Skip to content

Set sensitive values as secret - Part 1 #8725

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Feb 14, 2024
Merged

Set sensitive values as secret - Part 1 #8725

merged 3 commits into from
Feb 14, 2024

Conversation

taylor-swanson
Copy link
Contributor

@taylor-swanson taylor-swanson commented Dec 13, 2023
edited
Loading

Proposed commit message

  • Set sensitive values as secret in integrations.
  • Updated package-spec to 3.0.2 in most packages to leverage secrets validation checks.
  • Certain packages required fixes to mappings (due to missing or incorrect mappings).
  • Certain packages were not able to go to package-spec 3.0.2 due issues with dynamic mappings. These have been held back at 3.0.0.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Related issues

  • Relates elastic/security-team#7388

@taylor-swanson taylor-swanson self-assigned this Dec 13, 2023
@elasticmachine
Copy link

elasticmachine commented Dec 14, 2023
edited
Loading

🚀 Benchmarks report

Package atlassian_jira 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 3861 2976.19 -884.81 (-22.92%) 💔

Package auth0 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
logs 4065.04 2320.19 -1744.85 (-42.92%) 💔

Package bitdefender 👍(1) 💚(0) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
push_configuration 33333.33 26315.79 -7017.54 (-21.05%) 💔
push_statistics 66666.67 45454.55 -21212.12 (-31.82%) 💔

Package bitwarden 👍(2) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
collection 31250 17241.38 -14008.62 (-44.83%) 💔
member 10869.57 8547.01 -2322.56 (-21.37%) 💔

Package box_events 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
events 3267.97 2439.02 -828.95 (-25.37%) 💔

Package carbon_black_cloud 👍(3) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
endpoint_event 2277.9 1733.1 -544.8 (-23.92%) 💔

Package cisco_duo 👍(2) 💚(1) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
admin 4694.84 2958.58 -1736.26 (-36.98%) 💔
telephony 52631.58 32258.06 -20373.52 (-38.71%) 💔

Package cisco_meraki 👍(0) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
events 6711.41 4975.12 -1736.29 (-25.87%) 💔

Package cloudflare 👍(1) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
audit 2994.01 2325.58 -668.43 (-22.33%) 💔

Package crowdstrike 👍(0) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
falcon 9708.74 3322.26 -6386.48 (-65.78%) 💔

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

elasticmachine commented Dec 14, 2023
edited
Loading

💔 Tests Failed

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-12-14T20:44:22.514+0000

  • Duration: 39 min 3 sec

Test stats 🧪

Test Results
Failed 27
Passed 1245
Skipped 0
Total 1272

Test errors 27

Expand to view the tests failures

> Show only the first 10 test failures

Check integrations / o365 / o365: check / pipeline test: test-azuread-events.json – o365.audit
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] parsing field value failed: field "o365.audit.Actor.Type" value "5" (float64): expected string or array of strings
[1] parsing field value failed: [0] parsing field value failed: field "o365.audit.Target.Type" value "2" (float64): expected string or array of strings

Check integrations / o365 / o365: check / pipeline test: test-azuread-sts-logon-events.json – o365.audit
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] parsing field value failed: field "o365.audit.Actor.Type" value "0" (float64): expected string or array of strings
[1] parsing field value failed: [0] parsing field value failed: field "o365.audit.Target.Type" value "0" (float64): expected string or array of strings

Check integrations / o365 / o365: check / pipeline test: test-parameter-string.json – o365.audit
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] parsing field value failed: field "o365.audit.Actor.Type" value "0" (float64): expected string or array of strings
[1] parsing field value failed: [0] parsing field value failed: field "o365.audit.Target.Type" value "0" (float64): expected string or array of strings

Check integrations / m365_defender / m365_defender: check / static test: Verify sample_event.json – m365_defender.incident
    Expand to view the error details

     null

    Expand to view the stacktrace

     one or more errors found in document: [0] parsing field value failed: [0] field "m365_defender.incident.alert.evidence.odata_type" is undefined

