-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[ECS][Filebeat] Gsuite/Google Workspace ECS 1.8 #23709
Conversation
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
d26ed40
to
1f3e733
Compare
05e507a
to
6ab99ef
Compare
8979980
to
376b26f
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this include changes from other open PRs that it's dependent upon?
The changes in 1f3e733c8ad8975e7f4443809fdcbaa683621683 LGTM. |
1f3e733
to
4a63b65
Compare
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
💚 Flaky test reportTests succeeded. Expand to view the summary
Test stats 🧪
|
had to rebase the feature branch |
4a63b65
to
2e729e0
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
We can ignore the PR numbers in CHANGELOG for now and adjust them before merging the ecs 1.8 branch.
Co-authored-by: Adrian Serrano <adrisr83@gmail.com>
Incorporates ECS 1.8 changes from the following PRs: Support host.type field in add_host_metadata processor and Auditbeat's system/host #23513 Winlogbeat #23563 Auditbeat auditd #23594 Journalbeat #23737 Packetbeat #23783 Filebeat: auditd #23723 cisco #23819 cef #23832 crowdstrike falcon #23875 fortinet firewall #23902 microsoft #23897 elasticsearch/audit #24000 Gsuite/Workspace #23709 o365 #23896 zoom #23904 okta #23929 aws/cloudtrail #23911 aws/s3access #23920 azure #23927 juniper/srx #23936 panw #23931 sophos/xg #23967 system/auth #23961 mysqlenterprise #23978 zeek #23847 Make all Beats and modules report ECS 1.8.0 #23992 Closes #23118 Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com>
Incorporates ECS 1.8 changes from the following PRs: Support host.type field in add_host_metadata processor and Auditbeat's system/host elastic#23513 Winlogbeat elastic#23563 Auditbeat auditd elastic#23594 Journalbeat elastic#23737 Packetbeat elastic#23783 Filebeat: auditd elastic#23723 cisco elastic#23819 cef elastic#23832 crowdstrike falcon elastic#23875 fortinet firewall elastic#23902 microsoft elastic#23897 elasticsearch/audit elastic#24000 Gsuite/Workspace elastic#23709 o365 elastic#23896 zoom elastic#23904 okta elastic#23929 aws/cloudtrail elastic#23911 aws/s3access elastic#23920 azure elastic#23927 juniper/srx elastic#23936 panw elastic#23931 sophos/xg elastic#23967 system/auth elastic#23961 mysqlenterprise elastic#23978 zeek elastic#23847 Make all Beats and modules report ECS 1.8.0 elastic#23992 Closes elastic#23118 Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com> (cherry picked from commit 048c3cc)
Incorporates ECS 1.8 changes from the following PRs: Support host.type field in add_host_metadata processor and Auditbeat's system/host #23513 Winlogbeat #23563 Auditbeat auditd #23594 Journalbeat #23737 Packetbeat #23783 Filebeat: auditd #23723 cisco #23819 cef #23832 crowdstrike falcon #23875 fortinet firewall #23902 microsoft #23897 elasticsearch/audit #24000 Gsuite/Workspace #23709 o365 #23896 zoom #23904 okta #23929 aws/cloudtrail #23911 aws/s3access #23920 azure #23927 juniper/srx #23936 panw #23931 sophos/xg #23967 system/auth #23961 mysqlenterprise #23978 zeek #23847 Make all Beats and modules report ECS 1.8.0 #23992 Closes #23118 Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com> (cherry picked from commit 048c3cc)
* Add new ECS user and categories features to google_workspace/gsuite * Update CHANGELOG.next.asciidoc Co-authored-by: Adrian Serrano <adrisr83@gmail.com> Co-authored-by: Adrian Serrano <adrisr83@gmail.com>
What does this PR do?
Add multiuser and new categories to gsuite and google_workspace modules
Why is it important?
Keep the modules up to date with ECS 1.8 changes
Checklist
- [ ] My code follows the style guidelines of this project- [ ] I have commented my code, particularly in hard-to-understand areas- [ ] I have made corresponding changes to the documentationCHANGELOG.next.asciidoc
orCHANGELOG-developer.next.asciidoc
.