Skip to content

[Windows] Fix mapping for powershell.command.invocation_details field#12277

Merged
marc-gr merged 0 commit intomainfrom
jh/windows-mappings-2
Jan 9, 2025
Merged

[Windows] Fix mapping for powershell.command.invocation_details field#12277
marc-gr merged 0 commit intomainfrom
jh/windows-mappings-2

Conversation

@jen-huang
Copy link
Copy Markdown
Contributor

@jen-huang jen-huang commented Jan 8, 2025

Proposed commit message

Windows package is still failing to install on daily CI jobs.

This removes the invalid object_type: object mapping and replaces it with type: group for the powershell.command.invocation_details field.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

@jen-huang jen-huang added bug Something isn't working, use only for issues Integration:windows Windows labels Jan 8, 2025
@jen-huang jen-huang self-assigned this Jan 8, 2025
@jen-huang jen-huang requested review from a team as code owners January 8, 2025 23:54
@jen-huang jen-huang requested review from faec and leehinman January 8, 2025 23:54
@elastic-vault-github-plugin-prod
Copy link
Copy Markdown

elastic-vault-github-plugin-prod bot commented Jan 9, 2025

🚀 Benchmarks report

Package windows 👍(5) 💚(2) 💔(2)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
applocker_packaged_app_execution 12820.51 7299.27 -5521.24 (-43.07%) 💔
forwarded 1414.43 1025.64 -388.79 (-27.49%) 💔

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Jan 9, 2025

💚 Build Succeeded

cc @jen-huang

@elastic-sonarqube
Copy link
Copy Markdown

elastic-sonarqube bot commented Jan 9, 2025

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@andrewkroh andrewkroh added bugfix Pull request that fixes a bug issue Team:Security-Windows Platform Security Windows Platform team [elastic/sec-windows-platform] and removed bug Something isn't working, use only for issues labels Jan 9, 2025
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Jan 9, 2025

Pinging @elastic/sec-windows-platform (Team:Security-Windows Platform)

@marc-gr marc-gr merged commit ba43242 into main Jan 9, 2025
@marc-gr marc-gr deleted the jh/windows-mappings-2 branch January 9, 2025 11:30
@elastic-vault-github-plugin-prod
Copy link
Copy Markdown

elastic-vault-github-plugin-prod bot commented Jan 9, 2025

Package windows - 2.3.5 containing this change is available at https://epr.elastic.co/package/windows/2.3.5/

harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@jen-huang
Fix mapping for powershell.command.invocation_details field (elastic#…
758e687 
…12277)
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@jen-huang
Fix mapping for powershell.command.invocation_details field (elastic#…
cfdcfd9 
…12277)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marc-gr marc-gr marc-gr approved these changes

@faec faec Awaiting requested review from faec faec was automatically assigned from elastic/elastic-agent-data-plane

@leehinman leehinman Awaiting requested review from leehinman leehinman was automatically assigned from elastic/elastic-agent-data-plane

Assignees

@jen-huang jen-huang

Labels

bugfix Pull request that fixes a bug issue Integration:windows Windows Team:Security-Windows Platform Security Windows Platform team [elastic/sec-windows-platform]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jen-huang @elasticmachine @marc-gr @andrewkroh