Security Analytics 2.7 Backports #938
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Megha Goyal <goyamegh@amazon.com>
* fix detector writeTo() method missing fields Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * fix test Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
…ensearch-project#722) * fix null query filter conversion from sigma to query string query Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * fix rule to query conversion tests for null filter Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * enhance test to verify non null doc doesnt match null query Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
… no applied aliases Signed-off-by: Megha Goyal <goyamegh@amazon.com> * Adding integ tests for empty mappings/aliases use-cases Signed-off-by: Megha Goyal <goyamegh@amazon.com> * Fix unit tests for MappingsTraverser Signed-off-by: Megha Goyal <goyamegh@amazon.com> --------- Signed-off-by: Megha Goyal <goyamegh@amazon.com>
…quashed) Signed-off-by: Dennis Toepker <toepkerd@amazon.com>
…emove blocking actionGet() calls (opensearch-project#873) * pass query field names in doc level queries during monitor creation/updation Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * remove actionGet() and change get index mapping call to event driven flow Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * fix chained findings monitor Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * add finding mappings Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * remove test messages from logs Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> * revert build.gradle change Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> --------- Signed-off-by: Surya Sashank Nistala <snistala@amazon.com>
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## 2.7 #938 +/- ##
============================================
- Coverage 28.09% 27.77% -0.32%
- Complexity 900 902 +2
============================================
Files 231 231
Lines 9341 9495 +154
Branches 1076 1081 +5
============================================
+ Hits 2624 2637 +13
- Misses 6481 6623 +142
+ Partials 236 235 -1 ☔ View full report in Codecov by Sentry. |
engechas
reviewed
Mar 19, 2024
| import org.opensearch.common.SetOnce; | ||
| import org.apache.lucene.util.SetOnce; |
There was a problem hiding this comment.
Don't think this was supposed to change. Not sure what the ramifications are
Signed-off-by: Dennis Toepker <toepkerd@amazon.com>
engechas
approved these changes
Mar 19, 2024
sbcd90
approved these changes
Mar 19, 2024
riysaxen-amzn
pushed a commit
to riysaxen-amzn/security-analytics
that referenced
this pull request
Mar 25, 2024
…) (opensearch-project#938) (cherry picked from commit e0b7a5a7905b977e58d80e3b9134b14893d122b0) * remove unneeded import --------- * Stashed user together with it's roles --------- * Added workflow execution logic (opensearch-project#850) * Added workflow execution logic * Adjusted code according to comments * Updated version of the findings json * Updating the workflow metadata in the case of updating flag set to false while the metadata alerady exist * Added logging for workflow metadata update * Added Rest Execute Workflow action * Extended workflow context with workflowMetadataId. Adjusted the doc level monitor findings * Updated conditions for unstashing the context when indexing and deleting the workflow --------- * Added fix when executing the workflow and when chained findings index… (opensearch-project#890) * Fixed deleting monitor workflow metadata (#882) * Fixed deleting monitor metadata and workflow metadata. * fix monitor metadata error from conflict resolution * remove unused import * remove rest execute workflow action * increment schema version for findings mapping json --------- Signed-off-by: Stevan Buzejic <buzejic.stevan@gmail.com> Signed-off-by: Angie Zhang <langelzh@amazon.com> Signed-off-by: Ashish Agrawal <ashisagr@amazon.com> Signed-off-by: Surya Sashank Nistala <snistala@amazon.com> Co-authored-by: Stevan Buzejic <buzejic.stevan@gmail.com> Co-authored-by: Angie Zhang <langelzh@amazon.com> Co-authored-by: opensearch-trigger-bot[bot] <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Co-authored-by: Petar Dzepina <petar.dzepina@gmail.com> Co-authored-by: Ashish Agrawal <ashisagr@amazon.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Backports #695 #722 #724 #873
Issues Resolved
[List any issues this PR will resolve]
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.