Check integrations / tanium / tanium: check / pipeline test: test-threat-response.log – tanium.threat_response
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] parsing field value failed: [0] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.relevant_actions.target.instance_hash" is undefined
[1] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.user.group_id" is undefined
[2] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.start_time" is undefined
[3] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.tanium_unique_id" is undefined
[4] parsing field value failed: [0] parsing field value failed: field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.intel_intra_ids.id" value "8.50394582e+08" (float64): expected string or array of strings
[1] parsing field value failed: [0] parsing field value failed: [0] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.relevant_actions.target.instance_hash" is undefined
[1] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.user.group_id" is undefined
[2] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.tanium_unique_id" is undefined
[3] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.start_time" is undefined
[4] parsing field value failed: [0] parsing field value failed: field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.intel_intra_ids.id" value "8.50394582e+08" (float64): expected string or array of strings
[2] parsing field value failed: [0] parsing field value failed: [0] parsing field value failed: field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.intel_intra_ids.id" value "8.50394582e+08" (float64): expected string or array of strings
[1] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.tanium_unique_id" is undefined
[2] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.start_time" is undefined
[3] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.user.group_id" is undefined
[4] parsing field value failed: [0] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.relevant_actions.target.instance_hash" is undefined
[3] parsing field value failed: [0] parsing field value failed: [0] parsing field value failed: field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.intel_intra_ids.id" value "8.50394582e+08" (float64): expected string or array of strings
[1] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.user.group_id" is undefined
[2] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.tanium_unique_id" is undefined
[3] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.start_time" is undefined
[4] parsing field value failed: [0] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.relevant_actions.target.instance_hash" is undefined
[4] parsing field value failed: [0] parsing field value failed: [0] parsing field value failed: field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.intel_intra_ids.id" value "8.50394582e+08" (float64): expected string or array of strings
[1] parsing field value failed: [0] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.relevant_actions.target.instance_hash" is undefined
[2] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.start_time" is undefined
[3] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.tanium_unique_id" is undefined
[4] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.user.group_id" is undefined
[5] parsing field value failed: [0] parsing field value failed: [0] parsing field value failed: field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.intel_intra_ids.id" value "8.50394582e+08" (float64): expected string or array of strings
[1] parsing field value failed: [0] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.relevant_actions.target.instance_hash" is undefined
[2] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.tanium_unique_id" is undefined
[3] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.start_time" is undefined
[4] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.user.group_id" is undefined
[6] parsing field value failed: [0] parsing field value failed: [0] parsing field value failed: field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.intel_intra_ids.id" value "8.50394582e+08" (float64): expected string or array of strings
[1] parsing field value failed: [0] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.relevant_actions.target.instance_hash" is undefined
[2] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.user.group_id" is undefined
[3] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.start_time" is undefined
[4] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.tanium_unique_id" is undefined
[7] parsing field value failed: [0] parsing field value failed: [0] parsing field value failed: field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.intel_intra_ids.id" value "8.50394582e+08" (float64): expected string or array of strings
[1] parsing field value failed: [0] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.relevant_actions.target.instance_hash" is undefined
[2] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.user.group_id" is undefined
[3] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.tanium_unique_id" is undefined
[4] field "tanium.threat_response.other_parameters.log_details.payload_decoded.finding.whats.artifact_activity.acting_artifact.process.parent.process.parent.process.start_time" is undefined

Check integrations / darktrace / darktrace: check / pipeline test: test-model-breach-alert.log – darktrace.model_breach_alert
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] parsing field value failed: [0] parsing field value failed: field "darktrace.model_breach_alert.triggered_components.triggered_filters.arguments.value" value "12" (float64): expected string or array of strings
[1] field "darktrace.model_breach_alert.triggered_components.triggered_filters.trigger.tag.is_referenced" is undefined
[1] parsing field value failed: [0] parsing field value failed: [0] parsing field value failed: field "darktrace.model_breach_alert.triggered_components.triggered_filters.arguments.value" value "60" (float64): expected string or array of strings

Check integrations / github / github: check / pipeline test: test-ghas-dependabot-json.log – github.dependabot
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] field "github.dependabot.security_advisory.cwes.cweId" is undefined

Check integrations / sophos_central / sophos_central: check / pipeline test: test-pipeline-activity.log – sophos_central.alert
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] field "sophos_central.alert.data.core_remedy.items.descriptor" is undefined

Check integrations / sophos_central / sophos_central: check / pipeline test: test-user-formats.log – sophos_central.alert
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] field "sophos_central.alert.data.core_remedy.items.descriptor" is undefined

Check integrations / crowdstrike / crowdstrike: check / pipeline test: test-falcon-audit-events.log – crowdstrike.falcon
    Expand to view the error details

     null

    Expand to view the stacktrace

     test case failed: one or more problems with fields found in documents: [0] parsing field value failed: [0] field "crowdstrike.event.AuditKeyValues.ValueString" is undefined
[1] field "crowdstrike.event.AuditKeyValues.Key" is undefined

