Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[integrations] - Making multiple integrations GA #5677

Merged
merged 11 commits into from
Mar 31, 2023
Merged

[integrations] - Making multiple integrations GA #5677

merged 11 commits into from
Mar 31, 2023

Conversation

ShourieG
Copy link
Contributor

@ShourieG ShourieG commented Mar 24, 2023
edited
Loading

Type of change

  • Enhancement

What does this PR do?

Makes the following integrations/ data streams in certain integrations GA and updates the version to 1.0.0 :

  • Barracuda CloudGen
  • Box Events
  • Cisco Aironet*
  • Cisco Umbrella
  • Cloudflare Logpush
  • Cyberark PTA
  • Darktrace
  • F5 BIG-IP
  • Github
  • Infoblox BloxOne DDI
  • Jamf Compliance Reporter
  • LastPass
  • Microsoft Exchange Message Trace
  • PingOne
  • Rapid7 Threat Command
  • Slack Logs*
  • Sophos Central
  • Trend Micro Vision One

*Community developed

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Related issues

@ShourieG ShourieG requested review from a team as code owners March 24, 2023 12:36
@ShourieG ShourieG self-assigned this Mar 24, 2023
@ShourieG ShourieG requested review from P1llus and kcreddy March 24, 2023 12:37
@ShourieG
Copy link
Contributor Author

Query: Should ECS version also be updated to the latest in every GA'd integration ?

@ShourieG ShourieG changed the title taking integrations to ga [integrations] - Making multiple integrations GA Mar 24, 2023
@ShourieG
Copy link
Contributor Author

ShourieG commented Mar 24, 2023
edited
Loading

@jamiehynds The Initial PR for GA is up. Just some concerns :

  • Some of the integrations here still use older ECS of 8.4.
  • Cloud Flare Logpush GCS stream is not stress tested by users yet due to adoption rates
  • Packages like Rapid7 Threat Command and Journald Input only had initial commits before and very low versions like 0.0.x

@elasticmachine
Copy link

elasticmachine commented Mar 24, 2023
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-03-31T11:30:01.097+0000

  • Duration: 24 min 30 sec

Test stats 🧪

Test Results
Failed 0
Passed 295
Skipped 0
Total 295

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@jamiehynds
Copy link

Journald Input only had initial commits before and very low version like 0.0.x

@andrewkroh do you know what we use the Journald input for and if there's any blockers to GA'ing it?

@elasticmachine
Copy link

elasticmachine commented Mar 24, 2023
edited
Loading

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 100.0% (39/39) 💚
Files 100.0% (93/93) 💚
Classes 100.0% (93/93) 💚
Methods 98.222% (718/731) 👍 4.888
Lines 95.806% (20925/21841) 👎 -4.194
Conditionals 100.0% (0/0) 💚

@elasticmachine
Copy link

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@andrewkroh
Copy link
Member

We could make the journald input GA. AFAIK there are no known problems with it, and one feature request in #4032. And I have been asked to make the input GA in the past (and definitely forgot to open an issue for that).

Given that we haven't made the journald custom input package GA yet, I wonder if it would be a good time to convert it to an "input package". @P1llus, would this be worthwhile to do before making it GA?

@P1llus
Copy link
Member

P1llus commented Mar 28, 2023
edited
Loading

@andrewkroh I would highly recommend converting this as part of going GA, thats a great initative.

That also means we would have to set minimum version to 8.8 though, as that is when input packages goes GA right @hop-dev ?

@hop-dev
Copy link
Contributor

hop-dev commented Mar 28, 2023

Yes thats right, input packages can only be GA if they specify kibana version 8.8 or greater. This was introduced in package spec 2.6.0.

