013, and 302023
#11257 merged
Sep 26, 2024 -
[AWS] Update integration name to Amazon Bedrock
#11256 merged
Sep 26, 2024 -
[vSphere] Release new integration version.
#11255 merged
Sep 26, 2024 -
[vSphere] Update README and fix Resourcepool datastream TSDB
#11242 merged
Sep 26, 2024 -
[Azure docs] Clarify generic vs specialized integrations
#11232 merged
Sep 26, 2024 -
[google_workspace]: Remove link to unpublished security-labs blog from README.
#11216 merged
Sep 26, 2024 -
Update tests using journalctl tool to start a custom independent agent
#11186 merged
Sep 26, 2024 -
[ti_*] Fix
labels.is_ioc_transform_source
values#11231 merged
Sep 26, 2024 -
[Kubernetes] Fix Overview dashboard Kibana id
#11243 merged
Sep 26, 2024 -
forgerock: fix handling of query time ranges
#11240 merged
Sep 26, 2024 -
carbon_black_cloud: fix timestamp type when using cursor value
#11221 merged
Sep 26, 2024 -
Add condition field to Keycloak log datastream
#11213 merged
Sep 26, 2024 -
qualys_vmdr: retain event.original as json
#11248 merged
Sep 26, 2024 -
[Azure] Application Gateway WAF: add event.reason
#10007 merged
Sep 25, 2024 -
[CI] Update find oldest supported script
#11227 merged
Sep 25, 2024 -
[vSphere] Filter alerts and warnings from triggered alarms.
#11230 merged
Sep 25, 2024 -
o365,sentinel_one_cloud_funnel,sysmon_linux,system,windows: tighten ipv4 extraction
#11052 merged
Sep 25, 2024 -
[pfsense] Add SNORT log processing
#11182 merged
Sep 24, 2024 -
[fortinet_fortimanager] Add more ECS fields mappings
#11237 merged
Sep 24, 2024 -
[squid] Add dashboard, improve documentation, GA integration
#11145 merged
Sep 24, 2024 -
[vSphere][network] fix issue with TSDB network name
#11229 merged
Sep 24, 2024 -
Docker: bump package-spec version to 3.2.2
#11196 merged
Sep 24, 2024 -
[Kubernetes] Use filestream fingerprint mode by default for container_logs datastream
#11212 merged
Sep 24, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11223 merged
Sep 24, 2024 -
all: fix sample_event.json final newlines
#11174 merged
Sep 23, 2024 -
[netflow]: Append all ip addresses found to the related.ip field.
#11193 merged
Sep 23, 2024 -
cisco_aironet: add ECS mapping for destination.port
#11103 merged
Sep 23, 2024 -
[vSphere][network] Create network datastream
#10993 merged
Sep 23, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11206 merged
Sep 23, 2024 -
Remove event.original removal processors (integrations AWS & Azure)
#10888 merged
Sep 23, 2024 -
[vSphere][datastorecluster] Add new Datastream Datastore Cluster
#11089 merged
Sep 22, 2024 -
[crowdstrike] Add Support of IDP and EPP Alert Fields
#11135 merged
Sep 20, 2024 -
[kubernetes OTEL] Add kubernetes OTEL package
#11137 merged
Sep 20, 2024 -
azure storage account: fix capacity and count metrics visualizations in the all dashboards
#11120 merged
Sep 20, 2024 -
[vSphere][virtualmachine] Add support for additional metrics
#10942 merged
Sep 20, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11194 merged
Sep 20, 2024 -
carbon_black_cloud: ensure alert search range is a valid temporal ordering
#11149 merged
Sep 19, 2024 -
Update README for packages with ML Modules to ensure naming is consistent
#11165 merged
Sep 19, 2024 -
[vSphere] Add new resourcepool datatastream
#10996 merged
Sep 19, 2024 -
[stormshield] Fix timestamp fields, move stormshield.msg to message
#11177 merged
Sep 19, 2024 -
[vSphere] Add new cluster datatastream
#10949 merged
Sep 19, 2024 -
[Cloud Security] add misconfiguration latest transform to Wiz integration
#10965 merged
Sep 19, 2024 -
[vSphere][datastore] Add support for additional metrics
#10911 merged
Sep 19, 2024 -
[vSphere][host] Add support for new metrics in Host datastream
#10894 merged
Sep 19, 2024 -
Rename AWS Bedrock integration as Amazon Bedrock
#11184 merged
Sep 19, 2024 -
[CI] Add support for running tests with stack 9.0.0
#11138 merged
Sep 19, 2024 -
azure metrics: add list of supported databases and namespaces
#11118 merged
Sep 19, 2024 -
Update the Custom Logs integration to package spec V3.1.5
#11181 merged
Sep 19, 2024 -
crowdstrike: temporarily reinstate fields/ecs.yml
#11147 merged
Sep 19, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11183 merged
Sep 19, 2024 -
GA Deployment and Devices integrations
#11157 merged
Sep 18, 2024 -
[Cloud Security][Asset Inventory] update manifest and changelog
#11173 merged
Sep 18, 2024 -
[Cloud Security][Asset Inventory] Add template variables to all input streams
#11167 merged
Sep 18, 2024 -
system: add ECS field host.os.version
#11106 merged
Sep 18, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11166 merged
Sep 18, 2024 -
Initial release of Custom Threat Intelligence
#11066 merged
Sep 18, 2024 -
vsphere: Add support for processors in datastore, host and virtualmachine
#10664 merged
Sep 18, 2024 -
[PostgreSQL] Enhance grok pattern
#10412 merged
Sep 18, 2024 -
Initial Release of Sysdig Secure Integration
#10841 merged
Sep 17, 2024 -
[Security Rules] Update security rules package to v8.15.5
#11156 merged
Sep 17, 2024 -
[Security Rules] Update security rules package to v8.14.11
#11155 merged
Sep 17, 2024 -
[Security Rules] Update security rules package to v8.13.17
#11154 merged
Sep 17, 2024 -
[Security Rules] Update security rules package to v8.12.22
#11153 merged
Sep 17, 2024 -
[osquery_manager] Upgrade osquery to 5.13.1
#11146 merged
Sep 17, 2024 -
[Security Rules] Update security rules package to v8.12.22-beta.1
#11139 merged
Sep 17, 2024 -
[CI] [backport-security_detection_engine-8.12] Remove mage install deps
#11152 merged
Sep 17, 2024 -
[CI] Remove dependencies from with_mage
#11143 merged
Sep 17, 2024 -
graphactivitylogs: Fix client|source.geo.location mapping
#11102 merged
Sep 17, 2024 -
[CI] Update updatecli configuration for 8.x SNAPSHOT
#11129 merged
Sep 17, 2024 -
Bump github.com/cli/go-gh/v2 from 2.9.0 to 2.10.0
#11136 merged
Sep 17, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11151 merged
Sep 17, 2024 -
cloudflare_logpush: retain firewall event zone names
#11132 merged
Sep 16, 2024 -
crowdstrike: map command line fields as multi-fields with match_only_text
#11012 merged
Sep 16, 2024 -
[pfsense] Fix firewall ICMPv6 message parsing error
#11144 merged
Sep 16, 2024 -
Elastic connector integration
#10898 merged
Sep 16, 2024 -
[Security Rules] Update security rules package to v8.14.11-beta.1
#11141 merged
Sep 16, 2024 -
[Security Rules] Update security rules package to v8.15.5-beta.1
#11142 merged
Sep 16, 2024 -
[Security Rules] Update security rules package to v8.13.17-beta.1