Steps errors 39

Expand to view the steps failures

Show only the first 10 steps failures

Test integration: tanium
  • Took 0 min 11 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
Test integration: tenable_sc
  • Took 11 min 37 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
Test integration: ti_anomali
  • Took 2 min 20 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
Test integration: tines
  • Took 2 min 31 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
Test integration: trellix_edr_cloud
  • Took 4 min 8 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
Test integration: trend_micro_vision_one
  • Took 0 min 6 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
Test integration: zeek
  • Took 1 min 10 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
Test integration: zoom
  • Took 1 min 5 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
Test integration: zscaler_zia
  • Took 3 min 49 sec . View more details here
  • Description: eval "$(../../build/elastic-package stack shellinit)" ../../build/elastic-package test -v --report-format xUnit --report-output file --test-coverage
elastic-package report benchmark
  • Took 0 min 0 sec . View more details here
  • Description: elastic-package report benchmark --fail-on-missing=false --new="build/benchmark-results" --old="build/main/benchmark-results" --threshold=15 --report-output-path="report.md" --full=false

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@elasticmachine
Copy link

elasticmachine commented Dec 14, 2023
edited
Loading

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 100.0% (171/171) 💚
Files 94.862% (240/253)
Classes 94.862% (240/253)
Methods 94.947% (2424/2553)
Lines 83.908% (73013/87016)
Conditionals 100.0% (0/0) 💚

@mrodm
Copy link
Collaborator

mrodm commented Dec 21, 2023

Hi @taylor-swanson, please update your branch with the latest contents from main branch. There was an important PR merged updating the CI pipelines. Thanks!

@taylor-swanson taylor-swanson changed the title Set sensitive values as secret [SEI] Set sensitive values as secret Jan 4, 2024
@narph narph added Team:Security-Scalability Security Integrations Scalability team and removed Team:Security-External Integrations labels Jan 29, 2024
@taylor-swanson
Copy link
Contributor Author

/test

@taylor-swanson taylor-swanson marked this pull request as ready for review February 2, 2024 19:20
@taylor-swanson taylor-swanson requested review from a team as code owners February 2, 2024 19:20
@elasticmachine
Copy link

Pinging @elastic/security-scalability (Team:Security-Scalability)

@taylor-swanson taylor-swanson mentioned this pull request Feb 7, 2024
Closed
@taylor-swanson
Copy link
Contributor Author

I think I'm going to split this PR into smaller chunks. At the very least by codeowner and further by groups of 20 or so packages (like ECS updates).

@taylor-swanson taylor-swanson changed the title [SEI] Set sensitive values as secret Set sensitive values as secret - Part 1 Feb 12, 2024
@taylor-swanson taylor-swanson removed the request for review from a team February 12, 2024 16:39
@taylor-swanson taylor-swanson added Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] and removed Team:Security-Scalability Security Integrations Scalability team labels Feb 12, 2024
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

efd6
efd6 reviewed Feb 12, 2024
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we also be considering ssl configurations since they may include keys. Also tenant IDs (leaning towards paranoia).

packages/amazon_security_lake/data_stream/event/fields/fields.yml Outdated
@@ -4492,7 +4492,7 @@
type: group
fields:
- name: classification_ids
type: keyword
type: integer
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why has this been changed? IDs are usually considered non-orderable.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah this was the wrong move. I didn't see that there was a processor that was supposed to convert the this field, but it's not getting triggered on the pipeline test case that is failing:

FAILURE DETAILS:
amazon_security_lake/event test-system-activity.log:
[0] parsing field value failed: [0] parsing field value failed: field "ocsf.malware.classification_ids" value "[17 2]" ([]interface {}): expected string or array of strings


╭──────────────────────┬─────────────┬───────────┬───────────────────────────────┬─────────────────────────────────────────────────────────────────────────────┬──────────────╮
│ PACKAGE              │ DATA STREAM │ TEST TYPE │ TEST NAME                     │ RESULT                                                                      │ TIME ELAPSED │
├──────────────────────┼─────────────┼───────────┼───────────────────────────────┼─────────────────────────────────────────────────────────────────────────────┼──────────────┤
│ amazon_security_lake │ event       │ pipeline  │ test-application-activity.log │ PASS                                                                        │  44.295852ms │
│ amazon_security_lake │ event       │ pipeline  │ test-discovery.log            │ PASS                                                                        │   7.062222ms │
│ amazon_security_lake │ event       │ pipeline  │ test-findings.log             │ PASS                                                                        │   9.071077ms │
│ amazon_security_lake │ event       │ pipeline  │ test-iam.log                  │ PASS                                                                        │  16.257727ms │
│ amazon_security_lake │ event       │ pipeline  │ test-network-activity.log     │ PASS                                                                        │  57.253258ms │
│ amazon_security_lake │ event       │ pipeline  │ test-system-activity.log      │ FAIL: test case failed: one or more problems with fields found in documents │  48.515694ms │
╰──────────────────────┴─────────────┴───────────┴───────────────────────────────┴─────────────────────────────────────────────────────────────────────────────┴──────────────╯

Looking at the event that is failing, it has (perhaps among other things) a class_id that doesn't match the required list in the default pipeline, so the malware sub-pipeline isn't being executed. I don't have enough context here to know how to fix this problem, so I've downgraded pkg-spec to 3.0.0 so the validation doesn't kick in. It'll have to be addressed in a separate issue.

