[Filebeat] MISP improvements #23070
Merged
[Filebeat] MISP improvements #23070
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
marc-gr
added
enhancement
Filebeat
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
botelastic
bot
added
needs_team
marc-gr
force-pushed
the
migrate_misp_httpjsonv2
branch
2 times, most recently
from
42c3563
to
a9dcc1a
Compare
P1llus
reviewed
Dec 10, 2020
There was a problem hiding this comment.
LGTM, as discussed before I think we need to move from UUID to using the fingerprint processor on the ID field instead to create a document id.
Maybe also we should set the http_timeout to 120s instead, as it might sometime include a very large amount of data.
P1llus
approved these changes
Dec 10, 2020
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
💚 Flaky test reportTests succeeded. Expand to view the summary
Test stats 🧪
|
leehinman
approved these changes
Dec 10, 2020
- Add id based on body uuid - Add pagination and cursor - Migrate to httpjson v2
marc-gr
force-pushed
the
migrate_misp_httpjsonv2
branch
from
a9dcc1a
to
9f78035
Compare
4 tasks
marc-gr
added
v7.11.0
and removed
needs_backport
marc-gr
added a commit
to marc-gr/beats
that referenced
this pull request
Dec 14, 2020
- Add id based on body uuid - Add pagination and cursor - Migrate to httpjson v2 (cherry picked from commit e0d654a)
marc-gr
added a commit
that referenced
this pull request
Dec 14, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Why is it important?
MISP current implementation was lacking pagination or state, making it a bit complicated to be used in production set ups. This changes take advantage of the new httpjson v2 features to improve the module.
Checklist
- [] My code follows the style guidelines of this project- [ ] I have commented my code, particularly in hard-to-understand areasCHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.