#11140 merged
Sep 16, 2024 -
Switch to PAT generated token
#10614 merged
Sep 16, 2024 -
add changelog entry from backported 1.8.1 version of Wiz
#11127 merged
Sep 16, 2024 -
[Cloud Security][Asset Inventory] Restore Azure and GCP streams for ^8.16
#11125 merged
Sep 16, 2024 -
[CI] Fix script that retrieves oldest supported version
#11126 merged
Sep 16, 2024 -
add missing fields gcp audit logs
#10886 merged
Sep 16, 2024 -
Set vulnerability ECS field based on Qualys data
#11100 merged
Sep 16, 2024 -
m365_defender: fix assignment of windows os identity and posix hosts
#10953 merged
Sep 16, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11134 merged
Sep 16, 2024 -
[jamf_pro] Various minor improvements and fixes
#11065 merged
Sep 15, 2024 -
crowdstrike: fix mapping for assessment events and aip handling
#11023 merged
Sep 13, 2024 -
[New Integration] ProxySG
#10459 merged
Sep 13, 2024 -
google_scc: fix field name typo
#11053 merged
Sep 13, 2024 -
fix 'got types.Null, expected iterable type' error
#11124 merged
Sep 13, 2024 -
entityanalytics_okta: map group fields and add test infrastructure
#10973 merged
Sep 13, 2024 -
Update changelog and manifest for 10984
#11123 merged
Sep 13, 2024 -
cyberarkpas: improve efficiency of event.duration calculation
#11011 merged
Sep 13, 2024 -
claroty_ctd: fix replacement configuration
#11093 merged
Sep 13, 2024 -
tenable_io: fix flakey test and timestamp handling
#10940 merged
Sep 13, 2024 -
[Cloud Security] fix 'got types.Null, expected iterable type' error
#11098 merged
Sep 13, 2024 -
[DOCS] Add new section on Azure Functions hosting plans
#10984 merged
Sep 13, 2024 -
[citrix_adc] Improve handling of SSLVPN Message
#11121 merged
Sep 12, 2024 -
[updatecli] Update 7.x snapshot to 7.17.25-SNAPSHOT
#11107 merged
Sep 12, 2024 -
Fix powershell error on events 40961 and 40962
#10792 merged
Sep 12, 2024 -
Bump github.com/elastic/package-registry from 1.24.1 to 1.25.0
#11097 merged
Sep 12, 2024 -
Add Latest Transform - Wiz Vulnerabilities
#10895 merged
Sep 12, 2024 -
[Citrix ADC] Update code-owner for logs and metrics data stream
#11064 merged
Sep 12, 2024 -
[Enhancement] Improve S1 Cloud Funnel Process Events compatibility
#11019 merged
Sep 11, 2024 -
entityanalytics_entra_id: add support for request trace logging
#10765 merged
Sep 11, 2024 -
sentinel_one: document alert data stream environment limitation
#11036 merged
Sep 11, 2024 -
aws_bedrock: support newer guardrails data structure
#11021 merged
Sep 11, 2024 -
[Cloud Security] change secret value for gcp json blob to true
#10479 merged
Sep 11, 2024 -
mergify: replace queue action for queue_rules
#11095 merged
Sep 11, 2024 -
[falco] Adjust Falco events to work with External Alerts rule
#11051 merged
Sep 11, 2024 -
[Cloudflare Logpush] Support JA4 fields for HTTP requests
#10991 merged
Sep 11, 2024 -
[ti_crowdstrike] Fix intel pagination bug due to cursor formatting
#11063 merged
Sep 11, 2024 -
[Santa] Add support for team ID field
#11048 merged
Sep 11, 2024 -
[Cloud Security][Assets Inventory] Remove GCP/Azure for kibana 8.15.0
#11091 merged
Sep 11, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11070 merged
Sep 11, 2024 -
[google_workspace] handle json.id.time missing
#11068 merged
Sep 11, 2024 -
[carbon_black_cloud] Return full state in CEL program results
#11046 merged
Sep 10, 2024 -
Initial Release of Jamf Pro Integration
#10470 merged
Sep 10, 2024 -
Enable creation of issues in LogsDB daily
#11047 merged
Sep 10, 2024 -
Bump github.com/elastic/elastic-package from 0.103.0 to 0.104.0
#11057 merged
Sep 10, 2024 -
Bump golang.org/x/tools from 0.24.0 to 0.25.0
#11058 merged
Sep 10, 2024 -
[squid] Enhance mappings and add geoip enrichments
#10992 merged
Sep 10, 2024 -
[Cloud Security][Assets Inventory] Add GCP policy template
#10976 merged
Sep 10, 2024 -
Provide support of configuring ignore_older events in apache access-logs
#10809 merged
Sep 10, 2024 -
[prometheus] [collector] Add missing
ssl
params#10840 merged
Sep 10, 2024 -
Fix AWS cloudfront log parsing
#10216 merged
Sep 10, 2024 -
bitdefender: ensure remediation actions are correlated with their file paths
#11013 merged
Sep 10, 2024 -
[fortinet_fortigate] Fix TLS parsing bug
#11033 merged
Sep 9, 2024 -
Bump updatecli/updatecli-action from 2.66.0 to 2.67.0
#11044 merged
Sep 9, 2024 -
[checkpoint] Improve normalization of user.name field
#10896 merged
Sep 9, 2024 -
Add link to public docs from README
#11045 merged
Sep 9, 2024 -
[Cloud Security] add observer.vendor field mappings
#11030 merged
Sep 9, 2024 -
add PR link to 1.10.1 changelog
#11042 merged
Sep 9, 2024 -
[Cloud Security] add backported 1.10.1 version changelog entry to main
#11041 merged
Sep 9, 2024 -
[zscaler_zia] Improve data processing in the web pipeline
#10968 merged
Sep 9, 2024 -
[proofpoint_on_demand] Adapt definitions of nested subfields
#11031 merged
Sep 9, 2024 -
Fix IPv6 cleanup
#10801 merged
Sep 9, 2024 -
[Cloud Security] Add host name to Wiz vulnerability data stream
#10997 merged
Sep 9, 2024 -
[Cloud Security ]add observer.vendor to cloud_security_posture package version 1.10
#11017 merged
Sep 9, 2024 -
f5_bigip: Fix ASM script processor when
event.original
is absent.#11027 merged
Sep 9, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11037 merged
Sep 9, 2024 -
[symantec_endpoint_security] Fix null check conditions
#11029 merged
Sep 8, 2024 -
[CI] Fix call to testsreporter check
#11028 merged
Sep 6, 2024 -
Refactor testsreporter tool
#11026 merged
Sep 6, 2024 -
Fix skipping Authentication Pipeline in panw panos Integration
#10803 merged
Sep 6, 2024 -
Adapt definitions of nested subfields to current Fleet implementation
#11016 merged
Sep 6, 2024 -
[Cloud Security] add observer.vendor to cloud_security_posture
#10945 merged
Sep 6, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#11024 merged
Sep 6, 2024 -
[first_epss] New integration
#10758 merged
Sep 6, 2024 -
[claroty_ctd] Initial release of the Claroty CTD
#10737 merged
Sep 5, 2024 -
[cisco_ios] Handle timestamp starting with the year such as 'yyyy MMM d HH:mm:ss.SSS z'
#10916 merged
Sep 5, 2024 -
Bump github.com/elastic/elastic-package from 0.102.0 to 0.103.0
#11006 merged
Sep 5, 2024 -
[CI] Enable wolfi images in CI except weekly builds
#10969 merged
Sep 5, 2024 -
Update packages to use Elastic Agent images based on Ubuntu
#11007 merged
Sep 5, 2024 -
Fix missing field in transforms of ti packages
#11008 merged
Sep 5, 2024 -
[jamf_protect] Set host.name, improve dashboards
#10931 merged
Sep 5, 2024 -
