Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Jamf Protect] Adding process.parent.entity_id ECS mapping #9577

Merged
merged 5 commits into from Apr 12, 2024
Merged

[Jamf Protect] Adding process.parent.entity_id ECS mapping #9577

merged 5 commits into from Apr 12, 2024

Conversation

txhaflaire
Copy link
Contributor

Proposed commit message

  • Adding process.parent.entity_id to prepare for Kibana updates.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

elastic-package stack down && elastic-package build && elastic-package stack up -d -v && eval "$(elastic-package stack shellinit)" && elastic-package test system --generate -v

--- Test results for package: jamf_protect - START ---
╭──────────────┬────────────────────┬───────────┬───────────────────────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE      │ DATA STREAM        │ TEST TYPE │ TEST NAME                                                             │ RESULT │ TIME ELAPSED │
├──────────────┼────────────────────┼───────────┼───────────────────────────────────────────────────────────────────────┼────────┼──────────────┤
│ jamf_protect │                    │ asset     │ dashboard jamf_protect-e9b86210-c65c-11ee-882f-57f79af43d7f is loaded │ PASS   │      50.75µs │
│ jamf_protect │ alerts             │ asset     │ index_template logs-jamf_protect.alerts is loaded                     │ PASS   │        500ns │
│ jamf_protect │ alerts             │ asset     │ ingest_pipeline logs-jamf_protect.alerts-0.1.1 is loaded              │ PASS   │        250ns │
│ jamf_protect │ telemetry          │ asset     │ index_template logs-jamf_protect.telemetry is loaded                  │ PASS   │        333ns │
│ jamf_protect │ telemetry          │ asset     │ ingest_pipeline logs-jamf_protect.telemetry-0.1.1 is loaded           │ PASS   │        333ns │
│ jamf_protect │ web_threat_events  │ asset     │ index_template logs-jamf_protect.web_threat_events is loaded          │ PASS   │        333ns │
│ jamf_protect │ web_threat_events  │ asset     │ ingest_pipeline logs-jamf_protect.web_threat_events-0.1.1 is loaded   │ PASS   │        875ns │
│ jamf_protect │ web_traffic_events │ asset     │ index_template logs-jamf_protect.web_traffic_events is loaded         │ PASS   │        333ns │
│ jamf_protect │ web_traffic_events │ asset     │ ingest_pipeline logs-jamf_protect.web_traffic_events-0.1.1 is loaded  │ PASS   │        375ns │
╰──────────────┴────────────────────┴───────────┴───────────────────────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: jamf_protect - END   ---
Done
Run pipeline tests for the package
2024/04/12 09:14:48 DEBUG Package does not embed ECS mappings
2024/04/12 09:14:50 DEBUG Package does not embed ECS mappings
2024/04/12 09:14:52 DEBUG Package does not embed ECS mappings
2024/04/12 09:14:53 DEBUG Package does not embed ECS mappings
--- Test results for package: jamf_protect - START ---
╭──────────────┬────────────────────┬───────────┬─────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE      │ DATA STREAM        │ TEST TYPE │ TEST NAME                                   │ RESULT │ TIME ELAPSED │
├──────────────┼────────────────────┼───────────┼─────────────────────────────────────────────┼────────┼──────────────┤
│ jamf_protect │ alerts             │ pipeline  │ test-jamf-protect-alerts-sample-logs.log    │ PASS   │     19.285ms │
│ jamf_protect │ telemetry          │ pipeline  │ test-jamf-protect-telemetry-sample-logs.log │ PASS   │  20.002333ms │
│ jamf_protect │ web_threat_events  │ pipeline  │ test-jamf-protect-threat-sample-logs.log    │ PASS   │   6.344583ms │
│ jamf_protect │ web_traffic_events │ pipeline  │ test-jamf-protect-traffic-sample-logs.log   │ PASS   │   6.782542ms │
╰──────────────┴────────────────────┴───────────┴─────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: jamf_protect - END   ---
Done
Run static tests for the package
2024/04/12 09:14:53 DEBUG Package does not embed ECS mappings
2024/04/12 09:14:53 DEBUG Package does not embed ECS mappings
2024/04/12 09:14:53 DEBUG Package does not embed ECS mappings
2024/04/12 09:14:53 DEBUG Package does not embed ECS mappings
--- Test results for package: jamf_protect - START ---
╭──────────────┬────────────────────┬───────────┬──────────────────────────┬────────┬──────────────╮
│ PACKAGE      │ DATA STREAM        │ TEST TYPE │ TEST NAME                │ RESULT │ TIME ELAPSED │
├──────────────┼────────────────────┼───────────┼──────────────────────────┼────────┼──────────────┤
│ jamf_protect │ alerts             │ static    │ Verify sample_event.json │ PASS   │    74.1365ms │
│ jamf_protect │ telemetry          │ static    │ Verify sample_event.json │ PASS   │  40.947542ms │
│ jamf_protect │ web_threat_events  │ static    │ Verify sample_event.json │ PASS   │  63.086292ms │
│ jamf_protect │ web_traffic_events │ static    │ Verify sample_event.json │ PASS   │  60.883458ms │
╰──────────────┴────────────────────┴───────────┴──────────────────────────┴────────┴──────────────╯
--- Test results for package: jamf_protect - END   ---
Done
Run system tests for the package
2024/04/12 09:14:53 DEBUG GET https://127.0.0.1:5601/api/status
--- Test results for package: jamf_protect - START ---
No test results
--- Test results for package: jamf_protect - END   ---
Done```

txhaflaire and others added 4 commits April 12, 2024 08:41
@txhaflaire
Adding parent.process.entity_id ECS mapping
69f1b28 
Adding parent.process.entity_id ECS mapping
@txhaflaire
Update changelog.yml
b39ac7d
@txhaflaire @kcreddy
Update packages/jamf_protect/changelog.yml
9c006fa 
Co-authored-by: Krishna Chaitanya Reddy Burri <krish.reddy91@gmail.com>
@txhaflaire
Update manifest.yml
7baf3a2
@txhaflaire txhaflaire requested a review from a team as a code owner April 12, 2024 08:06
@kcreddy
Copy link
Contributor

kcreddy commented Apr 12, 2024

/test

@kcreddy kcreddy added enhancement New feature or request Integration:Jamf Protect Team:Security-Service Integrations Security Service Integrations Team labels Apr 12, 2024
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@elasticmachine
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

💚 Build Succeeded

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No Coverage information No data about Coverage
0.0% 0.0% Duplication on New Code

See analysis details on SonarQube

kcreddy
kcreddy approved these changes Apr 12, 2024
View reviewed changes
Copy link
Contributor

@kcreddy kcreddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍🏼

@kcreddy kcreddy merged commit c4326ec into elastic:main Apr 12, 2024
5 checks passed
@elasticmachine
Copy link

Package jamf_protect - 0.2.0 containing this change is available at https://epr.elastic.co/search?package=jamf_protect

@txhaflaire txhaflaire deleted the jamf_protect_0.2.0 branch April 12, 2024 09:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kcreddy kcreddy kcreddy approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request Integration:Jamf Protect Team:Security-Service Integrations Security Service Integrations Team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@txhaflaire @kcreddy @elasticmachine