Skip to content

Adding WAF Log type#617

Merged
eirsep merged 8 commits intoopensearch-project:mainfrom
sandeshkr419:waf
Oct 5, 2023
Merged

Adding WAF Log type#617
eirsep merged 8 commits intoopensearch-project:mainfrom
sandeshkr419:waf

Conversation

@sandeshkr419
Copy link
Copy Markdown
Member

@sandeshkr419 sandeshkr419 commented Sep 26, 2023
edited
Loading

Description

Adding WAF log type as a pre-packaged rule

Issues Resolved

Resolves #573

Check List

  • New functionality includes testing.
    • All tests pass
  • New functionality has been documented.
    • New functionality has javadoc added
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@sandeshkr419
Adding WAF Log type
7af58b2 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
@sandeshkr419
Minor refactoring
7514d06 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
@sandeshkr419
Fix duplicate keys
0c64647 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
@sandeshkr419
Test fix
7621e89 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
@sandeshkr419
test fix
9a10743 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
@codecov
Copy link
Copy Markdown

codecov bot commented Sep 26, 2023
edited
Loading

Codecov Report

Merging #617 (dae7228) into main (b838dd8) will increase coverage by 0.04%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##               main     #617      +/-   ##
============================================
+ Coverage     25.02%   25.06%   +0.04%     
- Complexity      943      947       +4     
============================================
  Files           255      255              
  Lines         11155    11155              
  Branches       1250     1250              
============================================
+ Hits           2791     2796       +5     
+ Misses         8110     8107       -3     
+ Partials        254      252       -2

see 1 file with indirect coverage changes

@sandeshkr419
Adding custom log specific to aws waf
bf0beb5 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
@sandeshkr419 sandeshkr419 marked this pull request as ready for review September 27, 2023 23:28
sbcd90
sbcd90 previously approved these changes Oct 4, 2023
View reviewed changes
@sandeshkr419
Add Security category to waf logtype
01bb062 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
@sandeshkr419
Merge branch 'main' into waf
dae7228 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
@sandeshkr419 sandeshkr419 requested a review from sbcd90 October 4, 2023 22:31
@eirsep
Copy link
Copy Markdown
Member

eirsep commented Oct 4, 2023

LGTM but plz add tests for end-to-end flow i.e create waf log type detector, ingest docs and assert findings, alerts etc.

@sandeshkr419
Copy link
Copy Markdown
Member Author

sandeshkr419 commented Oct 4, 2023
edited
Loading

LGTM but plz add tests for end-to-end flow i.e create waf log type detector, ingest docs and assert findings, alerts etc.

@eirsep Thanks for reviewing. In the following test added, I did create a detector and verified (asserted) percolate queries (via number of rules to be matched) generated. I agree on having an IT as a follow up change for verifying the end to end flow across all PRs.

@eirsep eirsep merged commit 115ae95 into opensearch-project:main Oct 5, 2023
@sandeshkr419 sandeshkr419 deleted the waf branch October 5, 2023 15:45
opensearch-trigger-bot bot pushed a commit that referenced this pull request Oct 5, 2023
@sandeshkr419 @github-actions
Adding WAF Log type (#617)
3120910 
* Adding WAF Log type

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Minor refactoring

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Fix duplicate keys

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Test fix

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* test fix

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Adding custom log specific to aws waf

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Add Security category to waf logtype

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

---------

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
(cherry picked from commit 115ae95)
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Oct 5, 2023
Merged
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Oct 5, 2023
Merged
opensearch-trigger-bot bot pushed a commit that referenced this pull request Oct 5, 2023
@sandeshkr419 @github-actions
Adding WAF Log type (#617)
efda993 
* Adding WAF Log type

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Minor refactoring

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Fix duplicate keys

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Test fix

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* test fix

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Adding custom log specific to aws waf

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

* Add Security category to waf logtype

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>

---------

Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
(cherry picked from commit 115ae95)
sbcd90 pushed a commit that referenced this pull request Oct 5, 2023
@opensearch-trigger-bot
Adding WAF Log type (#617) (#644)
afc7d36 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
sbcd90 pushed a commit that referenced this pull request Oct 5, 2023
@opensearch-trigger-bot
Adding WAF Log type (#617) (#645)
848262e 
Signed-off-by: Sandesh Kumar <sandeshkr419@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sbcd90 sbcd90 sbcd90 approved these changes

@eirsep eirsep eirsep approved these changes

@amsiglan amsiglan Awaiting requested review from amsiglan amsiglan is a code owner

@AWSHurneyt AWSHurneyt Awaiting requested review from AWSHurneyt AWSHurneyt is a code owner

@getsaurabh02 getsaurabh02 Awaiting requested review from getsaurabh02 getsaurabh02 is a code owner

@lezzago lezzago Awaiting requested review from lezzago lezzago is a code owner

@praveensameneni praveensameneni Awaiting requested review from praveensameneni praveensameneni is a code owner

Assignees

No one assigned

Labels

backport 2.x backport 2.11

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEATURE] WAF log type support

3 participants

@sandeshkr419 @eirsep @sbcd90