[cisco_ios] Remove pipeline test files
#11010 merged
Sep 4, 2024 -
infoblox_nios: fix handling of MARK log entries
#10925 merged
Sep 4, 2024 -
entityanalytics_ad: format SID and GUID in canonical formats
#10923 merged
Sep 4, 2024 -
Bump github.com/elastic/package-registry from 1.24.0 to 1.24.1
#11004 merged
Sep 4, 2024 -
Add daily build with logsdb enabled
#11001 merged
Sep 4, 2024 -
[ti_mandiant_advantage] Add optional extra fields
#10957 merged
Sep 4, 2024 -
Defender answers bug
#10947 merged
Sep 4, 2024 -
[oracle] Add support to run system tests with Elastic Agent images based on Wolfi
#10943 merged
Sep 4, 2024 -
gitlab: make path configuration consistent
#10994 merged
Sep 4, 2024 -
[abnormal_security] Update data-collection to handle empty threats
#10986 merged
Sep 4, 2024 -
[qualys_vmdr] Rename and convert fields. Lower case
cloud.provider
#10966 merged
Sep 3, 2024 -
Update windows integration package spec to v3
#10781 merged
Sep 3, 2024 -
[Security Rules] Update security rules package to v8.15.4
#10990 merged
Sep 3, 2024 -
[Security Rules] Update security rules package to v8.14.10
#10989 merged
Sep 3, 2024 -
[Security Rules] Update security rules package to v8.13.16
#10988 merged
Sep 3, 2024 -
[Security Rules] Update security rules package to v8.12.21
#10987 merged
Sep 3, 2024 -
[Security Rules] Update security rules package to v8.15.4-beta.1
#10983 merged
Sep 3, 2024 -
[Security Rules] Update security rules package to v8.14.10-beta.1
#10981 merged
Sep 3, 2024 -
[Security Rules] Update security rules package to v8.13.16-beta.1
#10980 merged
Sep 3, 2024 -
[Security Rules] Update security rules package to v8.12.21-beta.1
#10982 merged
Sep 3, 2024 -
Remove event.original removal processors (integrations B* to C*)
#10897 merged
Sep 3, 2024 -
[Cloud Security] Deprecate vulnerability data views
#10913 merged
Sep 3, 2024 -
[Nginx_ingress_controller] fix nginx_ingress_controller.access.remote_ip_list field mapping
#10921 merged
Sep 2, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#10954 merged
Sep 2, 2024 -
jamf_protect: fix up dashboard filters
#10927 merged
Sep 1, 2024 -
[cisco_ios] Fix CISCO-IOS integration failed to parse logs coming from different application versions
#10948 merged
Aug 30, 2024 -
Zeek known certs grok fix
#10793 merged
Aug 30, 2024 -
Adding missing fields in the status metricset of the kibana integration
#10944 merged
Aug 30, 2024 -
Add
event.module
to network_traffic integration#10800 merged
Aug 30, 2024 -
[m365_defender] Fix dashboard filters to look for correct event.severity values.
#10810 merged
Aug 30, 2024 -
[Cloud Security] Add Cloud Configuration Finding dashboard screenshot reference to the manifest
#10936 merged
Aug 30, 2024 -
packages/microsoft_sqlserver: Update documentation
#10915 merged
Aug 30, 2024 -
packages/microsoft_sqlserver: Fix
HEALTHCHECK
#10899 merged
Aug 30, 2024 -
[CI] Enable updatecli targets for weekly pipeline
#10932 merged
Aug 30, 2024 -
wiz: fix result.evaluation to be lowercased in cloud_configuration_finding
#10914 merged
Aug 30, 2024 -
[authentik] Initial release of the authentik
#10851 merged
Aug 30, 2024 -
[citrix-adc logs]: Add native_timestamp format
#10928 merged
Aug 30, 2024 -
okta: allow user configuration of debug_data flattened use
#9868 merged
Aug 29, 2024 -
[automation] Update packages in .github/ISSUE_TEMPLATE/integration_bug.yml
#10935 merged
Aug 29, 2024 -
[ci] automate updates to .github/ISSUE_TEMPLATE/integration_bug.yml
#10924 merged
Aug 29, 2024 -
[sublime_security] Initial release of the sublime security
#10805 merged
Aug 29, 2024 -
gigamon: Update package description and cleanup
#10879 merged
Aug 29, 2024 -
[CI] Add weekly job to test packages with Ubuntu Elastic Agent docker image
#10844 merged
Aug 29, 2024 -
[citrix_adc] Handle time zone parsing in sslvpn_and_aaatm_feature pipeline
#10846 merged
Aug 28, 2024 -
[k8s Integratiion] Adding container.id as filter of Cluster Overview and removing median filter occurencies
#10893 merged
Aug 28, 2024 -
[squid] Rewrite squid integration
#10882 merged
Aug 28, 2024 -
[Crowdstrike] Fix handling of event.created and timestamp fields for FDR events
#10862 merged
Aug 28, 2024 -
Update Wiz vuln data stream for CDR
#10892 merged
Aug 28, 2024 -
zscaler_zia: Remove department field and fix parsing errors in web logs
#10874 merged
Aug 28, 2024
53 Pull requests opened by 35 people
-
[Draft] K8s otel overview dashboard
#10910 opened
Aug 28, 2024 -
Enhancement: Rename Desconnections to Disconnections
#10934 opened
Aug 29, 2024 -
Enhancement: Add visualizations for data tier capacity
#10937 opened
Aug 29, 2024 -
[Logstash] Add guard against missing elements in `codec` payload
#10938 opened
Aug 29, 2024 -
entityanalytics_ad: expose attribute selection configuration
#10955 opened
Sep 2, 2024 -
[Enhancement] Improve Sysmon Library Events compatibility
#10967 opened
Sep 2, 2024 -
Enhancement - Endace Integration v0.1.0
#10995 opened
Sep 4, 2024 -
Test elastic-package#2081 - DO NOT MERGE
#11009 opened
Sep 4, 2024 -
[Enhancement] Add ".caseless" fields to MDE process events
#11020 opened
Sep 5, 2024 -
[netflow] add workers option
#11025 opened
Sep 6, 2024 -
Test elastic-package#2063 - DO NOT MERGE
#11032 opened
Sep 6, 2024 -
Test elastic-package#2090 - DO NOT MERGE
#11043 opened
Sep 9, 2024 -
Test PR - trigger sonar - Do not merge
#11054 opened
Sep 10, 2024 -
Test elastic-package#2087 - DO NOT MERGE
#11055 opened
Sep 10, 2024 -
Populate missing community_id attributes for Cisco and Sophos devices
#11067 opened
Sep 10, 2024 -
Cisco Meraki metrics package [WIP]
#11069 opened
Sep 10, 2024 -
[panw_metrics] Add Palo Alto Networks metrics integration
#11099 opened
Sep 11, 2024 -
azure logs: add ECS mapping for event.duration
#11104 opened
Sep 11, 2024 -
cisco_aironet: add ECS mapping for event.severity
#11105 opened
Sep 11, 2024 -
aws: improve error.message and add event.kind:pipeline_error for pipeline errors
#11112 opened
Sep 12, 2024 -
[okta] Enable Agentless deployment
#11116 opened
Sep 12, 2024 -
Add a Caveats section to the ecs@mappings migration guide
#11148 opened
Sep 16, 2024 -
aws.securityhub_findings: Improve support for CDR
#11158 opened
Sep 17, 2024 -
Sysdig Compliance Data Streams
#11162 opened
Sep 17, 2024 -
[TEST] Remove empty line in README
#11170 opened
Sep 18, 2024 -
[Kubernetes] Include kubeadm parameter
#11187 opened
Sep 19, 2024 -
[cisco_asa] Remove test for missing message_id
#11191 opened
Sep 19, 2024 -
[cisco_ftd] Fix grok failure with username with spaces on ftd messageID.
