New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[TI MISP] Add datastream for Attributes API endpoint #4136
Conversation
This is a great contribution @legoguy1000 . Please ping me when you feel its finished. |
Will do. I think it's pretty much done, the only thing I've been debating is whether to align the fields to match the other datastream or not? There is overlap in the data that's retrieved but it's structure is different and I've been debating whether to rename the fields to match the other datastream or just leave as is. |
Hi! We just realized that we haven't looked into this PR in a while. We're sorry! We're labeling this issue as |
:) |
thanks for the bump, @legoguy1000! If you're ready to have this one looked at again, can you move it out of draft? |
/test |
Hi! We just realized that we haven't looked into this PR in a while. We're sorry! We're labeling this issue as |
Hi! This PR has been stale for a while and we're going to close it as part of our cleanup procedure. We appreciate your contribution and would like to apologize if we have not been able to review it, due to the current heavy load of the team. Feel free to re-open this PR if you think it should stay open and is worth rebasing. Thank you for your contribution! |
We could safely take over this PR. The current progress is that we need to review the integration to make sure it produces the same outcome as the existing datastream (it just uses two different API's, this one is less performance heavy). We should also update the documentation to ensure that they only use one or the other. |
Hi! We just realized that we haven't looked into this PR in a while. We're sorry! We're labeling this issue as |
/test |
🌐 Coverage report
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat/elasticsearch/ingest_pipeline/default.yml
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
packages/ti_misp/data_stream/threat_attributes/elasticsearch/ingest_pipeline/default.yml
Outdated
Show resolved
Hide resolved
/test |
Package ti_misp - 1.11.0 containing this change is available at https://epr.elastic.co/search?package=ti_misp |
Package ti_misp - 1.12.0 containing this change is available at https://epr.elastic.co/search?package=ti_misp |
What does this PR do?
Add new datastream to support the
/attributes/restSearch
API endpointChecklist
changelog.yml
file.Author's Checklist
How to test this PR locally
Related issues
Screenshots