Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[mimecast] Add use cases, docs, and update sample events #2690

Merged
merged 15 commits into from
Feb 23, 2022
Merged

[mimecast] Add use cases, docs, and update sample events #2690

merged 15 commits into from
Feb 23, 2022

Conversation

djordje-adzemovic-devtech
Copy link
Contributor

@djordje-adzemovic-devtech djordje-adzemovic-devtech commented Feb 14, 2022
edited by andrewkroh
Loading

What does this PR do?

Add use cases for audit events and update sample events and docs.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

@elasticmachine
Copy link

elasticmachine commented Feb 14, 2022
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-02-23T09:17:23.824+0000

  • Duration: 28 min 24 sec

Test stats 🧪

Test Results
Failed 0
Passed 61
Skipped 0
Total 61

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

marc-gr
marc-gr requested changes Feb 14, 2022
View reviewed changes
Copy link
Contributor

@marc-gr marc-gr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice additions! Just as a note aside of the comments, I think the changes done in README.md need to be done instead to the _dev/build/... README file.

packages/mimecast/changelog.yml Outdated Show resolved Hide resolved
packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml Outdated Show resolved Hide resolved
packages/mimecast/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml Show resolved Hide resolved
packages/mimecast/docs/README.md Outdated Show resolved Hide resolved
packages/mimecast/docs/README.md Outdated Show resolved Hide resolved
packages/mimecast/docs/README.md Outdated Show resolved Hide resolved
packages/mimecast/docs/README.md Outdated Show resolved Hide resolved
@marc-gr
Copy link
Contributor

marc-gr commented Feb 22, 2022

/test

@andrewkroh
Copy link
Member

I'm not sure if you want to do this here, but the the ECS version used in the package should be changed from 1.12.0 to 8.0.0.

It's in the ingest pipeline and this file.

@elasticmachine
Copy link

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@andrewkroh andrewkroh changed the title Add use cases for parsing audit events logs and update sample events … [mimecast] Add use cases, docs, and update sample events Feb 22, 2022
@marc-gr
Copy link
Contributor

marc-gr commented Feb 22, 2022

/test

@marc-gr
Copy link
Contributor

marc-gr commented Feb 22, 2022

/test

@marc-gr
Copy link
Contributor

marc-gr commented Feb 22, 2022

/test

@marc-gr marc-gr self-requested a review February 22, 2022 15:56
@marc-gr
Copy link
Contributor

marc-gr commented Feb 23, 2022

/test

@marc-gr
Copy link
Contributor

marc-gr commented Feb 23, 2022

/test

P1llus
P1llus approved these changes Feb 23, 2022
View reviewed changes
Copy link
Member

@P1llus P1llus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I only reviewed the generation of the Readme + the 8.0 ecs changes and generation of test data.

@marc-gr marc-gr merged commit 898eb54 into elastic:main Feb 23, 2022
eyalkraft pushed a commit to build-security/integrations that referenced this pull request Mar 30, 2022
@djordje-adzemovic-devtech @marc-gr
[mimecast] Add use cases, docs, and update sample events (elastic#2690)
40e09d3 
* Add use cases for parsing audit events logs and update sample events and docs

* Change link to pull PR in changelog.yaml

* CR changes

* Refactor audit events pipeline

* Ingest method property into audit-events logs

* Refactoring audit-events pipeline and update tests to pass

* Remove unnecessary thing, adding 2FA as a field, and changing coditions in pipeline operators

* Remove unnecessary code to make pipeline more cleaner

* Remove more unnecassary code from pipeline for audit-events

* Removing unused fields from remove list in the pipeline

* Cleaning pipeline even more

* Updating ecs version

* Update ecs version and re-generate test files

* Generate README.md

Co-authored-by: Marc Guasch <marc.guasch@elastic.co>
@andrewkroh andrewkroh mentioned this pull request May 2, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewkroh andrewkroh andrewkroh left review comments

@marc-gr marc-gr marc-gr approved these changes

@P1llus P1llus P1llus approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request Integration:mimecast Mimecast
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@djordje-adzemovic-devtech @elasticmachine @marc-gr @andrewkroh @P1llus