#11198 opened
Sep 20, 2024 -
[Cisco Duo] Integration updates
#11200 opened
Sep 20, 2024 -
Feature 5255 aruba qcorp
#11201 opened
Sep 20, 2024 -
[custom_ti] Add support for basic authentication
#11202 opened
Sep 20, 2024 -
[Cloud Security] Added deployment_mode and properties CSPM, Elastic Connector
#11203 opened
Sep 20, 2024 -
[New Integration] Envoyproxy
#11215 opened
Sep 23, 2024 -
Add in technique.name field to the transform. Remove milliseconds from TQL query.
#11217 opened
Sep 23, 2024 -
forgerock: fix handling of idm_core object payloads
#11219 opened
Sep 23, 2024 -
GCP Vertex AI LLM Integration
#11225 opened
Sep 24, 2024 -
Add related.entity field to azure activitylogs default ingest pipeline
#11233 opened
Sep 24, 2024 -
[GitLab] Add sidekiq and pages datastreams
#11234 opened
Sep 24, 2024 -
[Cloud Security] enable asset inventory package to support agentless
#11238 opened
Sep 24, 2024 -
Add aws.firehose.arn, aws.firehose.request_id and aws.metrics_names_fingerprint fields
#11239 opened
Sep 24, 2024 -
[AWS Bedrock] Editing for GA
#11244 opened
Sep 25, 2024 -
Cloudtrail add origin and target
#11245 opened
Sep 25, 2024 -
[Elastic Agent] Add data retention policy of 30d to all data streams
#11246 opened
Sep 25, 2024 -
[POC] Deployment mode for CSPM
#11247 opened
Sep 25, 2024 -
[windows] Windows Defender Data stream overhaul to GA
#11249 opened
Sep 25, 2024 -
[Cloud Security][Cloud Security Posture] Update kibana condition
#11252 opened
Sep 26, 2024 -
[POC] Nginx otel integration with OTEL Templates
#11253 opened
Sep 26, 2024 -
[Salesforce] Editing for GA
#11254 opened
Sep 26, 2024 -
[citrix_adc] Make date/time format configurable
#11258 opened
Sep 26, 2024 -
Remove major snapshots check find oldest script
#11265 opened
Sep 27, 2024 -
[Elastic Connectors] Add index name as input var
#11267 opened
Sep 27, 2024 -
[Cloud Security] Updating the CSPM integration with deployment_mode and secrets
#11271 opened
Sep 27, 2024
105 Issues closed by 33 people
-
Migrate security service integrations to GA
#11197 closed
Sep 27, 2024 -
F5 BIG-IP - url decode user_agent fields
#11211 closed
Sep 27, 2024 -
Pipeline Errors Daily
#10478 closed
Sep 26, 2024 -
[ti_*] IOC transform destinations incorrectly marked as sources
#11208 closed
Sep 26, 2024 -
[Kubernetes]: Overview dashboard id changed
#11241 closed
Sep 26, 2024 -
[forgerock]: agent does not keep time stamp ranges within API requirements
#11220 closed
Sep 26, 2024 -
[Azure] Update sanitization logic
#10089 closed
Sep 26, 2024 -
Duplication of Categories
#5755 closed
Sep 25, 2024 -
[pfSense] SNORT log processing
#10558 closed
Sep 24, 2024 -
GA Security Integrations for Deployment and Devices
#11005 closed
Sep 24, 2024 -
[squid] Follow up items for Squid rewrite
#10920 closed
Sep 24, 2024 -
[Azure docs] Add firewall documentation for azure-eventhub based integrations
#9157 closed
Sep 24, 2024 -
[Keycloak] Integration missing GeoIP processor
#11179 closed
Sep 24, 2024 -
[iptables.log] Ingest pipeline errors for SPT=0 or DPT=0
#10095 closed
Sep 24, 2024 -
[fortinet_fortigate]: pipeline-error cannot access method/field from a null def reference
#10912 closed
Sep 24, 2024 -
Field formats specified in package not being applied in data view
#2886 closed
Sep 24, 2024 -
NetFlow Records Integration: Append Network Address Translation IP fields to related.ip
#9202 closed
Sep 23, 2024 -
[panw] System tests using Logstash for ingest only write one event per data stream
#8530 closed
Sep 23, 2024 -
[f5][ASM] HTTP endpoint messages end up under json field
#10543 closed
Sep 19, 2024 -
[Zscaler] Sandbox Report Support
#9958 closed
Sep 19, 2024 -
[Zscaler] Audit log support
#9959 closed
Sep 19, 2024 -
Update log integration to 3.0 format
#11176 closed
Sep 19, 2024 -
File Integrity Integration - Can't save .SLDASM file from Solidworks to a monitored path
#6371 closed
Sep 18, 2024 -
[fortinet_fortigate] Adjust firewall field names to match ECS guidelines
#10475 closed
Sep 18, 2024 -
Service Bringup for Integrations Test Environment
#5489 closed
Sep 18, 2024 -
Custom Threat Intelligence Package
#4710 closed
Sep 18, 2024 -
[PostgreSQL] Grok pattern Failure
#9568 closed
Sep 18, 2024 -
[O11y][PostgreSQL] Grok failure due to custom logs
#10779 closed
Sep 18, 2024 -
[Cloudflare Logpush]: Firewall_event datastream is missing the cloudflare zone field
#11113 closed
Sep 16, 2024 -
[pfSense] Firewall ICMPv6 message parsing error
#10687 closed
Sep 16, 2024 -
[Proposal] Fleet Go Client
#800 closed
Sep 16, 2024 -
Integrations using (deprecated)log input
#5578 closed
Sep 16, 2024 -
[crowdstrike.fdr]: Handle empty string in crowdstrike.aip
#11050 closed
Sep 13, 2024 -
[crowdstrike.fdr]: Handle ZeroTrustHostAssessment event type
#11022 closed
Sep 13, 2024 -
[New Integration] Blue Coat ProxySG
#9511 closed
Sep 13, 2024 -
[New Integration] Service Now CMDB
#11122 closed
Sep 13, 2024 -
[entityanalytics_okta.user] Add mappings for group metadata
#10096 closed
Sep 13, 2024 -
[CyberArk PAS] `logs-cyberarkpas.audit` Script for converting field to duration is slow
#8307 closed
Sep 13, 2024 -
[Stack 8.16.0-SNAPSHOT] [claroty_ctd] Failing test daily: system test: udp in claroty_ctd.event
#11035 closed
Sep 13, 2024 -
[Stack 8.16.0-SNAPSHOT] [claroty_ctd] Failing test daily: system test: tcp in claroty_ctd.event
#11034 closed
Sep 13, 2024 -
[Azure docs] Document hosting plans for Azure Functions metrics
#9010 closed
Sep 13, 2024 -
[Windows]: Powershell Operational events pipeline_error
#10891 closed
Sep 12, 2024 -
entityanalytics_{okta,entra_id} - Add request tracer config option for 8.15
#10498 closed
Sep 11, 2024 -
[SentinelOne]: sentinel_one.alerts dataset not supported by on-premise console
#11015 closed
Sep 11, 2024 -
[AWS Bedrock]: Field Mapping Issues
