Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[csp] Telemetry for csp configuration #43223

Merged
merged 3 commits into from
Aug 14, 2019
Merged

Conversation

epixa
Copy link
Contributor

@epixa epixa commented Aug 13, 2019

Summary

We collect the boolean configurations which can be derived by any
end-user of Kibana by making any HTTP request. Since the rules
configuration involves strings that can leak identifiable information,
we only collect whether the rules have been changed from their defaults.

The following shape is added to the telemetry payload:

csp: {
  strict: Boolean,
  warnLegacyBrowsers: Boolean,
  rulesChangedFromDefault: Boolean,
}

We collect the boolean configurations which can be derived by any
end-user of Kibana by making any HTTP request. Since the rules
configuration involves strings that can leak identifiable information,
we only collect whether the rules have been changed from their defaults.
@epixa epixa added release_note:enhancement Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v8.0.0 Feature:Security/CSP Platform Security - Content Security Policy v7.4.0 labels Aug 13, 2019
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security

@elasticmachine
Copy link
Contributor

💚 Build Succeeded

@epixa epixa marked this pull request as ready for review August 14, 2019 00:26
@epixa epixa requested a review from a team August 14, 2019 00:26
@kobelb kobelb self-requested a review August 14, 2019 00:30
Copy link
Member

@Bamieh Bamieh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

code LGTM

@epixa
Copy link
Contributor Author

epixa commented Aug 14, 2019

I relaxed the reliance on the constant defaults and switched the rule check over to a snapshot.

Copy link
Contributor

@kobelb kobelb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM - apologies for all the nits

@elasticmachine
Copy link
Contributor

💚 Build Succeeded

@epixa epixa merged commit e2e1941 into elastic:master Aug 14, 2019
@epixa epixa deleted the csp-telemetry branch August 14, 2019 20:03
epixa added a commit that referenced this pull request Aug 14, 2019
We collect the boolean configurations which can be derived by any
end-user of Kibana by making any HTTP request. Since the rules
configuration involves strings that can leak identifiable information,
we only collect whether the rules have been changed from their defaults.
jloleysens added a commit to jloleysens/kibana that referenced this pull request Aug 15, 2019
…p-metrics-selectall

* 'master' of github.com:elastic/kibana: (50 commits)
  [Uptime] update monitor list configs for mobile view (elastic#43218)
  [APM] Local UI filters (elastic#41588)
  [Code] Upgrade ctags langserver (elastic#43252)
  [Code] show multiple definition results in panel (elastic#43249)
  Adds Metric Type to full screen launch tracking (elastic#42692)
  [Canvas] Convert Autocomplete to Typescript (elastic#42502)
  [telemetry] add spacesEnabled config back to xpack_main (elastic#43312)
  [ML] Adds DF Transform Analytics list to Kibana management (elastic#43151)
  Add TLS client authentication support. (elastic#43090)
  [csp] Telemetry for csp configuration (elastic#43223)
  [SIEM] Run Cypress Tests Against Elastic Cloud & Cypress Command Line / Reporting (elastic#42804)
  docs: add tip on agent config in a dt (elastic#43301)
  [ML] Adding bucket span estimator to new wizards (elastic#43288)
  disable flaky tests (elastic#43017)
  Fix percy target branch for PRs (elastic#43160)
  [ML] Adding post create job options (elastic#43205)
  Restore discover histogram selection triggering fetch (elastic#43097)
  Per panel time range (elastic#43153)
  [Infra UI] Add APM to Metadata Endpoint (elastic#42197)
  Sentence case copy changes (elastic#43215)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Feature:Security/CSP Platform Security - Content Security Policy release_note:enhancement Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v7.4.0 v8.0.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants