Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Filebeat] Remove RecordedFuture dataset from Threat Intel module #30564

Merged
merged 2 commits into from
Feb 23, 2022
Merged

[Filebeat] Remove RecordedFuture dataset from Threat Intel module #30564

merged 2 commits into from
Feb 23, 2022

Conversation

adriansr
Copy link
Contributor

@adriansr adriansr commented Feb 23, 2022
edited
Loading

What does this PR do?

Removes the Recorded Future dataset from Threat Intel module. This new dataset has been developed to replace the existing (unused) dataset, which was fetching data using the wrong API from Recorded Future.

Why is it important?

This dataset has been developed for 8.1, but later has been decided to make it a package-only integration.

Checklist

  • [ ] My code follows the style guidelines of this project
  • [ ] I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • [ ] I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

@adriansr
Remove Recorded Future dataset from threatintel module
4d3f142 
It's been decided to make this integration available only as a package.

This reverts commit fbcece6.
@adriansr
Add changelog entry
77a4af4
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Feb 23, 2022
@mergify
Copy link
Contributor

mergify bot commented Feb 23, 2022

This pull request does not have a backport label. Could you fix it @adriansr? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-v./d./d./d is the label to automatically backport to the 7./d branch. /d is the digit

NOTE: backport-skip has been added to this pull request.

@adriansr adriansr added breaking change Filebeat Filebeat release-note:breaking The content should be included as a breaking change Team:Security-External Integrations labels Feb 23, 2022
@mergify mergify bot added the backport-skip Skip notification from the automated backport with mergify label Feb 23, 2022
@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Feb 23, 2022
@adriansr adriansr added the backport-v8.1.0 Automated backport with mergify label Feb 23, 2022
@mergify mergify bot removed the backport-skip Skip notification from the automated backport with mergify label Feb 23, 2022
@elasticmachine
Copy link
Collaborator

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-02-23T20:18:27.767+0000

  • Duration: 114 min 2 sec

Test stats 🧪

Test Results
Failed 0
Passed 8663
Skipped 1122
Total 9785

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@adriansr adriansr merged commit 5167f5a into elastic:main Feb 23, 2022
mergify bot pushed a commit that referenced this pull request Feb 23, 2022
@adriansr
[Filebeat] Remove RecordedFuture dataset from Threat Intel module (#3…
8538ba6 
…0564)

It's been decided to make this integration available only as a package.

(cherry picked from commit 5167f5a)
@mergify mergify bot mentioned this pull request Feb 23, 2022
Merged
adriansr added a commit that referenced this pull request Feb 24, 2022
@mergify @adriansr
[Filebeat] Remove RecordedFuture dataset from Threat Intel module (#3…
4eed120 
…0564) (#30568)

It's been decided to make this integration available only as a package.

Co-authored-by: Adrian Serrano <adrisr83@gmail.com>
@adriansr adriansr mentioned this pull request Mar 1, 2022
Merged
7 tasks
v1v added a commit that referenced this pull request Mar 2, 2022
@v1v
Merge branch '8.1' of github.com:elastic/beats into mergify/bp/8.1/pr…
0112148 
…-29710

* '8.1' of github.com:elastic/beats: (51 commits)
  refactor pushDockerImages (#30414) (#30624)
  ci: add windows-2022 in the extended meta-stage (#30528) (#30630)
  Curate k8s testing versions to only keep the actively maintained (#30619) (#30625)
  [8.1](backport #30355) Add Beats upgrade docs for 8.0 (#30612)
  Remove references to gcp from the Functionbeat docs (#30579) (#30609)
  x-pack/auditbeat/module/system/socket: defend against exec with zero arguments (#30586) (#30597)
  [MySQL Enterprise] Adding default paths values to manifest.yml (#30598) (#30604)
  metricbeat - fix elasticsearch and kibana integration tests failures in 8.0 (#30566) (#30594)
  Install gawk as a replacement for mawk in Docker containers. (#30452) (#30465)
  [Filebeat] Remove RecordedFuture dataset from Threat Intel module (#30564) (#30568)
  Adjust the documentation of `backoff` options in filestream input (#30552) (#30557)
  packetbeat/beater: help the GC clean up the Npcap installer if it's not used (#30513) (#30546)
  Osquerybeat: Add install verification for osquerybeat (#30388) (#30404)
  Update docker/distribution to 2.8.0 (#30462) (#30540)
  Add `parsers` examples to `filestream` reference configuration (#30529) (#30537)
  [8.1](backport #30068) ZooKeeper module: Adapt to ZooKeeper 3.6+ `mntr` response fields' changes. (#30360)
  [8.1](backport #30512) Switch skip to use `CI` (#30525)
  Forward-port 8.0.1 changelog to 8.1 (#30517)
  packetbeat/beater: don't attempt to install npcap when already installed (#30509) (#30511)
  Add drop and explicit tests to avoid duplicate ingest of elasticsearch logs (#30440) (#30488)
  ...
@dedemorton dedemorton mentioned this pull request Mar 5, 2022
Merged
@adriansr adriansr deleted the rm_rf_recordedfuture branch March 9, 2022 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

@adriansr adriansr

Labels
backport-v8.1.0 Automated backport with mergify breaking change Filebeat Filebeat release-note:breaking The content should be included as a breaking change review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@adriansr @elasticmachine @efd6