Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Filebeat] Adding fixes to the TI module #24133

Merged
merged 3 commits into from
Feb 19, 2021
Merged

[Filebeat] Adding fixes to the TI module #24133

merged 3 commits into from
Feb 19, 2021

Conversation

P1llus
Copy link
Member

@P1llus P1llus commented Feb 19, 2021
edited
Loading

What does this PR do?

Cleaning up the TI module based on feedback after testing the BC runs.

Why is it important?

Cleaning up the TI module based on feedback after testing the BC runs.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Feb 19, 2021
@elasticmachine
Copy link
Collaborator

elasticmachine commented Feb 19, 2021
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Pull request #24133 updated

  • Start Time: 2021-02-19T17:17:20.752+0000

  • Duration: 58 min 14 sec

  • Commit: 261b507

Test stats 🧪

Test Results
Failed 0
Passed 13056
Skipped 2215
Total 15271

Trends 🧪

Image of Build Times

Image of Tests

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 13056
Skipped 2215
Total 15271

adriansr
adriansr reviewed Feb 19, 2021
View reviewed changes
Copy link
Contributor

@adriansr adriansr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a few small questions

x-pack/filebeat/module/threatintel/misp/test/misp_sample.ndjson.log-expected.json Show resolved Hide resolved
x-pack/filebeat/module/threatintel/_meta/config.yml Show resolved Hide resolved
@P1llus P1llus merged commit f394755 into elastic:master Feb 19, 2021
P1llus added a commit to P1llus/beats that referenced this pull request Feb 19, 2021
@P1llus
[Filebeat] Adding fixes to the TI module (elastic#24133)
7d74ec3 
* cleaning up TI module, adding safer config options, updating docs and fixing the MISP tag copy painless script

* updating otx pipeline to remove specific null value

* fixing grok pattern in MISP to fetch hash values

(cherry picked from commit f394755)
@P1llus P1llus mentioned this pull request Feb 19, 2021
Merged
6 tasks
@P1llus P1llus added the v7.12.0 label Feb 19, 2021
@P1llus P1llus mentioned this pull request Feb 19, 2021
Merged
6 tasks
P1llus added a commit to P1llus/beats that referenced this pull request Feb 19, 2021
@P1llus
[Filebeat] Adding fixes to the TI module (elastic#24133)
eada3ac 
* cleaning up TI module, adding safer config options, updating docs and fixing the MISP tag copy painless script

* updating otx pipeline to remove specific null value

* fixing grok pattern in MISP to fetch hash values

(cherry picked from commit f394755)
P1llus added a commit that referenced this pull request Feb 19, 2021
@P1llus
[Filebeat] Adding fixes to the TI module (#24133) (#24137)
20026ba 
* cleaning up TI module, adding safer config options, updating docs and fixing the MISP tag copy painless script

* updating otx pipeline to remove specific null value

* fixing grok pattern in MISP to fetch hash values

(cherry picked from commit f394755)
P1llus added a commit that referenced this pull request Feb 19, 2021
@P1llus
[Filebeat] Adding fixes to the TI module (#24133) (#24138)
41aa1c3 
* cleaning up TI module, adding safer config options, updating docs and fixing the MISP tag copy painless script

* updating otx pipeline to remove specific null value

* fixing grok pattern in MISP to fetch hash values

(cherry picked from commit f394755)
v1v added a commit to v1v/beats that referenced this pull request Feb 22, 2021
@v1v
Merge remote-tracking branch 'upstream/master' into feature/e2e-fleet
2747498 
* upstream/master:
  [Elastic Agent] Fix docker entrypoint for elastic-agent. (elastic#24155)
  [PACKAGING] Push docker images with the architecture in the version (elastic#24121)
  [Agent] Add agent standalone manifests for system module & Pod's log collection (elastic#23938)
  indicator type url is in upper case (elastic#24152)
  [Filebeat] Document netflow internal_networks and set default (elastic#24110)
  [Filebeat] Adding fixes to the TI module (elastic#24133)
  [Enhancement] Add RotateOnStartup feature flag for file output (elastic#19347)
  [Ingest Manager] Fix: Successfully installed and enrolled agent running standalone (elastic#24128)
  Set Elastic licence type for APM server Beats update job (elastic#24122)
  Add logrotation section on Running Filebeat on k8s (elastic#24120)
  [CI] Run if manual UI (elastic#24116)
  [CI] enable x-pack/heartbeat in the CI (elastic#23873)
v1v added a commit to v1v/beats that referenced this pull request Feb 23, 2021
@v1v
Merge remote-tracking branch 'upstream/master' into feature/retry-win…
3ea53ee 
…dows-7