#11014 closed
Sep 11, 2024 -
[New Integration] Jamf Pro
#10026 closed
Sep 10, 2024 -
[Squid Proxy]: Parsing Regression noticed on version 0.20.0
#10951 closed
Sep 10, 2024 -
[Kubernetes] Cluster overview dashboard: fix `Top CPU intensive pods` and `Top memory intensive pods` charts
#10522 closed
Sep 10, 2024 -
[SLO] POC SLOs with Nginx Integration
#10467 closed
Sep 10, 2024 -
[Check Point] Improve normalisation of user.name field
#10191 closed
Sep 9, 2024 -
[Windows system.security] IPv6 gsub causes invalid IPs
#9650 closed
Sep 9, 2024 -
[Qualys VMDR] qualys_vmdr.asset_host_detection.list.is_disabled does not Exist
#9998 closed
Sep 7, 2024 -
[Stack 8.15.0-SNAPSHOT] [zscaler_zia] Failing test daily: pipeline test: test-web.log in zscaler_zia.web
#10466 closed
Sep 6, 2024 -
[cisco_ios]: Grok parser does not match
#10909 closed
Sep 5, 2024 -
[zscaler_zia] Regenerating sample event files yields invalid sample events
#4044 closed
Sep 5, 2024 -
[Pause] Identify integration fields lists that rely on ordering and duplication
#10900 closed
Sep 5, 2024 -
[apache_tomcat] [microsoft_sqlserver] [stan] Errors when testing with Elastic Agent wolfi images
#10999 closed
Sep 5, 2024 -
[system_audit] Errors when testing with Elastic Agent wolfi images
#11000 closed
Sep 5, 2024 -
[iptables] [journald] Errors when testing with Elastic Agent wolfi images
#10998 closed
Sep 5, 2024 -
[AWS] TransitGateway reporting duplicate metrics
#5458 closed
Sep 5, 2024 -
[infoblox_nios]: error.messages
#10918 closed
Sep 4, 2024 -
[ti_mandiant_advantage] Allow including is_publishable, misp, campaigns, and reports
#10650 closed
Sep 4, 2024 -
AWS Cloudwatch is indexing data in the wrong data stream
#5467 closed
Sep 4, 2024 -
Integrations bringup for Test Environment
#5490 closed
Sep 4, 2024 -
[AWS Bedrock] Add dashboard filter
#10873 closed
Sep 4, 2024 -
[AWS Bedrock] Store stream (text) output in a string format.
#10875 closed
Sep 4, 2024 -
Stack bringup for Integrations Test Environemnt
#5488 closed
Sep 4, 2024 -
GitLab Integration has inconsistent option menus
#10929 closed
Sep 4, 2024 -
[Stack 8.16.0-SNAPSHOT] [iptables] Failing test daily: system test: journald in iptables.log
#10950 closed
Sep 4, 2024 -
[docs] Document "raw" fields for users who want to apply processors
#5481 closed
Sep 3, 2024 -
Migrate `windows` integration to package spec v3
#10274 closed
Sep 3, 2024 -
[Network Packet Capture]: No more GeoIP resolution and event.dataset missing
#10956 closed
Sep 3, 2024 -
[Jamf Protect]: Dashboard queries not matching data in ES
#10791 closed
Sep 1, 2024 -
[Stack 8.16.0-SNAPSHOT] [iptables] Failing test daily: system test: journald in iptables.log
#10757 closed
Aug 30, 2024 -
[microsoft_sqlserver] Failing test daily: system test: errorlog in microsoft_sqlserver.log
#10889 closed
Aug 30, 2024 -
[New Integration] Authentik
#10509 closed
Aug 30, 2024 -
[okta.system] Utilize 'subobjects: false' for debugContext.debugData
#9863 closed
Aug 29, 2024 -
[Stack 8.16.0-SNAPSHOT] [crowdstrike] Failing test daily: system test: default in crowdstrike.fdr
#10905 closed
Aug 29, 2024 -
[Stack 8.16.0-SNAPSHOT] [crowdstrike] Failing test daily: system test: keep-metadata in crowdstrike.fdr
#10906 closed
Aug 29, 2024 -
[Suricata]: TLS Handshake Failure message parsing error
#10690 closed
Aug 29, 2024 -
Automate updates to .github/ISSUE_TEMPLATE/integration_bug.yml
#10565 closed
Aug 29, 2024 -
[Stack 8.15.0-SNAPSHOT] [cyberarkpas] Failing test daily: system test: tls in cyberarkpas.audit
#10481 closed
Aug 29, 2024 -
[New Integration] Sublime Security
#10425 closed
Aug 29, 2024 -
[Stack 8.16.0-SNAPSHOT] [aws] Failing test daily: system test: default in aws.cloudtrail
#10869 closed
Aug 29, 2024 -
[Kubernetes]Overview dashboard - total cpu and memory usage are incorrect
#10887 closed
Aug 28, 2024 -
[squid] Rewrite Squid integration
#10770 closed
Aug 28, 2024 -
[Threat Intelligences Utilities]: Intelligence Dashboard in Elastic Security Broken
#10612 closed
Aug 28, 2024
88 Issues opened by 34 people
-
[Elastic Agent] Agent metrics visualizations use wrong minimum interval causing erroneous viz
#11270 opened
Sep 27, 2024 -
[Check Point]: No documentation for the file option
#11268 opened
Sep 27, 2024 -
[Docs] Discuss deduplication strategies in the Integrations Developer Guide
#11266 opened
Sep 27, 2024 -
[Docs] Discuss patterns for ECS vs vendor prefixed fields in the Integrations Developer Guide
#11264 opened
Sep 27, 2024 -
It is not possible to zero OAuth2.0 credentials via the fleet UI
#11261 opened
Sep 27, 2024 -
[AWS] Support owning account for cross account monitoring
#11260 opened
Sep 26, 2024 -
Azure Logs: use one input per agent policy
#11251 opened
Sep 26, 2024 -
forgerock: add a specific endpoint emulator for sytem tests
#11250 opened
Sep 26, 2024 -
[Cisco ASA]: Deny message not being parsed due to empty access-group
#11236 opened
Sep 24, 2024 -
[Akamai] Remove Tech Preview from Datastreams
#11235 opened
Sep 24, 2024 -
[Stack 8.16.0-SNAPSHOT] [cyberarkpas] Failing test daily: system test: tcp in cyberarkpas.audit
#11224 opened
Sep 24, 2024 -
[GitLab] Add support for other GitLab logs
#11218 opened
Sep 23, 2024 -
GA Security Integrations for Windows platform
#11214 opened
Sep 23, 2024 -
[Stack 8.16.0-SNAPSHOT] [system] Failing test daily: system test: default in system.process
#11207 opened
Sep 23, 2024 -
CrowdStrike integration not working
#11204 opened
Sep 21, 2024 -
[Bug] Convert ZScaler dashboards to use links panel
#11199 opened
Sep 20, 2024 -
[Enhancement] Scaling options for each integration/data stream
#11195 opened
Sep 20, 2024 -
[custom_ti] Add Basic auth to integration
#11192 opened
Sep 19, 2024 -
Absence of fields in VMware vSphere Elastic Agent integration?
