Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Auditbeat] fim(ebpf): enrich file events with process data #38199

Merged
merged 19 commits into from
Apr 5, 2024
Merged
Changes from 1 commit
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
0268ead
fim(ebpf): enrich file events with process data
mmat11 Mar 6, 2024
6c8c35a
apply review suggestions
mmat11 Mar 11, 2024
6be066f
apply review suggestions
mmat11 Mar 12, 2024
d86d697
fix(fim/ebpf): move process fields to event root and insert them so k…
pkoutsovasilis Apr 2, 2024
77c219d
fix(fim/ebpf): refactor HostID to utilise sync.OnceValue and expose b…
pkoutsovasilis Apr 2, 2024
3e8f0f1
fix(fim/ebpf): refactor TicksPerSecond to utilise sync.OnceValue
pkoutsovasilis Apr 2, 2024
8afd25a
fix(fim/ebpf): remove empty slice allocation
pkoutsovasilis Apr 2, 2024
2ad2e3f
chore: go mod tidy
pkoutsovasilis Apr 2, 2024
809f28b
fix: explicitly set go 1.21.8 in go.mod
pkoutsovasilis Apr 2, 2024
e42a105
fix(fim/ebpf): nil slice of errors in TestNewEventFromEbpfEvent
pkoutsovasilis Apr 2, 2024
e314478
fix(fim/ebpf): remove re-declaration of already ecs included fields
pkoutsovasilis Apr 2, 2024
0c48c0c
fix(fim/ebpf): utilise OnceValues to declutter the code
pkoutsovasilis Apr 3, 2024
8b223b1
fix(fim/ebpf): remove x-pack import from OSS package
pkoutsovasilis Apr 3, 2024
5a87cee
fix(fim/ebpf): propagate process fields changes to integration tests
pkoutsovasilis Apr 3, 2024
4bd33cf
chore: go mod tidy
pkoutsovasilis Apr 3, 2024
2941987
Merge branch 'main' into matt/fim-user-data
pierrehilbert Apr 4, 2024
e37a6d3
ci: temporary solution to outdated docker compose python library
pkoutsovasilis Apr 4, 2024
1ca5f8b
ci: transition to a fixed tag for docker image instead of a rolling one
pkoutsovasilis Apr 4, 2024
4c385e3
Merge remote-tracking branch 'refs/remotes/beats/main' into matt/fim-…
pkoutsovasilis Apr 4, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
chore: go mod tidy
pkoutsovasilis committed Apr 3, 2024
commit 4bd33cf2dd35c923009abeae360ee826b3aab359
7 changes: 4 additions & 3 deletions go.sum
Original file line number Diff line number Diff line change
@@ -674,7 +674,8 @@ github.com/elastic/dhcp v0.0.0-20200227161230-57ec251c7eb3/go.mod h1:aPqzac6AYki
github.com/elastic/ebpfevents v0.5.0 h1:QkyMAYWo3fXFbYtXAXU8sZu2SQ4LXVYC6gLXIWXy02E=
github.com/elastic/ebpfevents v0.5.0/go.mod h1:ESG9gw7N+n5yCCMgdg1IIJENKWSmX7+X0Fi9GUs9nvU=
github.com/elastic/elastic-agent-autodiscover v0.6.8 h1:BSXz+QwjZAEt08G+T3GDGl14Bh9a6zD8luNCvZut/b8=
github.com/elastic/elastic-agent-autodiscover v0.6.8/go.mod h1:hFeFqneS2r4jD0/QzGkrNk0YVdN0JGh7lCWdsH7zcI4=github.com/elastic/elastic-agent-client/v7 v7.8.1 h1:J9wZc/0mUvSEok0X5iR5+n60Jgb+AWooKddb3XgPWqM=
github.com/elastic/elastic-agent-autodiscover v0.6.8/go.mod h1:hFeFqneS2r4jD0/QzGkrNk0YVdN0JGh7lCWdsH7zcI4=
github.com/elastic/elastic-agent-client/v7 v7.8.1 h1:J9wZc/0mUvSEok0X5iR5+n60Jgb+AWooKddb3XgPWqM=
github.com/elastic/elastic-agent-client/v7 v7.8.1/go.mod h1:axl1nkdqc84YRFkeJGD9jExKNPUrOrzf3DFo2m653nY=
github.com/elastic/elastic-agent-libs v0.7.5 h1:4UMqB3BREvhwecYTs/L23oQp1hs/XUkcunPlmTZn5yg=
github.com/elastic/elastic-agent-libs v0.7.5/go.mod h1:pGMj5myawdqu+xE+WKvM5FQzKQ/MonikkWOzoFTJxaU=
@@ -771,8 +772,8 @@ github.com/foxcpp/go-mockdns v0.0.0-20201212160233-ede2f9158d15/go.mod h1:tPg4cp
github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20=
github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k=
github.com/frankban/quicktest v1.14.5 h1:dfYrrRyLtiqT9GyKXgdh+k4inNeTvmGbuSgZ3lx3GhA=
github.com/frankban/quicktest v1.14.5/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
github.com/frankban/quicktest v1.14.3 h1:FJKSZTDHjyhriyC81FLQ0LY93eSai0ZyR/ZIkd3ZUKE=
github.com/frankban/quicktest v1.14.3/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps=
github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa/go.mod h1:KnogPXtdwXqoenmZCw6S+25EAm2MkxbG0deNDu4cbSA=
github.com/gabriel-vasile/mimetype v1.4.1/go.mod h1:05Vi0w3Y9c/lNvJOdmIwvrrAhX3rYhfQQCaf9VJcv7M=
github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY=