Skip to content

Migrate System Windows Security script to Ingest Node#917

Merged
leehinman merged 3 commits intoelastic:masterfrom
leehinman:884_move_windows_security_js_to_pipeline
Apr 30, 2021
Merged

Migrate System Windows Security script to Ingest Node#917
leehinman merged 3 commits intoelastic:masterfrom
leehinman:884_move_windows_security_js_to_pipeline

Conversation

@leehinman
Copy link
Copy Markdown
Contributor

@leehinman leehinman commented Apr 15, 2021
edited
Loading

What does this PR do?

Converts processing in winlog.yml.hbs and moves it to pipeline.yml. Also adds pipeline tests. This will greatly reduce the size of data that is sent to each agent.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.

Author's Checklist

  • All code fro winlog.yml.hbs is removed
  • Pipeline tests run clean
  • Diff with existing winlogbeat golden files

How to test this PR locally

elastic-package test pipeline --data-streams=security

Related issues

@leehinman leehinman added the enhancement New feature or request label Apr 15, 2021
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Apr 16, 2021
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Branch indexing

  • Start Time: 2021-04-29T22:28:15.157+0000

  • Duration: 34 min 36 sec

  • Commit: 75e350c

Test stats 🧪

Test Results
Failed 0
Passed 2042
Skipped 3
Total 2045

Trends 🧪

Image of Build Times

Image of Tests

andrewkroh
andrewkroh reviewed Apr 16, 2021
View reviewed changes
Copy link
Copy Markdown
Member

@andrewkroh andrewkroh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wow! 👏 🤗

@leehinman leehinman force-pushed the 884_move_windows_security_js_to_pipeline branch 2 times, most recently from 70a9a6c to dcc6e5f Compare April 23, 2021 18:51
@leehinman leehinman marked this pull request as ready for review April 23, 2021 18:51
@leehinman leehinman force-pushed the 884_move_windows_security_js_to_pipeline branch from dcc6e5f to 37409f8 Compare April 23, 2021 18:59
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Apr 23, 2021

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

andrewkroh
andrewkroh reviewed Apr 23, 2021
View reviewed changes
Copy link
Copy Markdown
Member

@andrewkroh andrewkroh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like it needs an elastic-package format.

@P1llus
Copy link
Copy Markdown
Member

P1llus commented Apr 23, 2021

This is looking awesome @leehinman ! :)

One QQ:

Do you know if the usage of CamelCase field names is intended? I see there is a bit of a mix in terms of how the fields are named. I know @adriansr created some sort of painless script to convert them for the cyberark integration.

@leehinman leehinman merged commit a308b09 into elastic:master Apr 30, 2021
@leehinman leehinman deleted the 884_move_windows_security_js_to_pipeline branch April 30, 2021 18:11
@ShourieG ShourieG mentioned this pull request Aug 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request Integration:system System

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Convert system/security data_stream processing to ingest node

4 participants

@leehinman @elasticmachine @P1llus @andrewkroh