Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

okta: add extended okta.debug_context.debug_data handling #3362

Merged
merged 3 commits into from
Jun 15, 2022
Merged

okta: add extended okta.debug_context.debug_data handling #3362

merged 3 commits into from
Jun 15, 2022

Conversation

efd6
Copy link
Contributor

@efd6 efd6 commented May 17, 2022
edited
Loading

What does this PR do?

This adds additional handling of the debug_context.debug_data object and particularly the risk level field that is in that object.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

  • Consider whether to move fields in okta.debug_context.debug_data.flattened.logOnlySecurityData to okta.debug_context.debug_data.flattened to make the structure of okta.debug_context.debug_data agnostic to the original event's structure.

How to test this PR locally

Run elastic-package test in the okta package.

Related issues

Screenshots

@efd6 efd6 added bug Something isn't working, use only for issues enhancement New feature or request Team:Security-External Integrations Integration:okta Okta labels May 17, 2022
@efd6 efd6 self-assigned this May 17, 2022
@efd6 efd6 mentioned this pull request May 17, 2022
Closed
@elasticmachine
Copy link

elasticmachine commented May 17, 2022
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-05-19T04:00:05.256+0000

  • Duration: 14 min 3 sec

Test stats 🧪

Test Results
Failed 0
Passed 12
Skipped 0
Total 12

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@elasticmachine
Copy link

elasticmachine commented May 17, 2022
edited
Loading

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 100.0% (1/1) 💚
Files 100.0% (1/1) 💚 3.731
Classes 100.0% (1/1) 💚 3.731
Methods 100.0% (17/17) 💚 11.9
Lines 86.69% (495/571) 👎 -2.801
Conditionals 100.0% (0/0) 💚

@efd6
Copy link
Contributor Author

efd6 commented May 18, 2022

@ynirk PTAL

@efd6 efd6 requested a review from ynirk May 18, 2022 08:59
@efd6 efd6 marked this pull request as ready for review May 18, 2022 09:07
@efd6 efd6 requested a review from a team as a code owner May 18, 2022 09:07
@elasticmachine
Copy link

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

ynirk
ynirk approved these changes May 18, 2022
View reviewed changes
Copy link

@ynirk ynirk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@efd6 efd6 mentioned this pull request May 19, 2022
Merged
7 tasks
@efd6
Copy link
Contributor Author

efd6 commented May 19, 2022

@ynirk I was wondering if you think it would be worth moving the okta.debug_context.debug_data.flattened.logOnlySecurityData object to okta.debug_context.debug_data.flattened if it exists. This would make the document the same for both cases in that set of fields independent of the original. We could mark that there was originally a logOnlySecurityData if that is informative.

@v1v v1v mentioned this pull request May 19, 2022
Merged
r00tu53r
r00tu53r approved these changes Jun 15, 2022
View reviewed changes
Copy link
Contributor

@r00tu53r r00tu53r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@efd6 efd6 merged commit 8569646 into elastic:main Jun 15, 2022
@efd6 efd6 deleted the beats-30961-okta branch June 15, 2022 07:36
@ynirk
Copy link

ynirk commented Jun 15, 2022

I was wondering if you think it would be worth moving the okta.debug_context.debug_data.flattened.logOnlySecurityData object to okta.debug_context.debug_data.flattened

sorry @efd6 I missed your last ping. It could have been a good idea but I suppose it's too late now

@efd6
Copy link
Contributor Author

efd6 commented Jun 15, 2022

The change here reflects the situation in the filebeat module and that was merged three weeks ago, so we are sort of stuck with this.

@andrewkroh andrewkroh mentioned this pull request Jun 22, 2022
Merged
@ynirk ynirk mentioned this pull request Nov 15, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@r00tu53r r00tu53r r00tu53r approved these changes

@ynirk ynirk ynirk approved these changes

Assignees

@efd6 efd6

Labels
bug Something isn't working, use only for issues enhancement New feature or request Integration:okta Okta
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@efd6 @elasticmachine @ynirk @r00tu53r