[Filebeat][New Module] Snyk vulnerabilities and audit logs #22677
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
botelastic
bot
added
needs_team
|
This PR is not fully ready yet for review. It requires the updates to the httpjson input, so the config template is not finalized, and the documentation needs to be updated. |
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
💚 Flaky test reportTests succeeded. Expand to view the summary
Test stats 🧪
|
|
jenkins test this |
…ken field mappings and parsing
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
|
the templating delimiters changed in the last minute, so do not merge yet, need to apply changes for #23056 |
|
The updates have now been pushed, some internal teams have already tested the module as well and its working fine. Might want to add some more ECS fields or testing after merge. |
6 tasks
marc-gr
pushed a commit
to marc-gr/beats
that referenced
this pull request
Dec 14, 2020
…2677) * filebeat Snyk module MVP initial commit * initial commit for Snyk filebeat module * adding timestamp exceptions to module test * fixing field definition and updating timestamp field for audit * stashing changes * updating Snyk module to support httpjson v2 input and fixing some broken field mappings and parsing * adding CHANGELOG entry * cleaning up test data * updating testdata * removing duplicate entry in manifest * stashing changes * updating httpjson delimiters and adding the possibility to set first_interval (cherry picked from commit 940e2e5)
marc-gr
added a commit
that referenced
this pull request
Dec 14, 2020
…23102) * filebeat Snyk module MVP initial commit * initial commit for Snyk filebeat module * adding timestamp exceptions to module test * fixing field definition and updating timestamp field for audit * stashing changes * updating Snyk module to support httpjson v2 input and fixing some broken field mappings and parsing * adding CHANGELOG entry * cleaning up test data * updating testdata * removing duplicate entry in manifest * stashing changes * updating httpjson delimiters and adding the possibility to set first_interval (cherry picked from commit 940e2e5) Co-authored-by: Marius Iversen <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Adds support for collecting found vulnerabilities and audit logs from the Snyk API.
Why is it important?
Adds support for new OOTB products to Filebeat.
Checklist
CHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.Related issues