[fortinet_fortiproxy] Add Fortinet FortiProxy integration #9846
Conversation
taylor-swanson
added
enhancement
- Initial draft of Fortinet FortiProxy integration - Add initial support for all log types - Add system and integration tests
taylor-swanson
force-pushed
the
integ/fortinet_fortiproxy
branch
from
7a47038
to
b74637a
Compare
🚀 Benchmarks reportTo see the full report comment with |
|
Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices) |
| default: |- | ||
| #certificate_authorities: | ||
| # - | | ||
| # -----BEGIN CERTIFICATE----- |
There was a problem hiding this comment.
Is this certificate used for anything? Maybe it's better to remove it
There was a problem hiding this comment.
Yeah that leaked over from the fortigate integration. certificate authorities doesn't really make sense here now that I'm looking at it. I see other integrations use something like this which I think I'll go with (good to show some sort of example, but better to not have a live key/cert pair that someone can accidentally use):
#certificate: "/etc/server/cert.pem"
#key: "/etc/server/key.pem"
| @@ -0,0 +1,205 @@ | |||
| - name: cloud | |||
There was a problem hiding this comment.
Why are these fields here, and not in packages/fortinet_fortiproxy/data_stream/log/fields/ecs.yml?
They're part of ECS, and from the descriptions, they look like they're taken from ECS. So I think I just don't understand how they're generated, and why some things go into agent.yml vs ecs.yml
There was a problem hiding this comment.
Historical reasons I suppose. This file was copied from another integration pretty much verbatim. I haven't heard any complaints about doing it this way from any other teams and it hasn't caused us any issues so far as far as I know.
💚 Build Succeeded
History
|
|
|
Package fortinet_fortiproxy - 0.1.0 containing this change is available at https://epr.elastic.co/search?package=fortinet_fortiproxy |
Proposed commit message
Checklist
changelog.ymlfile.How to test this PR locally
Related issues
Screenshots