Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Filebeat] Update Threatinteal Anomali pipeline #27141

Merged
merged 1 commit into from
Aug 10, 2021
Merged

[Filebeat] Update Threatinteal Anomali pipeline #27141

merged 1 commit into from
Aug 10, 2021

Conversation

legoguy1000
Copy link
Contributor

@legoguy1000 legoguy1000 commented Jul 29, 2021
edited
Loading

What does this PR do?

Populates the tags field the same way the MISP dataset is populated and populates the threatintel.indicator.provider field like the Abuse URL dataset.

Why is it important?

Standardizes the Threat Intel datasets

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Author's Checklist

  • [ ]

How to test this PR locally

cd beats/x-pack/filebeat
TESTING_FILEBEAT_MODULES=threatintel TESTING_FILEBEAT_FILESETS=anomali mage -v pythonIntegTest

Related issues

Use cases

Screenshots

Logs

@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Jul 29, 2021
@legoguy1000 legoguy1000 force-pushed the 24746-anomili-fields branch from 8e75794 to 18918e6 Compare July 29, 2021 22:44
@elasticmachine
Copy link
Collaborator

elasticmachine commented Jul 29, 2021
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2021-08-06T11:43:09.405+0000

  • Duration: 86 min 1 sec

  • Commit: 141ac7b

Test stats 🧪

Test Results
Failed 0
Passed 7908
Skipped 1201
Total 9109

Trends 🧪

Image of Build Times

Image of Tests

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 7908
Skipped 1201
Total 9109

@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Jul 30, 2021
@mergify
Copy link
Contributor

mergify bot commented Aug 4, 2021

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b 24746-anomili-fields upstream/24746-anomili-fields
git merge upstream/master
git push upstream 24746-anomili-fields

@legoguy1000 legoguy1000 force-pushed the 24746-anomili-fields branch from 18918e6 to 141ac7b Compare August 6, 2021 00:35
@marc-gr
Copy link
Contributor

marc-gr commented Aug 6, 2021

/test

@P1llus P1llus merged commit 7fa146c into elastic:master Aug 10, 2021
@P1llus P1llus added 7.15-candidate backport-v7.15.0 Automated backport with mergify labels Aug 10, 2021
@legoguy1000 legoguy1000 deleted the 24746-anomili-fields branch August 10, 2021 14:06
mergify bot pushed a commit that referenced this pull request Aug 10, 2021
@legoguy1000
#24746: Update Threatinteal Anomali pipeline (#27141)
39fa875 
(cherry picked from commit 7fa146c)
@mergify mergify bot mentioned this pull request Aug 10, 2021
Merged
P1llus added a commit that referenced this pull request Aug 21, 2021
@mergify @legoguy1000 @P1llus
#24746: Update Threatinteal Anomali pipeline (#27141) (#27298)
7c86623 
(cherry picked from commit 7fa146c)

Co-authored-by: Alex Resnick <[email protected]>
Co-authored-by: Marius Iversen <[email protected]>
@P1llus P1llus added backport-v7.15.0 Automated backport with mergify and removed backport-v7.15.0 Automated backport with mergify labels Aug 21, 2021
mergify bot pushed a commit that referenced this pull request Aug 21, 2021
@legoguy1000
#24746: Update Threatinteal Anomali pipeline (#27141)
7666cb3 
(cherry picked from commit 7fa146c)
@mergify mergify bot mentioned this pull request Aug 21, 2021
Merged
P1llus pushed a commit that referenced this pull request Aug 21, 2021
@mergify @legoguy1000
#24746: Update Threatinteal Anomali pipeline (#27141) (#27542)
e36eb8f 
(cherry picked from commit 7fa146c)

Co-authored-by: Alex Resnick <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@P1llus P1llus P1llus approved these changes

Assignees

@P1llus P1llus

Labels
7.15-candidate backport-v7.15.0 Automated backport with mergify
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Filebeat] Threat Intel Module - Adjust Anomali Fields
5 participants
@legoguy1000 @elasticmachine @marc-gr @P1llus @kaiyan-sheng