diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 140ccf9d73f..a7237f0b031 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -20,7 +20,7 @@ CHANGELOG* /.ci/ @elastic/elastic-agent-data-plane /.github/ @elastic/elastic-agent-data-plane -/auditbeat/ @elastic/security-external-integrations +/auditbeat/ @elastic/sec-linux-platform /deploy/ @elastic/elastic-agent-data-plane /deploy/kubernetes @elastic/elastic-agent-data-plane @elastic/obs-cloudnative-monitoring /dev-tools/ @elastic/elastic-agent-data-plane @@ -28,10 +28,10 @@ CHANGELOG* /docs/ @elastic/elastic-agent-data-plane /filebeat @elastic/elastic-agent-data-plane /filebeat/docs/ # Listed without an owner to avoid maintaining doc ownership for each input and module. -/filebeat/input/syslog/ @elastic/security-external-integrations -/filebeat/input/winlog/ @elastic/security-external-integrations +/filebeat/input/syslog/ @elastic/sec-deployment-and-devices +/filebeat/input/winlog/ @elastic/sec-windows-platform /filebeat/module/apache @elastic/obs-infraobs-integrations -/filebeat/module/auditd @elastic/security-external-integrations +/filebeat/module/auditd @elastic/sec-linux-platform /filebeat/module/elasticsearch/ @elastic/infra-monitoring-ui /filebeat/module/haproxy @elastic/obs-infraobs-integrations /filebeat/module/icinga # TODO: find right team @@ -40,14 +40,14 @@ CHANGELOG* /filebeat/module/kibana/ @elastic/infra-monitoring-ui /filebeat/module/logstash/ @elastic/infra-monitoring-ui /filebeat/module/mongodb @elastic/obs-infraobs-integrations -/filebeat/module/mysql @elastic/security-external-integrations +/filebeat/module/mysql @elastic/obs-infraobs-integrations /filebeat/module/nats @elastic/obs-infraobs-integrations /filebeat/module/nginx @elastic/obs-infraobs-integrations -/filebeat/module/osquery @elastic/security-external-integrations -/filebeat/module/pensando @elastic/security-external-integrations +/filebeat/module/osquery @elastic/sec-deployment-and-devices +/filebeat/module/pensando @elastic/sec-deployment-and-devices /filebeat/module/postgresql @elastic/obs-infraobs-integrations /filebeat/module/redis @elastic/obs-infraobs-integrations -/filebeat/module/santa @elastic/security-external-integrations +/filebeat/module/santa @elastic/security-service-integrations /filebeat/module/system @elastic/elastic-agent-data-plane /filebeat/module/traefik # TODO: find right team /heartbeat/ @elastic/obs-ds-hosted-services @@ -55,13 +55,13 @@ CHANGELOG* /libbeat/ @elastic/elastic-agent-data-plane /libbeat/docs/processors-list.asciidoc @elastic/ingest-docs /libbeat/management @elastic/elastic-agent-control-plane -/libbeat/processors/cache/ @elastic/security-external-integrations -/libbeat/processors/community_id/ @elastic/security-external-integrations -/libbeat/processors/decode_xml/ @elastic/security-external-integrations -/libbeat/processors/decode_xml_wineventlog/ @elastic/security-external-integrations -/libbeat/processors/dns/ @elastic/security-external-integrations -/libbeat/processors/registered_domain/ @elastic/security-external-integrations -/libbeat/processors/translate_sid/ @elastic/security-external-integrations +/libbeat/processors/cache/ @elastic/security-service-integrations +/libbeat/processors/community_id/ @elastic/sec-deployment-and-devices +/libbeat/processors/decode_xml/ @elastic/security-service-integrations +/libbeat/processors/decode_xml_wineventlog/ @elastic/sec-windows-platform +/libbeat/processors/dns/ @elastic/sec-deployment-and-devices +/libbeat/processors/registered_domain/ @elastic/sec-deployment-and-devices +/libbeat/processors/translate_sid/ @elastic/sec-windows-platform /libbeat/processors/add_cloud_metadata @elastic/obs-cloud-monitoring /libbeat/processors/add_kubernetes_metadata @elastic/obs-cloudnative-monitoring /licenses/ @elastic/elastic-agent-data-plane @@ -96,82 +96,82 @@ CHANGELOG* /metricbeat/module/system/ @elastic/elastic-agent-data-plane /metricbeat/module/vsphere @elastic/obs-infraobs-integrations /metricbeat/module/zookeeper @elastic/obs-infraobs-integrations -/packetbeat/ @elastic/security-external-integrations +/packetbeat/ @elastic/sec-linux-platform /script/ @elastic/elastic-agent-data-plane /testing/ @elastic/elastic-agent-data-plane /tools/ @elastic/elastic-agent-data-plane -/winlogbeat/ @elastic/security-external-integrations -/x-pack/auditbeat/ @elastic/security-external-integrations +/winlogbeat/ @elastic/sec-windows-platform +/x-pack/auditbeat/ @elastic/sec-linux-platform /x-pack/elastic-agent/ @elastic/elastic-agent-control-plane /x-pack/filebeat @elastic/elastic-agent-data-plane /x-pack/filebeat/docs/ # Listed without an owner to avoid maintaining doc ownership for each input and module. /x-pack/filebeat/input/awscloudwatch/ @elastic/obs-cloud-monitoring /x-pack/filebeat/input/awss3/ @elastic/obs-cloud-monitoring -/x-pack/filebeat/input/azureblobstorage/ @elastic/security-external-integrations +/x-pack/filebeat/input/azureblobstorage/ @elastic/security-service-integrations /x-pack/filebeat/input/azureeventhub/ @elastic/obs-cloud-monitoring -/x-pack/filebeat/input/cel/ @elastic/security-external-integrations +/x-pack/filebeat/input/cel/ @elastic/security-service-integrations /x-pack/filebeat/input/cometd/ @elastic/obs-infraobs-integrations -/x-pack/filebeat/input/entityanalytics/ @elastic/security-external-integrations -/x-pack/filebeat/input/gcppubsub/ @elastic/security-external-integrations -/x-pack/filebeat/input/gcs/ @elastic/security-external-integrations -/x-pack/filebeat/input/http_endpoint/ @elastic/security-external-integrations -/x-pack/filebeat/input/httpjson/ @elastic/security-external-integrations -/x-pack/filebeat/input/internal/httplog @elastic/security-external-integrations -/x-pack/filebeat/input/internal/httpmon @elastic/security-external-integrations -/x-pack/filebeat/input/lumberjack/ @elastic/security-external-integrations -/x-pack/filebeat/input/netflow/ @elastic/security-external-integrations -/x-pack/filebeat/input/o365audit/ @elastic/security-external-integrations +/x-pack/filebeat/input/entityanalytics/ @elastic/security-service-integrations +/x-pack/filebeat/input/gcppubsub/ @elastic/security-service-integrations +/x-pack/filebeat/input/gcs/ @elastic/security-service-integrations +/x-pack/filebeat/input/http_endpoint/ @elastic/security-service-integrations +/x-pack/filebeat/input/httpjson/ @elastic/security-service-integrations +/x-pack/filebeat/input/internal/httplog @elastic/security-service-integrations +/x-pack/filebeat/input/internal/httpmon @elastic/security-service-integrations +/x-pack/filebeat/input/lumberjack/ @elastic/security-service-integrations +/x-pack/filebeat/input/netflow/ @elastic/sec-deployment-and-devices +/x-pack/filebeat/input/o365audit/ @elastic/security-service-integrations /x-pack/filebeat/module/activemq @elastic/obs-infraobs-integrations /x-pack/filebeat/module/aws @elastic/obs-cloud-monitoring /x-pack/filebeat/module/awsfargate @elastic/obs-cloud-monitoring /x-pack/filebeat/module/azure @elastic/obs-cloud-monitoring -/x-pack/filebeat/module/barracuda @elastic/security-external-integrations -/x-pack/filebeat/module/bluecoat @elastic/security-external-integrations -/x-pack/filebeat/module/cef @elastic/security-external-integrations -/x-pack/filebeat/module/checkpoint @elastic/security-external-integrations -/x-pack/filebeat/module/cisco @elastic/security-external-integrations -/x-pack/filebeat/module/coredns @elastic/security-external-integrations -/x-pack/filebeat/module/crowdstrike @elastic/security-external-integrations -/x-pack/filebeat/module/cyberarkpas @elastic/security-external-integrations -/x-pack/filebeat/module/cylance @elastic/security-external-integrations -/x-pack/filebeat/module/envoyproxy @elastic/security-external-integrations -/x-pack/filebeat/module/f5 @elastic/security-external-integrations -/x-pack/filebeat/module/fortinet @elastic/security-external-integrations -/x-pack/filebeat/module/gcp @elastic/security-external-integrations -/x-pack/filebeat/module/google_workspace @elastic/security-external-integrations +/x-pack/filebeat/module/barracuda @elastic/security-service-integrations +/x-pack/filebeat/module/bluecoat @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/cef @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/checkpoint @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/cisco @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/coredns @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/crowdstrike @elastic/security-service-integrations +/x-pack/filebeat/module/cyberarkpas @elastic/security-service-integrations +/x-pack/filebeat/module/cylance @elastic/security-service-integrations +/x-pack/filebeat/module/envoyproxy @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/f5 @elastic/security-service-integrations +/x-pack/filebeat/module/fortinet @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/gcp @elastic/security-service-integrations +/x-pack/filebeat/module/google_workspace @elastic/security-service-integrations /x-pack/filebeat/module/ibmmq @elastic/obs-infraobs-integrations -/x-pack/filebeat/module/imperva @elastic/security-external-integrations -/x-pack/filebeat/module/infoblox @elastic/security-external-integrations -/x-pack/filebeat/module/iptables @elastic/security-external-integrations -/x-pack/filebeat/module/juniper @elastic/security-external-integrations -/x-pack/filebeat/module/microsoft @elastic/security-external-integrations -/x-pack/filebeat/module/misp @elastic/security-external-integrations +/x-pack/filebeat/module/imperva @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/infoblox @elastic/security-service-integrations +/x-pack/filebeat/module/iptables @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/juniper @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/microsoft @elastic/sec-windows-platform +/x-pack/filebeat/module/misp @elastic/security-service-integrations /x-pack/filebeat/module/mssql @elastic/obs-infraobs-integrations -/x-pack/filebeat/module/mysqlenterprise @elastic/security-external-integrations -/x-pack/filebeat/module/netflow @elastic/security-external-integrations -/x-pack/filebeat/module/netscout @elastic/security-external-integrations -/x-pack/filebeat/module/o365 @elastic/security-external-integrations -/x-pack/filebeat/module/okta @elastic/security-external-integrations -/x-pack/filebeat/module/oracle @elastic/security-external-integrations -/x-pack/filebeat/module/panw @elastic/security-external-integrations -/x-pack/filebeat/module/proofpoint @elastic/security-external-integrations +/x-pack/filebeat/module/mysqlenterprise @elastic/sec-windows-platform +/x-pack/filebeat/module/netflow @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/netscout @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/o365 @elastic/security-service-integrations +/x-pack/filebeat/module/okta @elastic/security-service-integrations +/x-pack/filebeat/module/oracle @elastic/obs-infraobs-integrations +/x-pack/filebeat/module/panw @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/proofpoint @elastic/security-service-integrations /x-pack/filebeat/module/rabbitmq @elastic/obs-infraobs-integrations -/x-pack/filebeat/module/radware @elastic/security-external-integrations +/x-pack/filebeat/module/radware @elastic/sec-deployment-and-devices /x-pack/filebeat/module/salesforce @elastic/obs-infraobs-integrations -/x-pack/filebeat/module/snort @elastic/security-external-integrations -/x-pack/filebeat/module/snyk @elastic/security-external-integrations -/x-pack/filebeat/module/sonicwall @elastic/security-external-integrations -/x-pack/filebeat/module/sophos @elastic/security-external-integrations -/x-pack/filebeat/module/squid @elastic/security-external-integrations -/x-pack/filebeat/module/suricata @elastic/security-external-integrations -/x-pack/filebeat/module/threatintel @elastic/security-external-integrations -/x-pack/filebeat/module/tomcat @elastic/security-external-integrations -/x-pack/filebeat/module/zeek @elastic/security-external-integrations +/x-pack/filebeat/module/snort @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/snyk @elastic/security-service-integrations +/x-pack/filebeat/module/sonicwall @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/sophos @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/squid @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/suricata @elastic/sec-deployment-and-devices +/x-pack/filebeat/module/threatintel @elastic/security-service-integrations +/x-pack/filebeat/module/tomcat @elastic/obs-infraobs-integrations +/x-pack/filebeat/module/zeek @elastic/sec-deployment-and-devices /x-pack/filebeat/module/zookeeper @elastic/obs-infraobs-integrations -/x-pack/filebeat/module/zoom @elastic/security-external-integrations -/x-pack/filebeat/module/zscaler @elastic/security-external-integrations -/x-pack/filebeat/modules.d/zoom.yml.disabled @elastic/security-external-integrations -/x-pack/filebeat/processors/decode_cef/ @elastic/security-external-integrations +/x-pack/filebeat/module/zoom @elastic/security-service-integrations +/x-pack/filebeat/module/zscaler @elastic/security-service-integrations +/x-pack/filebeat/modules.d/zoom.yml.disabled @elastic/security-service-integrations +/x-pack/filebeat/processors/decode_cef/ @elastic/sec-deployment-and-devices /x-pack/heartbeat/ @elastic/obs-ds-hosted-services /x-pack/metricbeat/ @elastic/elastic-agent-data-plane /x-pack/metricbeat/docs/ # Listed without an owner to avoid maintaining doc ownership for each input and module. @@ -186,7 +186,7 @@ CHANGELOG* /x-pack/metricbeat/module/containerd/ @elastic/obs-cloudnative-monitoring /x-pack/metricbeat/module/coredns @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/enterprisesearch @elastic/ent-search-application-backend -/x-pack/metricbeat/module/gcp @elastic/obs-ds-hosted-services @elastic/obs-infraobs-integrations @elastic/security-external-integrations +/x-pack/metricbeat/module/gcp @elastic/obs-ds-hosted-services @elastic/obs-infraobs-integrations @elastic/security-service-integrations /x-pack/metricbeat/module/gcp/billing @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/gcp/cloudrun_metrics @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/gcp/cloudsql_mysql @elastic/obs-infraobs-integrations @@ -195,16 +195,16 @@ CHANGELOG* /x-pack/metricbeat/module/gcp/carbon @elastic/obs-ds-hosted-services /x-pack/metricbeat/module/gcp/compute @elastic/obs-ds-hosted-services /x-pack/metricbeat/module/gcp/dataproc @elastic/obs-infraobs-integrations -/x-pack/metricbeat/module/gcp/dns @elastic/security-external-integrations +/x-pack/metricbeat/module/gcp/dns @elastic/security-service-integrations /x-pack/metricbeat/module/gcp/firestore @elastic/obs-infraobs-integrations -/x-pack/metricbeat/module/gcp/firewall @elastic/security-external-integrations +/x-pack/metricbeat/module/gcp/firewall @elastic/security-service-integrations /x-pack/metricbeat/module/gcp/gke @elastic/obs-ds-hosted-services /x-pack/metricbeat/module/gcp/loadbalancing_logs @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/gcp/loadbalancing_metrics @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/gcp/pubsub @elastic/obs-ds-hosted-services /x-pack/metricbeat/module/gcp/redis @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/gcp/storage @elastic/obs-ds-hosted-services -/x-pack/metricbeat/module/gcp/vpcflow @elastic/security-external-integrations +/x-pack/metricbeat/module/gcp/vpcflow @elastic/security-service-integrations /x-pack/metricbeat/module/ibmmq @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/iis @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/istio/ @elastic/obs-cloudnative-monitoring @@ -216,7 +216,7 @@ CHANGELOG* /x-pack/metricbeat/module/statsd @elastic/obs-infraobs-integrations /x-pack/metricbeat/module/stan/ @elastic/obs-cloudnative-monitoring /x-pack/metricbeat/module/tomcat @elastic/obs-infraobs-integrations -/x-pack/osquerybeat/ @elastic/security-external-integrations -/x-pack/packetbeat/ @elastic/security-external-integrations -/x-pack/winlogbeat/ @elastic/security-external-integrations -/x-pack/libbeat/reader/parquet/ @elastic/security-external-integrations +/x-pack/osquerybeat/ @elastic/sec-deployment-and-devices +/x-pack/packetbeat/ @elastic/sec-linux-platform +/x-pack/winlogbeat/ @elastic/sec-windows-platform +/x-pack/libbeat/reader/parquet/ @elastic/security-service-integrations diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 994a24bfb49..304f3add387 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -29,7 +29,7 @@ updates: - dependency-name: go.elastic.co/go-licence-detector # Team:Service-Integrations - dependency-name: github.com/elastic/bayeux - # Team:Security-External Integrations + # Team:Security-Linux Platform - dependency-name: github.com/elastic/go-libaudit/* - dependency-name: github.com/elastic/go-perf - dependency-name: github.com/elastic/go-seccomp-bpf