[Fortinet] Add support for 7.4 events #8036

marc-gr · 2023-10-02T08:49:30Z

Proposed commit message

Adds more test coverage for 6.2 events
Adds definitions for 7.4 event fields
Adds fixes for 7.4 events
Adds 7.4 events test coverage
Adds network_direction processor in addition to interface based direction resolution
Fix interface options for udp and tcp inputs

Checklist

I have reviewed tips for building integrations and this pull request is aligned with them.
I have verified that all data streams collect metrics or logs.
I have added an entry to my package's changelog.yml file.
I have verified that Kibana version constraints are current according to guidelines.

Related issues

elasticmachine · 2023-10-02T08:52:44Z

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

Start Time: 2023-10-30T08:32:47.295+0000
Duration: 18 min 43 sec

Test stats 🧪

Test	Results
Failed	0
Passed	11
Skipped	0
Total	11

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

/test : Re-trigger the build.

elasticmachine · 2023-10-02T09:32:41Z

🌐 Coverage report

Name	Metrics % (`covered/total`)	Diff
Packages	100.0% (`1/1`)	💚
Files	100.0% (`4/4`)	💚
Classes	100.0% (`4/4`)	💚
Methods	100.0% (`40/40`)	💚 66.667
Lines	92.686% (`1318/1422`)	👎 -7.314
Conditionals	100.0% (`0/0`)	💚

elasticmachine · 2023-10-26T15:20:53Z

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

packages/fortinet_fortigate/data_stream/log/agent/stream/log.yml.hbs

packages/fortinet_fortigate/data_stream/log/elasticsearch/ingest_pipeline/default.yml

packages/fortinet_fortigate/data_stream/log/elasticsearch/ingest_pipeline/utm.yml

packages/fortinet_fortigate/data_stream/log/elasticsearch/ingest_pipeline/default.yml

efd6

Nits only which probably should happen in another PR. LGTM

packages/fortinet_fortigate/data_stream/log/elasticsearch/ingest_pipeline/default.yml

packages/fortinet_fortigate/data_stream/log/elasticsearch/ingest_pipeline/traffic.yml

packages/fortinet_fortigate/data_stream/log/elasticsearch/ingest_pipeline/utm.yml

elasticmachine · 2023-10-30T09:30:21Z

Package fortinet_fortigate - 1.21.0 containing this change is available at https://epr.elastic.co/search?package=fortinet_fortigate

elasticmachine · 2023-10-30T09:30:22Z

Package fortinet_fortigate - 1.21.0 containing this change is available at https://epr.elastic.co/search?package=fortinet_fortigate

elasticmachine · 2023-10-30T09:30:23Z

Package fortinet_fortigate - 1.21.0 containing this change is available at https://epr.elastic.co/search?package=fortinet_fortigate

elasticmachine · 2023-10-30T09:30:24Z

Package fortinet_fortigate - 1.21.0 containing this change is available at https://epr.elastic.co/search?package=fortinet_fortigate

marc-gr added enhancement New feature or request Team:Security-External Integrations Integration:Fortinet (Deprecated) Use one of the specific fortinet_X labels. labels Oct 2, 2023

marc-gr force-pushed the fortinet-7x-support branch from acf3113 to 7dc4731 Compare October 2, 2023 08:50

ebeahan mentioned this pull request Oct 13, 2023

[fortinet_fortigate] Improve ECS mappings #4459

Open

marc-gr added 4 commits October 26, 2023 09:35

Add more 6.2 event samples

e837f92

Add 7.4 samples and fields

0d53027

Bump version and add changelog entry

0303998

Add network_direction processor and improve tls mappings

789be44

marc-gr force-pushed the fortinet-7x-support branch from 9e9ef65 to 789be44 Compare October 26, 2023 15:18

marc-gr marked this pull request as ready for review October 26, 2023 15:20

marc-gr requested a review from a team as a code owner October 26, 2023 15:20

efd6 reviewed Oct 26, 2023

View reviewed changes

marc-gr added 4 commits October 27, 2023 10:45

Add end block comments and remove unused index variable

7f24b96

Suggested changes on modified processors

026b72d

Unquote all processors conditions for consistency

c86f20b

Add nullcheck on network direction condition

dafde53

marc-gr requested a review from efd6 October 27, 2023 09:07

efd6 approved these changes Oct 30, 2023

View reviewed changes

Clean value templates and remove null checks in pipelines.

8db3a0c

marc-gr merged commit e17b11b into elastic:main Oct 30, 2023
4 checks passed

marc-gr deleted the fortinet-7x-support branch October 30, 2023 09:08

andrewkroh added the Integration:fortinet_fortigate Fortinet FortiGate Firewall Logs label Jul 22, 2024

andrewkroh removed the Integration:Fortinet (Deprecated) Use one of the specific fortinet_X labels. label Jul 22, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Fortinet] Add support for 7.4 events #8036

[Fortinet] Add support for 7.4 events #8036

marc-gr commented Oct 2, 2023 •

edited

Loading

elasticmachine commented Oct 2, 2023 •

edited

Loading

Build stats

Test stats 🧪

elasticmachine commented Oct 2, 2023 •

edited

Loading

elasticmachine commented Oct 26, 2023

efd6 left a comment

elasticmachine commented Oct 30, 2023

elasticmachine commented Oct 30, 2023

elasticmachine commented Oct 30, 2023

elasticmachine commented Oct 30, 2023

[Fortinet] Add support for 7.4 events #8036

[Fortinet] Add support for 7.4 events #8036

Conversation

marc-gr commented Oct 2, 2023 • edited Loading

Proposed commit message

Checklist

Related issues

elasticmachine commented Oct 2, 2023 • edited Loading

💚 Build Succeeded

Build stats

Test stats 🧪

🤖 GitHub comments

elasticmachine commented Oct 2, 2023 • edited Loading

🌐 Coverage report

elasticmachine commented Oct 26, 2023

efd6 left a comment

Choose a reason for hiding this comment

elasticmachine commented Oct 30, 2023

elasticmachine commented Oct 30, 2023

elasticmachine commented Oct 30, 2023

elasticmachine commented Oct 30, 2023

marc-gr commented Oct 2, 2023 •

edited

Loading

elasticmachine commented Oct 2, 2023 •

edited

Loading

elasticmachine commented Oct 2, 2023 •

edited

Loading