Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extract potential host.domain and user.domain in Cisco Secure Endpoint #2888

Merged
merged 8 commits into from
Mar 25, 2022
Merged

Extract potential host.domain and user.domain in Cisco Secure Endpoint #2888

merged 8 commits into from
Mar 25, 2022

Conversation

LaZyDK
Copy link
Contributor

@LaZyDK LaZyDK commented Mar 25, 2022
edited
Loading

What does this PR do?

Will try to extract host.domain, user.domain and user.email if possible.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

@LaZyDK LaZyDK requested a review from a team as a code owner March 25, 2022 06:55
@LaZyDK
Copy link
Contributor Author

LaZyDK commented Mar 25, 2022

@P1llus please test :)

@elasticmachine
Copy link

elasticmachine commented Mar 25, 2022
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-03-25T08:43:17.153+0000

  • Duration: 12 min 1 sec

Test stats 🧪

Test Results
Failed 0
Passed 11
Skipped 0
Total 11

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

LaZyDK and others added 3 commits March 25, 2022 08:04
@LaZyDK
Fixes
d767b4e 
Needed to use cisco.secure_endpoint.computer.hostname instead of host.name
@P1llus
updating CI tests and adding some minor changes
dfe22bb
@P1llus
adding some small modifications to pipeline
bf6c827
@P1llus
Copy link
Member

P1llus commented Mar 25, 2022

I added some small additions to it, some extra failure checks in the scripts, ran the CI generation of test data, and ensured that both host fields are still set.

Just need another to review then I can merge.

@P1llus
Copy link
Member

P1llus commented Mar 25, 2022

/test

efd6
efd6 reviewed Mar 25, 2022
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove event.ingested at https://github.com/elastic/integrations/pull/2888/files#diff-f430f71598ebb4c703c61a0500ebad83a87feee76e6f33c9ec8720576574e01eR38-R40?

None of the host.domain fields have any value other than "".

packages/cisco_secure_endpoint/data_stream/event/elasticsearch/ingest_pipeline/default.yml Show resolved Hide resolved
@P1llus
Copy link
Member

P1llus commented Mar 25, 2022

/test

efd6
efd6 approved these changes Mar 25, 2022
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@P1llus P1llus merged commit 7d201d7 into elastic:main Mar 25, 2022
eyalkraft pushed a commit to build-security/integrations that referenced this pull request Mar 30, 2022
@LaZyDK @P1llus
Extract potential host.domain and user.domain in Cisco Secure Endpoint (
4d88325 
elastic#2888)

* Extract potential host.domain and user.domain

* Bump version to 2.0.1

Bump version

* Update changelog.yml

* Fixes

Needed to use cisco.secure_endpoint.computer.hostname instead of host.name

* updating CI tests and adding some minor changes

* adding some small modifications to pipeline

* adding some small changes based on PR review

* update docs

Co-authored-by: Marius Iversen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@LaZyDK @elasticmachine @P1llus @efd6