#11190 opened
Sep 19, 2024 -
[System] add support to ignore all "unknown" or "unavailable" filesystems
#11189 opened
Sep 19, 2024 -
[System] add nsfs to defaults for filesystem.ignore_types
#11188 opened
Sep 19, 2024 -
[AWS Bedrock] Rename Integration as Amazon Bedrock
#11180 opened
Sep 18, 2024 -
[New Integration] Check Point Harmony Email & Collaboration
#11178 opened
Sep 18, 2024 -
[Azure App Service] Missing azure.subscription_id
#11172 opened
Sep 18, 2024 -
[AWS] Update documentation to reference the information related to the applicable charges
#11171 opened
Sep 18, 2024 -
[Azure App Service]: Expects JSON object but is unparsed JSON string
#11169 opened
Sep 18, 2024 -
[AWS Bedrock] Fix README issues
#11168 opened
Sep 18, 2024 -
[New Integration] Microsoft Sentinel
#11164 opened
Sep 17, 2024 -
[New Integration] Cloudflare Email Security
#11163 opened
Sep 17, 2024 -
[Mimecast]Add support for Brand Exploit Protect alerts
#11161 opened
Sep 17, 2024 -
[Mimecast]Add support for Cloud Integrated Logs
#11160 opened
Sep 17, 2024 -
[Mimecast] Add support for API 2.0
#11159 opened
Sep 17, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [system] Failing test daily: system test: default in system.process
#11131 opened
Sep 15, 2024 -
[Epic] [ServiceNow] New Fleet integration
#11119 opened
Sep 12, 2024 -
[PostgeSQL]: Pipeline doesn't take into account log_line_prefix config variable
#11114 opened
Sep 12, 2024 -
[Stack 8.16.0-SNAPSHOT] [oracle] Failing test daily: system test: sysmetric in oracle.sysmetric
#11110 opened
Sep 12, 2024 -
[Stack 8.16.0-SNAPSHOT] [oracle] Failing test daily: system test: performance in oracle.performance
#11109 opened
Sep 12, 2024 -
[Docker Integration] New Datastream for Docker Engine API logs
#11094 opened
Sep 11, 2024 -
[aws]: guardduty error message is unhelpful
#11090 opened
Sep 11, 2024 -
[Stack 8.16.0-SNAPSHOT] [aws] Failing test daily: system test: default in aws.firewall_logs
#11088 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [vsphere] Failing test daily: system test: default in vsphere.host
#11086 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [vsphere] Failing test daily: system test: default in vsphere.datastore
#11085 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [sophos] Failing test daily: pipeline test: test-sophos-xg.log in sophos.xg
#11084 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [oracle] Failing test daily: system test: sysmetric in oracle.sysmetric
#11081 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [oracle] Failing test daily: system test: performance in oracle.performance
#11080 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [oracle] Failing test daily: system test: memory in oracle.memory
#11079 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [oracle] Failing test daily: system test: tablespace in oracle.tablespace
#11078 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [cyberarkpas] Failing test daily: system test: tls in cyberarkpas.audit
#11075 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [claroty_ctd] Failing test daily: system test: udp in claroty_ctd.event
#11074 opened
Sep 11, 2024 -
[LogsDB] [Stack 8.16.0-SNAPSHOT] [claroty_ctd] Failing test daily: system test: tcp in claroty_ctd.event
#11073 opened
Sep 11, 2024 -
[Github]: GitHub Assets/Dashboards are inaccurate due to Github logging convention
#11062 opened
Sep 10, 2024 -
[Kubernetes]: Visualization Display errors for Kubernetes Jobs and Cronjobs Dashboards
#11060 opened
Sep 10, 2024 -
[vSphere] Add SSL/TLS support
#11059 opened
Sep 10, 2024 -
[IAzure Logs]: Integration eats up memory and dies
#11056 opened
Sep 10, 2024 -
[Okta] Add a `okta.debug_context.debug_data` keyword field
#11049 opened
Sep 9, 2024 -
aws.securityhub_findings: Implement mappings for Cloud Security Workflow
#11040 opened
Sep 9, 2024 -
aws.securityhub_findings: Implement transform for Cloud Security Workflow
#11039 opened
Sep 9, 2024 -
aws.securityhub_findings: Update datastream to leverage Cloud Security workflows
#11038 opened
Sep 9, 2024 -
GA Security Integrations
#10985 opened
Sep 3, 2024 -
[Cisco Secure Email Gateway] Supporting AsyncOS v15
#10979 opened
Sep 3, 2024 -
[Cisco ISE] Server 3.3 Support
#10978 opened
Sep 3, 2024 -
[CheckPoint] Drop support for EOL OS
#10977 opened
Sep 3, 2024 -
[Palo Alto Firewall] OS Support Update
#10975 opened
Sep 3, 2024 -
[Mimecast] Migrating to API 2.0
#10974 opened
Sep 3, 2024 -
[Okta]: Update 2.11.0 - > 2.12.0 fails
#10972 opened
Sep 3, 2024 -
[Cisco Duo] Update dashboards and documentation
#10962 opened
Sep 2, 2024 -
[Cisco Duo] Add support for Trust Monitor
#10961 opened
Sep 2, 2024 -
[Cisco Duo] Add support for Activity Logs
#10960 opened
Sep 2, 2024 -
[Cisco Duo] Update data streams to support v2 API
#10959 opened
Sep 2, 2024 -
entityanalytics_ad: add configuration for attribute selection
#10952 opened
Sep 1, 2024 -
[Docker Integration] Docker info + version
#10941 opened
Aug 30, 2024 -
[Stack 8.16.0-SNAPSHOT] [vsphere] Failing test daily: system test: default in vsphere.virtualmachine
#10926 opened
Aug 29, 2024 -
[Stack 8.16.0-SNAPSHOT] [sophos] Failing test daily: pipeline test: test-sophos-xg.log in sophos.xg
#10908 opened
Aug 28, 2024 -
[Stack 8.16.0-SNAPSHOT] [cisco_ios] Failing test daily: pipeline test: test-cisco-ios.log in cisco_ios.log
#10904 opened
Aug 28, 2024 -
[Stack 8.16.0-SNAPSHOT] [cisco_ios] Failing test daily: pipeline test: test-asr920.log in cisco_ios.log
#10903 opened
Aug 28, 2024
131 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
-
[tychon] New integration
#10811 commented on
Sep 27, 2024 • 123 new comments -
[Check Point Harmony Endpoint] New Integration - WIP
#10780 commented on
Sep 27, 2024 • 53 new comments -
[Amazon Security Lake] - OCSF v1.1 update with major refactor & adding support for dynamic template and mappings & system tests
#10405 commented on
Sep 26, 2024 • 35 new comments -
[Prometheus] Added dynamic_<dataset|namespace> settings to prometheus datasets
#10592 commented on
Sep 25, 2024 • 2 new comments -
[auditd]: ENRICHED ascii character separation not working
#10852 commented on
Sep 19, 2024 • 0 new comments -
Fix kv parsing in auditd integration to properly support quoted values.
#10333 commented on
Sep 19, 2024 • 0 new comments -
[O11y][Docker] Update format in table visualization
#7915 commented on
Sep 20, 2024 • 0 new comments -
[cisco_ftd]: Can't Grok Username with spaces on ftd messageID 113039
#10721 commented on
Sep 20, 2024 • 0 new comments -
[New Integration] Check Point Harmony Endpoint
#10168 commented on
Sep 20, 2024 • 0 new comments -
[M365 Defender] - Add a new data stream to support vulnerability logs
#7482 commented on
Sep 21, 2024 • 0 new comments -
Two "metrics" columns are displayed for linux integration on Agent details page.