* upstream/master:
  Remove OSS reference for kibana and elasticsearch (elastic#24164)
  Skip flaky TestActions on MacOSx (elastic#23966)
  [Filebeat][AWS] Fix vpcflow pipeline exception: Cannot invoke "Object.getClass()" because "receiver" is null (elastic#24167)
  [Elastic Agent] Fix docker entrypoint for elastic-agent. (elastic#24155)
  [PACKAGING] Push docker images with the architecture in the version (elastic#24121)
  [Agent] Add agent standalone manifests for system module & Pod's log collection (elastic#23938)
  indicator type url is in upper case (elastic#24152)
  [Filebeat] Document netflow internal_networks and set default (elastic#24110)
  [Filebeat] Adding fixes to the TI module (elastic#24133)
  [Enhancement] Add RotateOnStartup feature flag for file output (elastic#19347)
  [Ingest Manager] Fix: Successfully installed and enrolled agent running standalone (elastic#24128)
  Set Elastic licence type for APM server Beats update job (elastic#24122)
  Add logrotation section on Running Filebeat on k8s (elastic#24120)
  [CI] Run if manual UI (elastic#24116)
  [CI] enable x-pack/heartbeat in the CI (elastic#23873)
  chore: comment out the E2E (elastic#24109)
  chore: add-backport-next (elastic#24098)
  Adjust the position of the architecture name in Dockerlogbeat tarball (elastic#24095)
  Update dependencies for M1 support in System (elastic#24019)
v1v added a commit to v1v/beats that referenced this pull request Feb 23, 2021
@v1v
Merge remote-tracking branch 'upstream/master' into feature/packaging…
2e57ac2 
…-arm

* upstream/master: (24 commits)
  Add example input autodsicover config (elastic#24157)
  Empty configuration options generate `<no value>` string for azure-eventhub input (elastic#24156)
  Remove OSS reference for kibana and elasticsearch (elastic#24164)
  Skip flaky TestActions on MacOSx (elastic#23966)
  [Filebeat][AWS] Fix vpcflow pipeline exception: Cannot invoke "Object.getClass()" because "receiver" is null (elastic#24167)
  [Elastic Agent] Fix docker entrypoint for elastic-agent. (elastic#24155)
  [PACKAGING] Push docker images with the architecture in the version (elastic#24121)
  [Agent] Add agent standalone manifests for system module & Pod's log collection (elastic#23938)
  indicator type url is in upper case (elastic#24152)
  [Filebeat] Document netflow internal_networks and set default (elastic#24110)
  [Filebeat] Adding fixes to the TI module (elastic#24133)
  [Enhancement] Add RotateOnStartup feature flag for file output (elastic#19347)
  [Ingest Manager] Fix: Successfully installed and enrolled agent running standalone (elastic#24128)
  Set Elastic licence type for APM server Beats update job (elastic#24122)
  Add logrotation section on Running Filebeat on k8s (elastic#24120)
  [CI] Run if manual UI (elastic#24116)
  [CI] enable x-pack/heartbeat in the CI (elastic#23873)
  chore: comment out the E2E (elastic#24109)
  chore: add-backport-next (elastic#24098)
  Adjust the position of the architecture name in Dockerlogbeat tarball (elastic#24095)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adriansr adriansr adriansr approved these changes

Assignees
No one assigned
Labels
enhancement Filebeat Filebeat v7.12.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@P1llus @elasticmachine @adriansr