-
Notifications
You must be signed in to change notification settings - Fork 407
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Zscaler ZIA] Add dynamic ECS mapping as well as resolve the issue relate to User Agent and NA fields. #5420
Conversation
…ted to the user agent field and fields that contain a NA value
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
🌐 Coverage report
|
"port": 0 | ||
}, | ||
"tags": [ | ||
"forwarded", | ||
"zscaler_zia-tunnel" | ||
], | ||
"user": { | ||
"name": "Unknown" | ||
"name": "81.2.69.145" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this a user name?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @P1llus,
In the user name field, we are getting an IP, but this IP indicates the user name only. Basically, this field contains the name of vpn credential
. So, we mapped it to user.name
.
Package zscaler_zia - 2.7.1 containing this change is available at https://epr.elastic.co/search?package=zscaler_zia |
…late to User Agent and NA fields. (elastic#5420) * Add support for dynamic ECS mapping as well as resolve the issue related to the user agent field and fields that contain a NA value * Update Changelog Entry * Update ReadMe
…late to User Agent and NA fields. (elastic#5420) * Add support for dynamic ECS mapping as well as resolve the issue related to the user agent field and fields that contain a NA value * Update Changelog Entry * Update ReadMe
Type of change
What does this PR do?
Checklist
How to test this PR locally
Related issues
Screenshots