Docs: Updates system, windows, winlog integrations to clarify windows event log info#17702
Conversation
Vale Linting ResultsSummary: 4 warnings, 4 suggestions found
|
| File | Line | Rule | Message |
|---|---|---|---|
| packages/system/_dev/build/docs/README.md | 17 | Elastic.DontUse | Don't use 'note that'. |
| packages/system/docs/README.md | 17 | Elastic.DontUse | Don't use 'note that'. |
| packages/windows/_dev/build/docs/README.md | 13 | Elastic.DontUse | Don't use 'note that'. |
| packages/windows/docs/README.md | 13 | Elastic.DontUse | Don't use 'note that'. |
💡 Suggestions (4)
| File | Line | Rule | Message |
|---|---|---|---|
| packages/winlog/_dev/build/docs/README.md | 5 | Elastic.WordChoice | Consider using 'can, might' instead of 'may', unless the term is in the UI. |
| packages/winlog/_dev/build/docs/README.md | 6 | Elastic.WordChoice | Consider using 'can, might' instead of 'may', unless the term is in the UI. |
| packages/winlog/docs/README.md | 5 | Elastic.WordChoice | Consider using 'can, might' instead of 'may', unless the term is in the UI. |
| packages/winlog/docs/README.md | 6 | Elastic.WordChoice | Consider using 'can, might' instead of 'may', unless the term is in the UI. |
The Vale linter checks documentation changes against the Elastic Docs style guide.
To use Vale locally or report issues, refer to Elastic style guide for Vale.
|
Please run these commands to update changelogs and build docs: for pkg in system windows winlog; do
cd packages/$pkg
elastic-package changelog add --type enhancement --description "Improve documentation" --link "https://github.com/elastic/integrations/pull/17702" --next minor
elastic-package build
cd ../..
done
git add -u
git commit -m "docs: update changelogs and build documentation"
git pushPrerequisite: |
🚀 Benchmarks reportTo see the full report comment with |
|
Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane) |
|
Pinging @elastic/sec-linux-platform (Team:Security-Linux Platform) |
shmsr
left a comment
There was a problem hiding this comment.
"vale lint" has reported some issues, are you going to fix them? rest looks good!
|
Pinging @elastic/sec-windows-platform (Team:Security-Windows Platform) |
💚 Build Succeeded
History
cc @jmikell821 |
|
Package system - 2.13.0 containing this change is available at https://epr.elastic.co/package/system/2.13.0/ |
|
Package windows - 3.6.0 containing this change is available at https://epr.elastic.co/package/windows/3.6.0/ |
|
Package winlog - 2.5.0 containing this change is available at https://epr.elastic.co/package/winlog/2.5.0/ |
Proposed commit message
Adds a short paragraph to each of these integrations (system, windows, winlog) to confirm the use case of that integration for collecting windows log events, so the user can decide which are best for their use case.
Why?
There are multiple integrations that collect Windows Event logs, most notably
system,windows, andwinlog. While thewinlogintegration is designed for pulling logs from any defined channel, thesystemandwindowsintegrations collect from a specific set of channels and apply some additional pipeline processing to make the data usable for observability and/or security purposes. Collecting the system event logs via the customwinlogintegration will not apply the same pipelines, and would make the data less valuable to the user.Checklist
changelog.ymlfile.Author's Checklist
Related issues
Resolves #12642.