Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cherry-pick #16013 to 7.x: Add translate_sid processor to Winlogbeat #16941

Merged
merged 2 commits into from
Mar 12, 2020
Merged

Cherry-pick #16013 to 7.x: Add translate_sid processor to Winlogbeat #16941

merged 2 commits into from
Mar 12, 2020

Conversation

andrewkroh
Copy link
Member

@andrewkroh andrewkroh commented Mar 10, 2020
edited by andresrc
Loading

Cherry-pick of PR #16013 to 7.x branch. Original message:

The translate_sid processor translates a Windows security identifier (SID)
into an account name. It retrieves the name of the account associated with the
SID, the first domain on which the SID is found, and the type of account.

Closes #7451

@andrewkroh
Add translate_sid processor (elastic#16013)
a66e61a 
* Add translate_sid processor to Winlogbeat

The `translate_sid` processor translates a Windows security identifier (SID)
into an account name. It retrieves the name of the account associated with the
SID, the first domain on which the SID is found, and the type of account.

Closes elastic#7451

(cherry picked from commit 65b31bd)
@andresrc andresrc added [zube]: Inbox [zube]: In Review Team:Services (Deprecated) Label for the former Integrations-Services team and removed [zube]: Inbox labels Mar 11, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/integrations-services (Team:Services)

@andrewkroh andrewkroh mentioned this pull request Mar 11, 2020
Closed
@elasticmachine
Copy link
Collaborator

Pinging @elastic/siem (Team:SIEM)

dedemorton
dedemorton reviewed Mar 11, 2020
View reviewed changes
libbeat/docs/processors-list.asciidoc
@@ -98,6 +98,9 @@ endif::[]
ifndef::no_truncate_fields_processor[]
* <<truncate-fields, `truncate_fields`>>
endif::[]
ifdef::no_translate_sid_processor[]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you meant ifndef here.

Copy link
Member Author

@andrewkroh andrewkroh Mar 11, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's fixed in #16961 and I'll backport it too.

dedemorton
dedemorton reviewed Mar 11, 2020
View reviewed changes
libbeat/docs/processors-list.asciidoc
@@ -197,5 +200,8 @@ endif::[]
ifndef::no_truncate_fields_processor[]
include::{libbeat-processors-dir}/actions/docs/truncate_fields.asciidoc[]
endif::[]
ifdef::no_translate_sid_processor[]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same comment as earlier about ifndef

@andrewkroh andrewkroh merged commit d5b81b3 into elastic:7.x Mar 12, 2020
@andrewkroh andrewkroh deleted the backport_16013_7.x branch January 14, 2022 14:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dedemorton dedemorton dedemorton approved these changes

Assignees
No one assigned
Labels
backport review Team:Services (Deprecated) Label for the former Integrations-Services team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@andrewkroh @elasticmachine @dedemorton @andresrc