New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add threat_intel category to integrations #3689
Conversation
release: ga | ||
description: Ingest threat intelligence indicators from Cybersixgill with Elastic Agent. | ||
type: integration | ||
format_version: 1.0.0 | ||
license: basic | ||
categories: ["security", "productivity"] | ||
categories: ["security", "threat_intel"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure why this specific package was listed with productivity
even though the other ti-*
packages were not. For consistency, I removed it.
license: basic | ||
description: "Collect logs from the Mimecast API with Elastic Agent." | ||
type: integration | ||
categories: | ||
- security | ||
categories: ["security", "threat_intel"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I marked this package with the threat_intel
category because it supports pulling data from the Mimecast Threat Intel Feed.
@elastic/security-external-integrations did I miss any steps for updating the categories for 8.4? Happy to adjust the PR if needed. |
🌐 Coverage report
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM after nit.
packages/mimecast/changelog.yml
Outdated
@@ -1,3 +1,8 @@ | |||
- version: "1.1.1" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since these are marked as enhancements, they would be minor version bumps rather than patch bumps.
Thanks @efd6! I modified the version numbers. @elastic/protections-experience would you mind giving this a once over before I merge? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM (although not exactly sure how to test this :) )
@stevewritescode you're missing ThreatQuotient in your list of TI feeds. Also just as an FYI, Mimecast isn't a full TI integration but they have some data streams that are Threat Intelligence related so good to keep on the list. |
Thanks @dhru42! I accidentally left ThreatQuotient out of the list in the PR description, though it is represented in the code changed. I updated the description to match. I will also rebase on the recent mimecast updates before merging. |
5ac6a26
to
6eecaac
Compare
What does this PR do?
As a follow-on to elastic/package-spec#366, this PR adds new
threat_intel
category to the relevant integrations:Checklist
changelog.yml
file.Related issues
Relates to elastic/kibana#135758, elastic/kibana#136208