#881 commented on
Sep 21, 2024 • 0 new comments -
Elastic-Agent: Microsoft SQL Server Integration - manage failover in a Microsoft SQL cluster
#4272 commented on
Sep 23, 2024 • 0 new comments -
[Anomali] Support ThreatStream API
#9610 commented on
Sep 23, 2024 • 0 new comments -
[Azure docs] Create a detailed setup guide to show users how to take the most out of Azure Logs
#9955 commented on
Sep 24, 2024 • 0 new comments -
[ci] Add team labels to failing test issues
#10354 commented on
Sep 24, 2024 • 0 new comments -
[Azure docs] Document how to collect any logs using the generic Event Hub integration
#4581 commented on
Sep 25, 2024 • 0 new comments -
Update integration to include hide_in_deployment modes
#10867 commented on
Sep 25, 2024 • 0 new comments -
Move non-ECS fields in Network Packet Capture datastream fields out of root namespace
#8185 commented on
Sep 25, 2024 • 0 new comments -
[New Integration] Vertex AI
#10856 commented on
Sep 25, 2024 • 0 new comments -
Update integration to include deployment mode
#10847 commented on
Sep 25, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [vsphere] Failing test daily: system test: default in vsphere.host
#10857 commented on
Sep 19, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [vsphere] Failing test daily: system test: default in vsphere.datastore
#10868 commented on
Sep 19, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [cloudflare] Failing test daily: system test: default in cloudflare.logpull
#10619 commented on
Sep 19, 2024 • 0 new comments -
[Integration NATS]: Add support for JetStream
#10748 commented on
Sep 18, 2024 • 0 new comments -
[vSphere] Add SSL support
#10542 commented on
Sep 18, 2024 • 0 new comments -
[MySQL] Add support for MariaDB 10.5.X
#10350 commented on
Sep 18, 2024 • 0 new comments -
Add support for redis 7 in the redis integration
#10199 commented on
Sep 18, 2024 • 0 new comments -
Tomcat metrics - Support Prometheus JMX Agent 1.0.1
#10189 commented on
Sep 18, 2024 • 0 new comments -
[O11y][HAProxy] Proposed changes in configuration parameters
#10157 commented on
Sep 18, 2024 • 0 new comments -
Fleet Package Policy API: Error Adding Winlog Integration - Stream Template Not Found
#9769 commented on
Sep 18, 2024 • 0 new comments -
Feature Request: CSPM integration support for gov cloud environments
#9187 commented on
Sep 18, 2024 • 0 new comments -
[cef] decode_cef processor do not respect ECS and more
#9109 commented on
Sep 18, 2024 • 0 new comments -
trendmicro: enhance ecs mappings for `event.category` and `event.type`
#8631 commented on
Sep 18, 2024 • 0 new comments -
[GitHub] How to get `topic` field value for `repo.add_topic` events
#8369 commented on
Sep 18, 2024 • 0 new comments -
cisco_asa: Event code 106023 - Source/Destination IP not being parsed into respective source.ip or destination.ip field when interface nameif has a full colon (:)
#9184 commented on
Aug 28, 2024 • 0 new comments -
[PostgreSQL] Add `condition` setting support
#10842 commented on
Sep 20, 2024 • 0 new comments -
[Azure] Parse response body in Activity logs into its own object
#10727 commented on
Sep 12, 2024 • 0 new comments -
Updated ingest pipeline default.yml to set event category and type
#10684 commented on
Sep 18, 2024 • 0 new comments -
[Oracle] Add extended space metrics
#10671 commented on
Sep 18, 2024 • 0 new comments -
Add sample to use updatecli to update mysql image
#10652 commented on
Sep 1, 2024 • 0 new comments -
[O11y][PostgreSQL] Add SLO to the postgresql package
#10607 commented on
Sep 18, 2024 • 0 new comments -
feat: add tags and processors on GCP Pubsub metrics
#10560 commented on
Sep 22, 2024 • 0 new comments -
[MongoDB Atlas] Disk data stream
#10555 commented on
Aug 30, 2024 • 0 new comments -
Update Cloud Defend integration to include `beta` release tag
#10541 commented on
Aug 29, 2024 • 0 new comments -
docs: remove duplicate message in aws billing integration page
#10382 commented on
Sep 18, 2024 • 0 new comments -
[Draft] Open AI POC
#10351 commented on
Sep 1, 2024 • 0 new comments -
[Logstash] Ready Agent-driven monitoring for GA
#10316 commented on
Sep 18, 2024 • 0 new comments -
[Azure] [OpenAI] Recalculate event.duration
#10290 commented on
Sep 18, 2024 • 0 new comments -
[Nginx] Add SLO's with Nginx Package
#10269 commented on
Sep 18, 2024 • 0 new comments -
akamai: handle input leniently
#10158 commented on
Sep 27, 2024 • 0 new comments -
[Apache Tomcat] Add JDBC Connection Pool's `maxActive` in the ingest pipeline
#10069 commented on
Sep 18, 2024 • 0 new comments -
[Oracle WebLogic] Add Support for parsing default 14c timestamp
#10047 commented on
Sep 7, 2024 • 0 new comments -
Fix JSON Typos on AWS API Gateway Documentation
#9932 commented on
Sep 23, 2024 • 0 new comments -
[System.Security] For Windows, store the split access list and mask values
#9907 commented on
Sep 18, 2024 • 0 new comments -
Enable synthetic source for Elastic-Agent datastreams
#9826 commented on
Sep 19, 2024 • 0 new comments -
[MySQL] Add `condition` setting support
#9704 commented on
Sep 9, 2024 • 0 new comments -
[Kafka integration] Provide a clear guidance for Kafka hosts
#9260 commented on
Sep 18, 2024 • 0 new comments -
[MSSQL] Encode username/password before generating connection string
#8792 commented on
Sep 18, 2024 • 0 new comments -
Feature Request: Allow the option to add a custom input for integrations
#7889 commented on
Sep 27, 2024 • 0 new comments -
[Integration Update] Add Sessions, Policy, Factors and Devices data to Okta Entity Analytics
#10426 commented on
Sep 27, 2024 • 0 new comments -
Incorrect `null` handling in `if` conditions and elsewhere
#8646 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [mongodb_atlas] Failing test daily: system test: (elastic-agent logs - default) in mongodb_atlas.hardware
#10625 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [mongodb_atlas] Failing test daily: system test: (elastic-agent logs - default) in mongodb_atlas.process
#10624 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [cyberarkpas] Failing test daily: system test: tls in cyberarkpas.audit
#10620 commented on
Sep 27, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [cloudflare] Failing test daily: system test: cursor in cloudflare.logpull
#10872 commented on
Sep 27, 2024 • 0 new comments -
Make sure that main ECS fields are mapped in the Elastic Agent integration
#8252 commented on
Sep 26, 2024 • 0 new comments -
getting "Provided Grok expressions do not match field value" in the error field when I am sending some AWS Cloudfront logs
#9334 commented on
Sep 3, 2024 • 0 new comments -
Review integrations for timezone offset support in UI
#6768 commented on
Sep 4, 2024 • 0 new comments -
[Meta Issue] Integrations Test Environment
#5340 commented on
Sep 4, 2024 • 0 new comments -
Make event.original available to the custom pipeline
#7636 commented on
Sep 4, 2024 • 0 new comments -
[AWS] Add `custom` variable to all Cloudwatch inputs and at the package level
#10002 commented on
Sep 5, 2024 • 0 new comments -
[Tomcat] Access logs: Missing time to process request field in parsing
#7584 commented on
Sep 7, 2024 • 0 new comments -
[iptables]: not properly parsing VyOS logs
#10881 commented on
Sep 9, 2024 • 0 new comments -
[AWS] Support for reading Cloudwatch logs in Cross Account Observability Setup
#6611 commented on
Sep 10, 2024 • 0 new comments -
GCP GKE integration is broken
#5127 commented on
Sep 10, 2024 • 0 new comments -
[Fortinet Fortigate Traffic]: Wrong calculation of network.bytes
#10849 commented on
Sep 10, 2024 • 0 new comments -
[M365 Defender]: Event dataset pipeline sets `host.os.type` to windows for MacOS devices
#10680 commented on
Sep 11, 2024 • 0 new comments -
Replace logs stream panels with saved searches
#10516 commented on
Sep 12, 2024 • 0 new comments -
[Windows] GUID Translation
#8959 commented on
Sep 12, 2024 • 0 new comments -
Better debugging of Ingest Pipelines in Integrations
#4150 commented on
Sep 12, 2024 • 0 new comments -
[ Kubernetes Audit Logs ] Missing mappings for kubernetes.audit.requestObject.webhooks and kubernetes.audit.responseObject.webhooks objects
#10081 commented on
Sep 12, 2024 • 0 new comments -
[Azure] Add support for ServicePrincipalRiskEvents and RiskyServicePrincipals on the AD Identity Protection Ingest Pipeline.
