Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#884 Add firewall, router, switch, hub to endpoint types. #921

Merged
merged 2 commits into from
Jan 9, 2024
Merged

#884 Add firewall, router, switch, hub to endpoint types. #921

merged 2 commits into from
Jan 9, 2024

Conversation

mikeradka
Copy link
Contributor

@mikeradka mikeradka commented Jan 8, 2024
edited

Related Issue: #884

Description of changes: Adds firewall, router, switch, hub to endpoint types. We want to get this in before 1.1.

image

@mikeradka
ocsf#884 Add firewall, router, switch, utm, hub to endpoint types.
9768c34 
Signed-off-by: Michael Radka <mradka@splunk.com>
@mikeradka mikeradka added enhancement New feature or request non_breaking Non Breaking, backwards compatible changes v1.1.0 Changes marked for v1.1.0 of OCSF labels Jan 8, 2024
@mikeradka mikeradka self-assigned this Jan 8, 2024
floydtree
floydtree previously approved these changes Jan 8, 2024
View reviewed changes
Aniak5
Aniak5 previously approved these changes Jan 8, 2024
View reviewed changes
Copy link
Contributor

@Aniak5 Aniak5 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good call on adding these!

@pagbabian-splunk
Copy link
Contributor

Should we have descriptions for Firewall, Switch, and Hub?

@mikeradka
Add descriptions, remove UTM
3e8c422 
Signed-off-by: Michael Radka <mradka@splunk.com>
@mikeradka mikeradka dismissed stale reviews from Aniak5 and floydtree via 3e8c422 January 8, 2024 22:16
@mikeradka mikeradka changed the title #884 Add firewall, router, switch, utm, hub to endpoint types. #884 Add firewall, router, switch, hub to endpoint types. Jan 8, 2024
@mikeradka
Copy link
Contributor Author

Should we have descriptions for Firewall, Switch, and Hub?

Good thinking. I added descriptions with links.

@mikeradka
Copy link
Contributor Author

mikeradka commented Jan 8, 2024
edited

I removed UTM - per Cisco, a UTM is a specific type of firewall (along with 6 or 7 others). I think we should keep it to firewall, and talk to @pladam about maybe adding a way to specify the firewall type in the profile he is working.

@floydtree and @Aniak5 if you both could re-review :)

@pagbabian-splunk
Copy link
Contributor

We should add the different firewall types (e.g. NGFW, UTM) to the Security Control profile, we merged in the Firewall profile into that profile, adding the firewall_rule object, so it makes most sense there.

@Aniak5
Copy link
Contributor

Aniak5 commented Jan 8, 2024

Looks great! I like how you added the links for further detail on each device type!
image

@floydtree floydtree merged commit e65a974 into ocsf:main Jan 9, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Aniak5 Aniak5 Aniak5 approved these changes

@pagbabian-splunk pagbabian-splunk pagbabian-splunk approved these changes

@floydtree floydtree floydtree approved these changes

@ablyler ablyler Awaiting requested review from ablyler

@adplotzk adplotzk Awaiting requested review from adplotzk

Assignees

@mikeradka mikeradka

Labels
enhancement New feature or request non_breaking Non Breaking, backwards compatible changes v1.1.0 Changes marked for v1.1.0 of OCSF
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@mikeradka @pagbabian-splunk @Aniak5 @floydtree