Skip to content

netskope: add content_type override to transaction azure-blob-storage stream#18299

Merged
efd6 merged 1 commit intoelastic:mainfrom
efd6:18179-netskope
Apr 10, 2026
Merged

netskope: add content_type override to transaction azure-blob-storage stream#18299
efd6 merged 1 commit intoelastic:mainfrom
efd6:18179-netskope

Conversation

@efd6
Copy link
Copy Markdown
Contributor

@efd6 efd6 commented Apr 9, 2026

Proposed commit message

netskope: add content_type override to transaction azure-blob-storage stream

PR #16399 added content_type and override_content_type variables to
the alerts_events_v2 data stream but missed the transaction data
stream. Without these, the transaction stream cannot process blobs
whose advertised content-type differs from the actual format (e.g.
Netskope writing CSV data as application/gzip), leaving the unit
permanently degraded.

Add the same manifest variables and template conditionals that
alerts_events_v2 already has.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

@efd6 efd6 self-assigned this Apr 9, 2026
@efd6 efd6 added Integration:netskope Netskope bugfix Pull request that fixes a bug issue Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] labels Apr 9, 2026
@efd6
netskope: add content_type override to transaction azure-blob-storage…
34ca352 
… stream

PR elastic#16399 added content_type and override_content_type variables to
the alerts_events_v2 data stream but missed the transaction data
stream. Without these, the transaction stream cannot process blobs
whose advertised content-type differs from the actual format (e.g.
Netskope writing CSV data as application/gzip), leaving the unit
permanently degraded.

Add the same manifest variables and template conditionals that
alerts_events_v2 already has.
@efd6 efd6 force-pushed the 18179-netskope branch from 34303e9 to 34ca352 Compare April 9, 2026 03:46
@elastic-vault-github-plugin-prod
Copy link
Copy Markdown

elastic-vault-github-plugin-prod bot commented Apr 9, 2026

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Apr 9, 2026

💚 Build Succeeded

cc @efd6

@efd6 efd6 marked this pull request as ready for review April 9, 2026 04:28
@efd6 efd6 requested a review from a team as a code owner April 9, 2026 04:28
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Apr 9, 2026

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@kcreddy kcreddy mentioned this pull request Apr 10, 2026
Closed
@efd6 efd6 merged commit 8809413 into elastic:main Apr 10, 2026
9 checks passed
@elastic-vault-github-plugin-prod
Copy link
Copy Markdown

elastic-vault-github-plugin-prod bot commented Apr 10, 2026

Package netskope - 3.1.4 containing this change is available at https://epr.elastic.co/package/netskope/3.1.4/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kcreddy kcreddy kcreddy approved these changes

Assignees

@efd6 efd6

Labels

bugfix Pull request that fixes a bug issue Integration:netskope Netskope Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[netskope] transaction data stream missing content_type / override_content_type vars for azure-blob-storage input

3 participants

@efd6 @elasticmachine @kcreddy