Skip to content

Migrate security service packages to GA #11210

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Sep 27, 2024
Merged

Migrate security service packages to GA #11210

merged 15 commits into from
Sep 27, 2024

Conversation

narph
Copy link
Contributor

@narph narph commented Sep 23, 2024
edited
Loading

Proposed commit message

Migrate security service packages to GA:

Package Directory
abnormal_security
authentik
azure_network_watcher_nsg
azure_network_watcher_vnet
bbot
cribl missing tests, dashboards
cybereason
digital_guardian
entityanalytics_ad missing system tests, dashboards
falco
gigamon
gitlab
opencanary missing system tests, dashboards
pps missing dashboards
prisma_access
proofpoint_on_demand
spycloud
sublime_security
symantec_endpoint_security
teleport
  • update changelog
  • update manifest file
  • update documentation, fix broken links
  • Add required configuration option Path for OpenCanary
  • ensure event.kind/category/type are set ecs required fields: Gigamon, Gitlab, PPS
  • No dashboards: Cribl, OpenCanary

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Related issues

TO DO (in separate issue)

  • map Gigamon ecs fields (dns)
  • add dashboards and missing tests if applicable for the beta integrations

@narph narph self-assigned this Sep 23, 2024
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Sep 23, 2024
edited
Loading

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@narph narph added the Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] label Sep 23, 2024
@narph narph marked this pull request as ready for review September 24, 2024 12:09
@narph narph requested a review from a team as a code owner September 24, 2024 12:09
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@andrewkroh andrewkroh added Integration:gitlab GitLab Integration:bbot BBOT (Bighuge BLS OSINT Tool) (Community supported) Integration:digital_guardian Digital Guardian Integration:authentik authentik Integration:cribl Cribl Integration:pps Pleasant Password Server (Community supported) Integration:symantec_endpoint_security Symantec Endpoint Security Integration:azure_network_watcher_nsg Azure Network Watcher NSG Integration:cybereason Cybereason Integration:sublime_security Sublime Security Integration:azure_network_watcher_vnet Azure Network Watcher VNet Integration:spycloud SpyCloud Enterprise Protection (Partner supported) Integration:falco Falco Integration:entityanalytics_ad Active Directory Entity Analytics Integration:teleport Teleport labels Sep 24, 2024
@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
90.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @narph

@narph narph merged commit a311cbd into elastic:main Sep 27, 2024
5 checks passed
@elastic-vault-github-plugin-prod
Copy link

Package abnormal_security - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=abnormal_security

@elastic-vault-github-plugin-prod
Copy link

Package authentik - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=authentik

@elastic-vault-github-plugin-prod
Copy link

Package azure_network_watcher_nsg - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=azure_network_watcher_nsg

@elastic-vault-github-plugin-prod
Copy link

Package azure_network_watcher_vnet - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=azure_network_watcher_vnet

@elastic-vault-github-plugin-prod
Copy link

Package bbot - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=bbot

@elastic-vault-github-plugin-prod
Copy link

Package cybereason - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=cybereason

@elastic-vault-github-plugin-prod
Copy link

Package digital_guardian - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=digital_guardian

@elastic-vault-github-plugin-prod
Copy link

Package entityanalytics_ad - 0.3.1 containing this change is available at https://epr.elastic.co/search?package=entityanalytics_ad

@elastic-vault-github-plugin-prod
Copy link

Package falco - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=falco

@elastic-vault-github-plugin-prod
Copy link

Package gigamon - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=gigamon

@elastic-vault-github-plugin-prod
Copy link

Package gitlab - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=gitlab

@elastic-vault-github-plugin-prod
Copy link

Package opencanary - 0.1.2 containing this change is available at https://epr.elastic.co/search?package=opencanary

@elastic-vault-github-plugin-prod
Copy link

Package pps - 0.1.2 containing this change is available at https://epr.elastic.co/search?package=pps

@elastic-vault-github-plugin-prod
Copy link

Package prisma_access - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=prisma_access

@elastic-vault-github-plugin-prod
Copy link

Package proofpoint_on_demand - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=proofpoint_on_demand

@elastic-vault-github-plugin-prod
Copy link

Package spycloud - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=spycloud

@elastic-vault-github-plugin-prod
Copy link

Package sublime_security - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=sublime_security

@elastic-vault-github-plugin-prod
Copy link

Package symantec_endpoint_security - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=symantec_endpoint_security

@elastic-vault-github-plugin-prod
Copy link

Package teleport - 1.0.0 containing this change is available at https://epr.elastic.co/search?package=teleport

@elastic-vault-github-plugin-prod
Copy link

Package watchguard_firebox - 1.0.1 containing this change is available at https://epr.elastic.co/search?package=watchguard_firebox

@nicpenning
Copy link
Contributor

FYI BBOT is not quite ready for GA. There is another community member working on a 1.0.0 release that supports the latest 2.0 BBOT release with significant changes that should address modern BBOT use and using http endpoint input type.

https://github.com/routedlogic/integrations/tree/bbot-v2

@kcreddy kcreddy mentioned this pull request Oct 18, 2024
Merged
4 tasks
@andrewkroh andrewkroh mentioned this pull request Jan 27, 2025
Closed
1 task
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@narph
Migrate security service packages to GA (elastic#11210)
3825fff 
* Update package version to 1.0.0

* update PR link

* update PR link

* small updates in docs

* small updates in docs

* small updates in docs

* make path field required for OpenCanary

* Add event.kind to missing integrations

* address feedback

* update changelog

* fix mapping

* remove event.kind from base_fields

* update data stream list

* update docs
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@narph
Migrate security service packages to GA (elastic#11210)
32324fd 
* Update package version to 1.0.0

* update PR link

* update PR link

* small updates in docs

* small updates in docs

* small updates in docs

* make path field required for OpenCanary

* Add event.kind to missing integrations

* address feedback

* update changelog

* fix mapping

* remove event.kind from base_fields

* update data stream list

* update docs
@kcreddy kcreddy mentioned this pull request May 28, 2025
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kgeller kgeller kgeller left review comments

@jamiehynds jamiehynds jamiehynds left review comments

@andrewkroh andrewkroh andrewkroh approved these changes

@kcreddy kcreddy kcreddy approved these changes

@efd6 efd6 Awaiting requested review from efd6

Assignees

@narph narph

Labels
Integration:abnormal_security Abnormal AI Integration:authentik authentik Integration:azure_network_watcher_nsg Azure Network Watcher NSG Integration:azure_network_watcher_vnet Azure Network Watcher VNet Integration:bbot BBOT (Bighuge BLS OSINT Tool) (Community supported) Integration:cybereason Cybereason Integration:digital_guardian Digital Guardian Integration:entityanalytics_ad Active Directory Entity Analytics Integration:falco Falco Integration:gigamon Gigamon (Partner supported) Integration:gitlab GitLab Integration:opencanary OpenCanary (Community supported) Integration:pps Pleasant Password Server (Community supported) Integration:prisma_access Palo Alto Prisma Access Integration:proofpoint_on_demand Proofpoint On Demand Integration:spycloud SpyCloud Enterprise Protection (Partner supported) Integration:sublime_security Sublime Security Integration:symantec_endpoint_security Symantec Endpoint Security Integration:teleport Teleport Integration:watchguard_firebox WatchGuard Firebox Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices] Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Migrate security service integrations to GA
8 participants
@narph @elasticmachine @nicpenning @andrewkroh @kgeller @kcreddy @jamiehynds @efd6