#8562 commented on
Sep 13, 2024 • 0 new comments -
[Security Detection Engine] Incorrect Indices for "Suspicious Web Browser Sensitive File Access" Rule
#10901 commented on
Aug 28, 2024 • 0 new comments -
[Azure] [Billing] Investigate, document and propose ways to migrate from Usage Details API to Cost Details API
#4237 commented on
Aug 28, 2024 • 0 new comments -
[AWS Usage] Overlapping documents when enabling TSDB - no more dimensions available
#6783 commented on
Aug 28, 2024 • 0 new comments -
[google_workspace] Missing extra filters for `Successful Logins by Compromised Users` panel
#8745 commented on
Aug 29, 2024 • 0 new comments -
aws: guardduty datastream collects duplicated documents
#8601 commented on
Aug 29, 2024 • 0 new comments -
[crowdstrike]: Crowdstrike Falcon Overview Dashboard showing error in observer filter.
#10819 commented on
Aug 29, 2024 • 0 new comments -
[O11y][Oracle WebLogic] Add unit for Deployed Application and ThreadPool data streams
#7620 commented on
Aug 30, 2024 • 0 new comments -
[Logstash]: No assets found and 404 when clicking to other dashboards.
#10642 commented on
Aug 30, 2024 • 0 new comments -
[Windows Integration]: Error installing windows 1.47.0
#10750 commented on
Aug 30, 2024 • 0 new comments -
[O11y] Missing description for tag for logs data streams
#7634 commented on
Aug 31, 2024 • 0 new comments -
[ti_threatq] Fix confidence scoring, scale ingestion, update ECS mappings & dashboard improvements
#10783 commented on
Sep 1, 2024 • 0 new comments -
[Akamai]: Add support for specifying ingest timeline
#10812 commented on
Sep 2, 2024 • 0 new comments -
[Azure] [Database Account Metrics] Add support for more dimensions
#7511 commented on
Sep 2, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [kibana] Failing test daily: system test: default (variant: kibana_8.10.0) in kibana.audit
#10691 commented on
Sep 3, 2024 • 0 new comments -
[Stack 8.15.0-SNAPSHOT] [kibana] Failing test daily: system test: default (variant: kibana_8.10.0) in kibana.audit
#10514 commented on
Sep 3, 2024 • 0 new comments -
GCP Billing Metrics does not collect detailed usage information
#4734 commented on
Sep 3, 2024 • 0 new comments -
[Cisco Duo] Integration Updates
#9609 commented on
Sep 13, 2024 • 0 new comments -
HAProxy tcp log format missing in grok patterns
#6605 commented on
Sep 18, 2024 • 0 new comments -
[CSPM] Update documentation and manifest to include supported platforms
#10108 commented on
Sep 18, 2024 • 0 new comments -
AWS Firehose endpoint returning 200 even when ingestion is failing
#10148 commented on
Sep 18, 2024 • 0 new comments -
[Citrix ADC] Syslog messages are not according to documentation
#10153 commented on
Sep 18, 2024 • 0 new comments -
[Logstash] Integration field conflict and outdated documentation
#10209 commented on
Sep 18, 2024 • 0 new comments -
[cribl] reroute to metrics datastreams
#10700 commented on
Sep 18, 2024 • 0 new comments -
[AWS Bedrock] Make AWS Bedrock integration GA
#10876 commented on
Sep 18, 2024 • 0 new comments -
[trendmicro] Upgrade integration would overwrite the integration settings
#9813 commented on
Sep 18, 2024 • 0 new comments -
[cisco ftd] Update to 2.3.0 resets listen ip settings to default
#3958 commented on
Sep 18, 2024 • 0 new comments -
Cisco Secure Email Gateway | Use CEF processor instead of GROK for Consolidated Event logs
#4738 commented on
Sep 18, 2024 • 0 new comments -
Bug: MISP elastic-agent integration don't get any logs in Kibana discover view
#5684 commented on
Sep 18, 2024 • 0 new comments -
[azure_frontdoor] waf ingest pipeline does not parse correctly to ECS Fields
#7017 commented on
Sep 18, 2024 • 0 new comments -
[Tenable.sc] Tweaks to Tenable.sc integration
#7695 commented on
Sep 18, 2024 • 0 new comments -
Delay in log parsing of sonicwall integration In Elasticsearch and kibana
#8114 commented on
Sep 18, 2024 • 0 new comments -
Improve ModSecurity integration documentation
#8134 commented on
Sep 18, 2024 • 0 new comments -
File Integrity Monitoring | User Information - Windows
#8312 commented on
Sep 18, 2024 • 0 new comments -
[ITF] Logs reachability is not there in case of Service Only Usecase
#7141 commented on
Sep 14, 2024 • 0 new comments -
[Kubernetes] Add top level processor `add_fields` for the cluster name usecase
#10878 commented on
Sep 16, 2024 • 0 new comments -
[TI_MISP] Transform logs-ti_misp.latest_ioc can enter on a FAILED state because of mapping conflicts.
#9360 commented on
Sep 16, 2024 • 0 new comments -
[AWS][Enhancement] Review AWS `request_parameters` and `response_elements` Values for Improvements
#9586 commented on
Sep 16, 2024 • 0 new comments -
[tcp]: Line Delimiter input text field does not work for control characters like \r
#10817 commented on
Sep 16, 2024 • 0 new comments -
[Google Workspace] Create Apps Script Integration or Execution Log Ingestion
#5388 commented on
Sep 16, 2024 • 0 new comments -
Verify mapping problems after migrating to ecs@mappings
#10848 commented on
Sep 16, 2024 • 0 new comments -
[Trend Micro Vision One] Adding support for Datalake Pipeline
#10192 commented on
Sep 17, 2024 • 0 new comments -
Incorrect case in Cloudflare Logpush pipeline
#8737 commented on
Sep 17, 2024 • 0 new comments -
[Azure OpenAI][Enhancement] Azure OpenAI Advanced Logging Ingestion
#10654 commented on
Sep 17, 2024 • 0 new comments -
[Netskope] Test ingestion of compressed Netskope cloud storage logs
#10744 commented on
Sep 17, 2024 • 0 new comments -
Support for MacOS Unified Logging
#6589 commented on
Sep 18, 2024 • 0 new comments -
[Stack 8.16.0-SNAPSHOT] [sentinel_one_cloud_funnel] Failing test daily: system test: default in sentinel_one_cloud_funnel.event
#10808 commented on
Sep 18, 2024 • 0 new comments -
[META] [ITF] Scoping and development of test framework for integrations
#5338 commented on
Sep 18, 2024 • 0 new comments -
[stormshield] Follow-up tasks for new integration
#10114 commented on
Sep 18, 2024 • 0 new comments -
Needed improvements around AWS log collection configuration issues
#5224 commented on
Sep 18, 2024 • 0 new comments