@ShourieG
Copy link
Contributor Author

@jamiehynds for now removing the Journald input from the list and making the rest GA. Will take it up in 8.8 as suggested by converting it to an input package

@andrewkroh
Copy link
Member

I created an issue for journald. #5750

kcreddy
kcreddy reviewed Mar 30, 2023
View reviewed changes
packages/cisco_umbrella/changelog.yml Show resolved Hide resolved
packages/barracuda_cloudgen_firewall/changelog.yml Outdated Show resolved Hide resolved
packages/github/changelog.yml Show resolved Hide resolved
packages/jamf_compliance_reporter/changelog.yml Outdated Show resolved Hide resolved
packages/journald/manifest.yml Outdated Show resolved Hide resolved
packages/slack/changelog.yml Outdated Show resolved Hide resolved
packages/sophos_central/manifest.yml Show resolved Hide resolved
@ShourieG
Copy link
Contributor Author

@kcreddy I've resolved all the PR suggestions

kcreddy
kcreddy approved these changes Mar 31, 2023
View reviewed changes
Copy link
Contributor

@kcreddy kcreddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍🏼

rdner
rdner reviewed Mar 31, 2023
View reviewed changes
packages/cisco_umbrella/manifest.yml Show resolved Hide resolved
packages/github/manifest.yml Show resolved Hide resolved
packages/journald/manifest.yml Outdated Show resolved Hide resolved
packages/sophos_central/manifest.yml Show resolved Hide resolved
@ShourieG ShourieG merged commit de7f8e8 into elastic:main Mar 31, 2023
@ShourieG ShourieG deleted the ga/integrations branch March 31, 2023 11:59
@ShourieG
Copy link
Contributor Author

@jamiehynds PR is merged

@elasticmachine
Copy link

Package barracuda_cloudgen_firewall - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=barracuda_cloudgen_firewall

@elasticmachine
Copy link

Package box_events - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=box_events

@elasticmachine
Copy link

Package cisco_aironet - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=cisco_aironet

@elasticmachine
Copy link

Package cisco_umbrella - 1.8.0 containing this change is available at https://epr.elastic.co/search?package=cisco_umbrella

@elasticmachine
Copy link

Package cloudflare_logpush - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=cloudflare_logpush

@elasticmachine
Copy link

Package cyberark_pta - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=cyberark_pta

@elasticmachine
Copy link

Package darktrace - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=darktrace

@elasticmachine
Copy link

Package f5_bigip - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=f5_bigip

@elasticmachine
Copy link

Package github - 1.9.0 containing this change is available at https://epr.elastic.co/search?package=github

@elasticmachine
Copy link

Package infoblox_bloxone_ddi - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=infoblox_bloxone_ddi

@elasticmachine
Copy link

Package jamf_compliance_reporter - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=jamf_compliance_reporter

@elasticmachine
Copy link

Package lastpass - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=lastpass

@elasticmachine
Copy link

Package microsoft_exchange_online_message_trace - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=microsoft_exchange_online_message_trace

@elasticmachine
Copy link

Package ping_one - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=ping_one

@elasticmachine
Copy link

Package slack - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=slack

@elasticmachine
Copy link

Package sophos_central - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=sophos_central

@elasticmachine
Copy link

Package ti_rapid7_threat_command - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=ti_rapid7_threat_command

@elasticmachine
Copy link

Package trend_micro_vision_one - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=trend_micro_vision_one

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rdner rdner rdner approved these changes

@kcreddy kcreddy kcreddy approved these changes

@belimawr belimawr Awaiting requested review from belimawr belimawr was automatically assigned from elastic/elastic-agent-data-plane

@fearful-symmetry fearful-symmetry Awaiting requested review from fearful-symmetry fearful-symmetry was automatically assigned from elastic/elastic-agent-data-plane

@P1llus P1llus Awaiting requested review from P1llus

Assignees

@ShourieG ShourieG

Labels
8.7 candidate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Security Integrations GA
8 participants
@ShourieG @elasticmachine @jamiehynds @andrewkroh @P1llus @hop-dev @rdner @kcreddy