Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cherry-pick #22805 to 7.10: [Filebeat] AWS CloudTrail preserve eventCategory #23399

Closed
wants to merge 1 commit into from
Closed

Cherry-pick #22805 to 7.10: [Filebeat] AWS CloudTrail preserve eventCategory #23399

wants to merge 1 commit into from

Conversation

leehinman
Copy link
Contributor

@leehinman leehinman commented Jan 7, 2021
edited by zube bot
Loading

Cherry-pick of PR #22805 to 7.10 branch. Original message:

What does this PR do?

Preserves AWS CloudTrail eventCategory and maps it to
aws.cloudtrail.event_category

Why is it important?

prevents data loss

Checklist

  • My code follows the style guidelines of this project
    - [ ] I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
    - [ ] I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

How to test this PR locally

TESTING_FILEBET_MODULES=aws TESTING_FILEBEAT_FILESETS=cloudtrail mage -v pythonIntegTest

Related issues

@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Jan 7, 2021
@leehinman
[Filebeat] AWS CloudTrail preserve eventCategory (elastic#22805)
496feb0 
* AWS CloudTrail preserve eventCategory

- map to aws.cloudtrail.event_category

Closes elastic#22776

(cherry picked from commit 971b95b)
@elasticmachine
Copy link
Collaborator

elasticmachine commented Jan 7, 2021
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Pull request #23399 updated

  • Start Time: 2021-01-07T17:31:44.971+0000

  • Duration: 43 min 0 sec

Test stats 🧪

Test Results
Failed 0
Passed 4471
Skipped 569
Total 5040

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 4471
Skipped 569
Total 5040

andrewkroh
andrewkroh approved these changes Jan 7, 2021
View reviewed changes
Copy link
Member

@andrewkroh andrewkroh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

x-pack/filebeat/module/aws/cloudtrail/_meta/fields.yml
description: |-
Shows the event category that is used in LookupEvents calls.

- For management events, the value is management.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see Management in the generated doc so perhaps the docs should say "the value is Management".

@andrewkroh
Copy link
Member

Closing as there are no more planned 7.10 releases.

@andrewkroh andrewkroh closed this Jan 24, 2021
@zube zube bot removed the [zube]: Done label Apr 25, 2021
@leehinman leehinman deleted the backport_22805_7.10 branch May 14, 2021 14:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaiyan-sheng kaiyan-sheng kaiyan-sheng approved these changes

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees
No one assigned
Labels
backport
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@leehinman @elasticmachine @andrewkroh @kaiyan-sheng