Skip to content

[axonius][user] Add Axonius User datastream #16128

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

[axonius][user] Add Axonius User datastream #16128

wants to merge 3 commits into from

Conversation

@muskan-agarwal26
Copy link
Contributor

@muskan-agarwal26 muskan-agarwal26 commented Nov 26, 2025

Proposed commit message

The initial release includes user data stream and associated dashboard.

Axonius fields are mapped to their corresponding ECS fields where possible.

Test samples were derived from live data samples, which were subsequently
sanitized.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

To test the axonius package:

  • Clone integrations repo.
  • Install elastic package locally.
  • Start elastic stack using elastic-package.
  • Move to integrations/packages/axonius directory.
  • Run the following command to run tests.

elastic-package test

2025/11/26 16:49:31  INFO New version is available - v0.117.1. Download from: https://github.com/elastic/elastic-package/releases/tag/v0.117.1
Run asset tests for the package
2025/11/26 16:49:31  INFO License text found in "/root/GITHUB/integrations/LICENSE.txt" will be included in package
--- Test results for package: axonius - START ---
╭─────────┬─────────────┬───────────┬──────────────────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE │ DATA STREAM │ TEST TYPE │ TEST NAME                                                        │ RESULT │ TIME ELAPSED │
├─────────┼─────────────┼───────────┼──────────────────────────────────────────────────────────────────┼────────┼──────────────┤
│ axonius │             │ asset     │ dashboard axonius-cc6c1878-aa15-4765-a4d9-76eca1cc4078 is loaded │ PASS   │      1.961µs │
│ axonius │             │ asset     │ search axonius-723a9fbe-5e79-4c85-b6c8-486aa02fd95c is loaded    │ PASS   │        243ns │
│ axonius │ user        │ asset     │ index_template logs-axonius.user is loaded                       │ PASS   │        238ns │
│ axonius │ user        │ asset     │ ingest_pipeline logs-axonius.user-0.1.0 is loaded                │ PASS   │        209ns │
╰─────────┴─────────────┴───────────┴──────────────────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: axonius - END   ---
Done
Run pipeline tests for the package
--- Test results for package: axonius - START ---
╭─────────┬─────────────┬───────────┬──────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE │ DATA STREAM │ TEST TYPE │ TEST NAME                                │ RESULT │ TIME ELAPSED │
├─────────┼─────────────┼───────────┼──────────────────────────────────────────┼────────┼──────────────┤
│ axonius │ user        │ pipeline  │ (ingest pipeline warnings test-user.log) │ PASS   │ 748.512078ms │
│ axonius │ user        │ pipeline  │ test-user.log                            │ PASS   │ 237.300595ms │
╰─────────┴─────────────┴───────────┴──────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: axonius - END   ---
Done
Run policy tests for the package
--- Test results for package: axonius - START ---
No test results
--- Test results for package: axonius - END   ---
Done
Run static tests for the package
--- Test results for package: axonius - START ---
╭─────────┬─────────────┬───────────┬──────────────────────────┬────────┬──────────────╮
│ PACKAGE │ DATA STREAM │ TEST TYPE │ TEST NAME                │ RESULT │ TIME ELAPSED │
├─────────┼─────────────┼───────────┼──────────────────────────┼────────┼──────────────┤
│ axonius │ user        │ static    │ Verify sample_event.json │ PASS   │ 207.716458ms │
╰─────────┴─────────────┴───────────┴──────────────────────────┴────────┴──────────────╯
--- Test results for package: axonius - END   ---
Done
Run system tests for the package
2025/11/26 16:49:37  INFO Installing package...
2025/11/26 16:49:37  INFO License text found in "/root/GITHUB/integrations/LICENSE.txt" will be included in package
2025/11/26 16:49:49  INFO Running test for data_stream "user" with configuration 'default'
2025/11/26 16:49:57  INFO Setting up independent Elastic Agent...
2025/11/26 16:50:09  INFO Setting up service...
2025/11/26 16:50:30  INFO Validating test case...
2025/11/26 16:50:31  INFO Tearing down service...
2025/11/26 16:50:32  INFO Write container logs to file: /root/GITHUB/integrations/build/container-logs/axonius-1764156032894361232.log
2025/11/26 16:50:34  INFO Tearing down agent...
2025/11/26 16:50:34  INFO Write container logs to file: /root/GITHUB/integrations/build/container-logs/elastic-agent-1764156034804125811.log
2025/11/26 16:50:53  INFO Uninstalling package...
--- Test results for package: axonius - START ---
╭─────────┬─────────────┬───────────┬───────────┬────────┬───────────────╮
│ PACKAGE │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │  TIME ELAPSED │
├─────────┼─────────────┼───────────┼───────────┼────────┼───────────────┤
│ axonius │ user        │ system    │ default   │ PASS   │ 42.087523671s │
╰─────────┴─────────────┴───────────┴───────────┴────────┴───────────────╯
--- Test results for package: axonius - END   ---
Done

Screenshots

@muskan-agarwal26 muskan-agarwal26 requested a review from a team as a code owner November 26, 2025 11:25
@muskan-agarwal26 muskan-agarwal26 changed the title Initial commit [axonius][user] Add Axonius User datastream Nov 26, 2025
@muskan-agarwal26 muskan-agarwal26 marked this pull request as draft November 26, 2025 12:34
@andrewkroh andrewkroh added Integration:axonius [Integration not found in source] Crest Contributions from Crest developement team. New Integration Issue or pull request for creating a new integration package. dashboard Relates to a Kibana dashboard bug, enhancement, or modification. documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. labels Nov 26, 2025
@muskan-agarwal26 muskan-agarwal26 closed this by deleting the head repository Nov 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Crest Contributions from Crest developement team. dashboard Relates to a Kibana dashboard bug, enhancement, or modification. documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. Integration:axonius [Integration not found in source] New Integration Issue or pull request for creating a new integration package.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@muskan-agarwal26 @andrewkroh @muskan-crest