New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ti_rapid7_threat_command] Ensure event.kind is correctly set for pipeline errors #6635
Conversation
…koWish/integrations into 6582-ti_rapid7_threat_command
…koWish/integrations into 6582-ti_rapid7_threat_command
/test |
🌐 Coverage report
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've found some that my automation missed, but missed the ones that I found. Can you also add changes for the default.yml files under data_stream/{alert,ioc,vulnerability}/elasticsearch/ingest_pipeline?
…koWish/integrations into 6582-ti_rapid7_threat_command
Oops! Forgot to change my commit message, but that last |
/test |
Package ti_rapid7_threat_command - 1.4.0 containing this change is available at https://epr.elastic.co/search?package=ti_rapid7_threat_command |
What does this PR do?
Modify ti_rapid7_threat_command integration to correctly set
event.kind
for pipeline errors and ensureerror.message
is an array.Checklist
Author's Checklist
How to test this PR locally
Related issues
Screenshots