Closed
Conversation
v1v
pushed a commit
that referenced
this pull request
Sep 19, 2023
…stic#34991) * handle EOF on single line content (elastic#33568) * handle EOF on single line content * changelog * fallback to encode_eof if no events in aws-s3 input * lint * lint * collect on EOF in line reader * remove encode eof * remove iterN * fix test * increase test coverage * linting * more linting * increase coverage (cherry picked from commit 7b45320) # Conflicts: # libbeat/reader/readfile/line.go # libbeat/reader/readfile/line_test.go # x-pack/filebeat/input/awss3/s3_objects.go * Fix conflicts * Fix failing test - TestMaxBytesLimit * Fix #2 failing test - TestMaxBytesLimit * Fix failing test checks * Fix linter errors * Fix typo * Fix linter errors #2 * Fix linter errors #3 * Fix linter errors #4 * Fix linter errors #5 * Changelog clean up * Change order of publish event --------- Co-authored-by: Andrea Spacca <andrea.spacca@elastic.co> Co-authored-by: Tamara Dancheva <tamara.dancheva@elastic.co>
v1v
pushed a commit
that referenced
this pull request
Mar 4, 2024
* feat: add helper funcs to get symbol info from /proc/kallsyms * feat: introduce fixed executor that always runs funcs from the same os thread * feat: add probe manager to handle building tracing kprobes from tk-btf ones * feat: define probe events with corresponding alloc and release funcs * feat: embed stripped btf files and add helper funcs to read them * feat: add fsnotify, fsnotify_nameremove, fsnotify_parent and vfs_geattr tk-btf probe builders in probe manager * feat: implement path traverser to produce monitor events by walking a path * feat: implement directory entries cache * feat: implement event processor to process probe events and based on directory entry cache emit the respective event * feat: implement event verifier that validates that the expected sequence of generated fs events are properly emitted * feat: add perfChannel to reduce tracing.PerfChannel boilerplate code and satisfy testing needs * feat: implement monitor that ties together path traverser, perf channel and event emitting * feat: implement probe verification at runtime and the creation of a new monitor based on these * feat: implement event reader for kprobe-based file integrity module * doc: update NOTICE.txt to include tk-btf license * feat: add tests for non-recursive kprobe fim (#3) * fix: remove existing file from cache when a move operation is overwriting it * feat: introduce force_backend in for file integrity auditbeat module * ci: add necessary volume mounts for kprobes backend in auditbeat docker-compose.yml * feat: add the instantiation of file integrity module with kprobes backend * doc: update CHANGELOG.next.asciidoc * fix: address compilation issues for non-linux oses * fix: correct folder permission for path traverser unit-test * fix: build kprobe package and unit-tests only for linux * ci: extend test_file_integrity.py to test kprobes backend of file integrity module * ci: extend TestNew in monitor to include actual file changes * ci: mark with nolint prealloc slices that can't be pre-allocated * chore: inline defer funcs * fix: return the scanner error if any * fix: remove redundant runtime os checks for linux * doc: comment that dEntryCache is not thread-safe * fix: set the appropriate verbosity of errors of watcher * fix: check for scanner.Err and return err from parsing mountinfo lines * fix: remove redundant fim_backends list from test_file_integrity.py * fix: gofumpt kprobes package * fix: highlight unused context in event processor * fix: increase interval period of wait_output as kprobes require more time to verify the probes and print output * fix: proper formatting for auditbeat.reference.yml * fix: proper formatting for x-pack/auditbeat/auditbeat.reference.yml --------- Co-authored-by: Maxwell Borden <Tacklebox@users.noreply.github.com>
v1v
pushed a commit
that referenced
this pull request
Aug 9, 2024
…ases (#3…" (elastic#39585) This reverts commit bb37b42.
v1v
pushed a commit
that referenced
this pull request
Apr 16, 2025
v1v
pushed a commit
that referenced
this pull request
Jun 26, 2025
…al logger instance #3 (elastic#44703) * [Chore] Replace global logger with local logger instance #3 (elastic#43657)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Bump stack version with the latest one.
Further details
[start_time:Thu, 22 Apr 2021 12:24:22 GMT, release_branch:master, prefix:, end_time:Thu, 22 Apr 2021 17:07:51 GMT, manifest_version:2.0.0, version:8.0.0-SNAPSHOT, branch:master, build_id:8.0.0-bf13b83e, build_duration_seconds:17009]