Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

checkpoint: add dashboard #5472

Merged
merged 2 commits into from Mar 21, 2023
Merged

checkpoint: add dashboard #5472

merged 2 commits into from Mar 21, 2023

Conversation

efd6
Copy link
Contributor

@efd6 efd6 commented Mar 8, 2023
edited

What does this PR do?

Adds a set of four dashboards:

  • Overview
  • IP Addresses and Ports
  • Time and Traffic
  • Time and Place

(The last two are time progressive views on traffic characteristics and geo/org endpoints).

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

How to test this PR locally

Related issues

Screenshots

Overview

overview

IP Addresses and Ports

addresses_and_ports

Time and Traffic

time_and_traffic

Time and Place

time_and_place

@efd6 efd6 self-assigned this Mar 8, 2023
@elasticmachine
Copy link

elasticmachine commented Mar 8, 2023
edited

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-03-21T02:37:56.492+0000

  • Duration: 16 min 55 sec

Test stats 🧪

Test Results
Failed 0
Passed 16
Skipped 0
Total 16

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@elasticmachine
Copy link

elasticmachine commented Mar 8, 2023
edited

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 100.0% (1/1) 💚
Files 100.0% (1/1) 💚
Classes 100.0% (1/1) 💚
Methods 100.0% (17/17) 💚 9.091
Lines 87.379% (900/1030) 👎 -5.414
Conditionals 100.0% (0/0) 💚

@efd6 efd6 marked this pull request as ready for review March 8, 2023 11:15
@efd6 efd6 requested a review from a team as a code owner March 8, 2023 11:15
@elasticmachine
Copy link

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@efd6
Copy link
Contributor Author

efd6 commented Mar 8, 2023
edited

I am thinking that in the IP Addressess and Ports dash, "other" should be not shown since in real-world cases the vast majority of IPs and ports will not be in the top 10. The trade-off is that the drill-down loses visibility into that.

addresses_and_ports

@efd6 efd6 closed this Mar 8, 2023
@efd6 efd6 reopened this Mar 8, 2023
kcreddy
kcreddy approved these changes Mar 13, 2023
View reviewed changes
Copy link
Contributor

@kcreddy kcreddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor clarification. LGTM 👍🏼
Great visualisations 🥇

packages/checkpoint/manifest.yml
release: ga
description: Collect logs from Check Point with Elastic Agent.
type: integration
format_version: 1.0.0
license: basic
categories: [security]
conditions:
kibana.version: "^7.16.0 || ^8.0.0"
kibana.version: "^8.6.0"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this make 7.17 unsupported? Is that okay since it hasn't reached EOL?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jamiehynds What is your view?

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@efd6 sorry for the delay. Am I correct in saying we're bumping the minimum version to ensure the dashboards can avail of the latest Lens capabilities? If that's the case, I'm fine with bumping the version - we're adopting a similar approach with other integrations.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's correct. Thanks.

@efd6 efd6 merged commit 3c1a7af into elastic:main Mar 21, 2023
3 checks passed
@elasticmachine
Copy link

Package checkpoint - 1.17.0 containing this change is available at https://epr.elastic.co/search?package=checkpoint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jamiehynds jamiehynds jamiehynds left review comments

@kcreddy kcreddy kcreddy approved these changes

Assignees

@efd6 efd6

Labels
dashboard enhancement New feature or request Integration:Checkpoint
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Check Point] Add Dashboard
4 participants
@efd6 @elasticmachine @kcreddy @jamiehynds