Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[checkpoint] Improve authentication logs normalization #8884

Merged
merged 2 commits into from Jan 17, 2024
Merged

[checkpoint] Improve authentication logs normalization #8884

merged 2 commits into from Jan 17, 2024

Conversation

bhapas
Copy link
Contributor

@bhapas bhapas commented Jan 15, 2024
edited

Proposed commit message

Problem described in #8836

Authentication events (logon, logoff) to be categorised as authentication events [ Instead of Network events ]
Sample Authentication events are added in the pipeline tests for the following scenarios

  • Login Success
  • Login Failed
  • Login Expert Shell
  • Logout

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

elastic-package stack up -d -v && elastic-package test -v

Related issues

@bhapas bhapas self-assigned this Jan 15, 2024
@bhapas bhapas requested a review from a team as a code owner January 15, 2024 10:50
@elasticmachine
Copy link

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@bhapas bhapas mentioned this pull request Jan 15, 2024
Closed
@elasticmachine
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

efd6
efd6 reviewed Jan 15, 2024
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you flesh out the commit message, including noting the provenance of the test cases.

packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r81x.log-expected.json Show resolved Hide resolved
packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r81x.log-expected.json Show resolved Hide resolved
packages/checkpoint/data_stream/firewall/_dev/test/pipeline/test-r81x.log-expected.json Show resolved Hide resolved
packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml Show resolved Hide resolved
packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
packages/checkpoint/data_stream/firewall/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
@elasticmachine
Copy link

💚 Build Succeeded

cc @bhapas

@bhapas bhapas requested a review from efd6 January 16, 2024 14:12
@bhapas bhapas merged commit b169c7c into elastic:main Jan 17, 2024
3 checks passed
@elasticmachine
Copy link

Package checkpoint - 1.30.0 containing this change is available at https://epr.elastic.co/search?package=checkpoint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

@bhapas bhapas

Labels
enhancement New feature or request Integration:Checkpoint
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Check Point] Improve authentication logs normalization
3 participants
@bhapas @elasticmachine @efd6