@taylor-swanson
Copy link
Contributor Author

/test

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @taylor-swanson

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No Coverage information No data about Coverage
0.0% 0.0% Duplication on New Code

See analysis details on SonarQube

efd6
efd6 approved these changes Feb 14, 2024
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apparently SSL keys handling will be a target of future work.

@elasticmachine
Copy link

Package cel - 1.9.0 containing this change is available at https://epr.elastic.co/search?package=cel

@elasticmachine
Copy link

Package cisco_duo - 1.22.0 containing this change is available at https://epr.elastic.co/search?package=cisco_duo

@elasticmachine
Copy link

Package cisco_meraki - 1.21.0 containing this change is available at https://epr.elastic.co/search?package=cisco_meraki

@elasticmachine
Copy link

Package cisco_secure_endpoint - 2.25.0 containing this change is available at https://epr.elastic.co/search?package=cisco_secure_endpoint

@elasticmachine
Copy link

Package cisco_umbrella - 1.22.0 containing this change is available at https://epr.elastic.co/search?package=cisco_umbrella

@elasticmachine
Copy link

Package cloudflare - 2.24.0 containing this change is available at https://epr.elastic.co/search?package=cloudflare

@elasticmachine
Copy link

Package cloudflare_logpush - 1.18.0 containing this change is available at https://epr.elastic.co/search?package=cloudflare_logpush

@elasticmachine
Copy link

Package crowdstrike - 1.30.0 containing this change is available at https://epr.elastic.co/search?package=crowdstrike

@taylor-swanson taylor-swanson mentioned this pull request Feb 22, 2024
Merged
4 tasks
@andrewkroh andrewkroh added Integration:atlassian_jira Atlassian Jira (Community supported) Integration:azure_frontdoor Azure Frontdoor (Community supported) Integration:cisco_umbrella Cisco Umbrella Integration:amazon_security_lake Amazon Security Lake Integration:cel Custom API using Common Expression Language Integration:cisco_duo Cisco Duo Integration:cloudflare Cloudflare (Community supported) Integration:cloudflare_logpush Cloudflare Logpush Integration:cisco_secure_endpoint Cisco Secure Endpoint Integration:crowdstrike CrowdStrike Integration:atlassian_bitbucket Atlassian Bitbucket (Community supported) Integration:auth0 Auth0 Integration:azure_blob_storage Custom Azure Blob Storage Input Integration:bitwarden Bitwarden Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:cisco_meraki Cisco Meraki Integration:1password 1Password (Partner supported) Integration:akamai Akamai (Community supported) Integration:atlassian_confluence Atlassian Confluence (Community supported) Integration:bitdefender BitDefender (Community supported) Integration:box_events Box Events labels Jul 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

@taylor-swanson taylor-swanson

Labels
enhancement New feature or request Integration:akamai Akamai (Community supported) Integration:amazon_security_lake Amazon Security Lake Integration:atlassian_bitbucket Atlassian Bitbucket (Community supported) Integration:atlassian_confluence Atlassian Confluence (Community supported) Integration:atlassian_jira Atlassian Jira (Community supported) Integration:auth0 Auth0 Integration:azure_blob_storage Custom Azure Blob Storage Input Integration:azure_frontdoor Azure Frontdoor (Community supported) Integration:bitdefender BitDefender (Community supported) Integration:bitwarden Bitwarden Integration:box_events Box Events Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:cel Custom API using Common Expression Language Integration:cisco_duo Cisco Duo Integration:cisco_meraki Cisco Meraki Integration:cisco_secure_endpoint Cisco Secure Endpoint Integration:cisco_umbrella Cisco Umbrella Integration:cloudflare_logpush Cloudflare Logpush Integration:cloudflare Cloudflare (Community supported) Integration:crowdstrike CrowdStrike Integration:1password 1Password (Partner supported) Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@taylor-swanson @elasticmachine @mrodm @efd6 @narph @andrewkroh