Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Increase the ZT event coverage for Cloudflare Logpush #6132

Merged
merged 24 commits into from Jun 20, 2023
Merged

Increase the ZT event coverage for Cloudflare Logpush #6132

merged 24 commits into from Jun 20, 2023

Conversation

chemamartinez
Copy link
Contributor

@chemamartinez chemamartinez commented May 9, 2023
edited

What does this PR do?

Add new data streams to the Cloudflare Logpush integration to cover all the possible event types provided by Cloudflare.

Here is the list of new supported events:

  • Gateway DNS
  • Gateway HTTP
  • Gateway Network
  • Access Requests
  • CASB Findings
  • Device Posture Results
  • Network Session Logs

For now, the list above covers the Zero Trust events.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

Related issues

Screenshots

Integration main page

Screenshot 2023-06-12 at 10 40 20 Screenshot 2023-06-12 at 10 41 14

Zero Trust Overview

cloudflare-overview1 Screenshot 2023-06-12 at 09 59 40

Access Requests

AccessRequests

Audit

cloudflare_logpush-audit1

CASB Findings

CASB

Device Posture Results

DevicePosture

Gateway DNS

GatewayDNS

Gateway HTTP

cloudflare_logpush-gateway_http1

Gateway Network

GatewayNetwork

Network Sessions

cloudflare_logpush-network_sessions1

@chemamartinez chemamartinez self-assigned this May 9, 2023
@elasticmachine
Copy link

elasticmachine commented May 9, 2023
edited

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-06-20T10:06:01.856+0000

  • Duration: 25 min 49 sec

Test stats 🧪

Test Results
Failed 0
Passed 89
Skipped 0
Total 89

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@elasticmachine
Copy link

elasticmachine commented May 9, 2023
edited

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 100.0% (14/14) 💚
Files 100.0% (14/14) 💚 2.936
Classes 100.0% (14/14) 💚 2.936
Methods 100.0% (187/187) 💚 7.263
Lines 92.161% (4103/4452) 👍 0.337
Conditionals 100.0% (0/0) 💚

@chemamartinez chemamartinez force-pushed the 5867-cloudflare-new-datastreams branch 3 times, most recently from 773a94a to 7022ff9 Compare May 11, 2023 11:47
@chemamartinez chemamartinez force-pushed the 5867-cloudflare-new-datastreams branch 6 times, most recently from 8d1d28d to df3a937 Compare May 17, 2023 13:29
@chemamartinez chemamartinez force-pushed the 5867-cloudflare-new-datastreams branch from 9ca1a87 to ff9abcc Compare May 19, 2023 11:26
P1llus
P1llus reviewed May 25, 2023
View reviewed changes
Copy link
Member

@P1llus P1llus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We still have a few datastreams left, but this is a partial review.

packages/cloudflare_logpush/_dev/build/docs/README.md Show resolved Hide resolved
...ages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
...ages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml Show resolved Hide resolved
...ages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
...ages/cloudflare_logpush/data_stream/access_request/elasticsearch/ingest_pipeline/default.yml Show resolved Hide resolved
packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
packages/cloudflare_logpush/data_stream/casb/elasticsearch/ingest_pipeline/default.yml Show resolved Hide resolved
...ages/cloudflare_logpush/data_stream/device_posture/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
packages/cloudflare_logpush/data_stream/gateway_dns/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
@chemamartinez chemamartinez changed the title Increase the event coverage for Cloudflare Logpush Increase the ZT event coverage for Cloudflare Logpush May 26, 2023
P1llus
P1llus approved these changes May 29, 2023
View reviewed changes
Copy link
Member

@P1llus P1llus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, some small nits

...s/cloudflare_logpush/data_stream/network_analytics/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
@P1llus
Copy link
Member

P1llus commented May 29, 2023

We also want to add some more dashboards before merging, will do a second review for them once they are available.

@jamiehynds jamiehynds mentioned this pull request Jun 9, 2023
Closed
@chemamartinez chemamartinez marked this pull request as ready for review June 12, 2023 08:46
@chemamartinez chemamartinez requested a review from a team as a code owner June 12, 2023 08:46
@elasticmachine
Copy link

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @chemamartinez

@P1llus P1llus merged commit bfdfe5f into elastic:main Jun 20, 2023
4 checks passed
@elasticmachine
Copy link

Package cloudflare_logpush - 1.5.0 containing this change is available at https://epr.elastic.co/search?package=cloudflare_logpush

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@P1llus P1llus P1llus approved these changes

Assignees

@chemamartinez chemamartinez

Labels
enhancement New feature or request Integration:Cloudflare Logpush Cloudflare Logpush v8.9.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Cloudflare] Expanded Event Coverage
4 participants
@chemamartinez @elasticmachine @P1llus @approksiu