New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sophos_central: ensure from_date parameter is within bounds #9143
Conversation
a58dbcd
to
a79f325
Compare
The Sophos Central API requires that request are within the last 24 hours, so clamp the from_date parameter to within this constraint to prevent invalid user input or invalid cursors from causing request failure.
a79f325
to
24ef594
Compare
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
🚀 Benchmarks reportTo see the full report comment with |
💚 Build Succeeded
History
cc @efd6 |
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations) |
@@ -25,8 +25,8 @@ request.transforms: | |||
value: {{tenant_id}} | |||
- set: | |||
target: url.params.from_date | |||
value: '[[.cursor.from_date]]' | |||
default: '[[(now (parseDuration "-{{initial_interval}}")).Unix]]' | |||
value: '[[max .cursor.from_date ((now).Add (parseDuration "-23h59m")).Unix]]' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Choose 23h59m to avoid failure due to skew between now and when the request arrives at the endpoint.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Package sophos_central - 1.13.2 containing this change is available at https://epr.elastic.co/search?package=sophos_central |
The Sophos Central API requires that request are within the last 24 hours, so clamp the from_date parameter to within this constraint to prevent invalid user input or invalid cursors from causing request failure.
Proposed commit message
The Sophos Central API requires that request are within the last 24 hours, so clamp the from_date parameter to within this constraint to prevent invalid user input or invalid cursors from causing request failure.
Checklist
changelog.yml
file.Author's Checklist
How to test this PR locally
Related issues
Screenshots