Add a Network Tunnel Activity Class #1012
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mikeradka
added
enhancement
mikeradka
changed the title
mikeradka
changed the title
mikeradka
requested review from
floydtree,
pagbabian-splunk,
Aniak5 and
zschmerber
as code owners
mikeradka
changed the title
Aniak5
reviewed
Apr 9, 2024
Aniak5
reviewed
Apr 9, 2024
Aniak5
reviewed
Apr 9, 2024
Aniak5
reviewed
Apr 9, 2024
|
Flattened the class per valuable feedback from mappers. |
floydtree
previously approved these changes
Apr 11, 2024
zschmerber
previously approved these changes
Apr 11, 2024
|
This looks great @mikeradka! Thanks for creating this class. Just curious, is there a reason that we aren't extending the base network class? it seems like the additional attributes of |
pagbabian-splunk
previously approved these changes
Apr 11, 2024
pagbabian-splunk
dismissed stale reviews from zschmerber, floydtree, and themself
via
670ad7c
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
Signed-off-by: Michael Radka <[email protected]>
mikeradka
force-pushed
the
network_tunneling_class
branch
from
670ad7c
to
d09f622
Compare
It was really just for simplicity, but after we dug into it a bit further it looks like extending |
pagbabian-splunk
approved these changes
Apr 11, 2024
zschmerber
approved these changes
Apr 11, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Related Issue:
#908 (Create a Network Tunnel Activity Class)
Description of changes:
This PR creates a new class in the
Networkcategory to allow for OCSF support ofNetwork Tunnelevents spanning data sources including but not limited to Cisco ASA/FTD, Palo Alto Globalprotect, and other products that support network tunneling.