Skip to content

ssi: add support for request trace deletion #13002

New issue
New issue
Open
Task
Open
ssi: add support for request trace deletion#13002
Task
Labels
Integration:admin_by_request_epmAdmin By Request EPMIntegration:beyondinsight_password_safeBeyondInsight and Password SafeIntegration:blacklensblacklens.io (Community supported)Integration:carbon_black_cloudVMware Carbon Black CloudIntegration:checkpoint_emailCheck Point Harmony Email & CollaborationIntegration:cloudflare_logpushCloudflare LogpushIntegration:crowdstrikeCrowdStrikeIntegration:cyberark_epmCyberArk EPMIntegration:google_sccGoogle Security Command CenterIntegration:google_workspaceGoogle WorkspaceIntegration:imperva_cloud_wafImperva Cloud WAFIntegration:m365_defenderMicrosoft Defender XDRIntegration:microsoft_defender_endpointMicrosoft Defender for EndpointIntegration:microsoft_sentinelMicrosoft SentinelIntegration:mimecastMimecast (Partner supported)Integration:oktaOktaIntegration:qualys_vmdrQualys VMDRIntegration:sailpoint_identity_scSailpoint Identity Security CloudIntegration:servicenowServiceNowIntegration:sublime_securitySublime SecurityIntegration:symantec_endpoint_securitySymantec Endpoint SecurityIntegration:tenable_ioTenable Vulnerability ManagementIntegration:wizWizTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]enhancementNew feature or request
@efd6

Description

@efd6
efd6
opened on Mar 6, 2025

Filebeat v8.15.x added the ability to delete request traces on the agent's host[1]. Since #11954 a number of other integrations have come into the version range that can make use of this.

The list can be obtained by running (there are probably nicer implementations of this, but it works).

yq -o=json 'select(.owner.github == "elastic/security-service-integrations")|select((.conditions.kibana.version|contains("8.18.")) or (.conditions.kibana.version|contains("8.17.")) or (.conditions.kibana.version|contains("8.16.")) or (.conditions.kibana.version|contains("8.15.")))|{"name":.name,"policy":.policy_templates}' packages/**/manifest.yml|jq -c|egrep '"type":"(cel|httpjson|http_endpoint)"'|jq -r .name

[1]elastic/beats#39969 and elastic/beats#40004

Metadata

Metadata

Assignees

No one assigned

    Labels

    Integration:admin_by_request_epmAdmin By Request EPMIntegration:beyondinsight_password_safeBeyondInsight and Password SafeIntegration:blacklensblacklens.io (Community supported)Integration:carbon_black_cloudVMware Carbon Black CloudIntegration:checkpoint_emailCheck Point Harmony Email & CollaborationIntegration:cloudflare_logpushCloudflare LogpushIntegration:crowdstrikeCrowdStrikeIntegration:cyberark_epmCyberArk EPMIntegration:google_sccGoogle Security Command CenterIntegration:google_workspaceGoogle WorkspaceIntegration:imperva_cloud_wafImperva Cloud WAFIntegration:m365_defenderMicrosoft Defender XDRIntegration:microsoft_defender_endpointMicrosoft Defender for EndpointIntegration:microsoft_sentinelMicrosoft SentinelIntegration:mimecastMimecast (Partner supported)Integration:oktaOktaIntegration:qualys_vmdrQualys VMDRIntegration:sailpoint_identity_scSailpoint Identity Security CloudIntegration:servicenowServiceNowIntegration:sublime_securitySublime SecurityIntegration:symantec_endpoint_securitySymantec Endpoint SecurityIntegration:tenable_ioTenable Vulnerability ManagementIntegration:wizWizTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]enhancementNew feature or request

    Type

    Task

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions