Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add kibana.saved_object.name to audit log schema #175626

Closed
2 of 4 tasks
legrego opened this issue Jan 25, 2024 · 1 comment · Fixed by elastic/integrations#9318, #178350 or elastic/beats#38307
Closed
2 of 4 tasks

Add kibana.saved_object.name to audit log schema #175626

legrego opened this issue Jan 25, 2024 · 1 comment · Fixed by elastic/integrations#9318, #178350 or elastic/beats#38307
Assignees
@kc13greiner
Labels
enhancement New value added to drive a business result Feature:Security/Audit Platform Security - Audit Logging feature NeededFor:ResponseOps Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!

Comments

@legrego
Copy link
Member

legrego commented Jan 25, 2024
edited by kc13greiner
Loading

Relates to #100523.

Our Saved Object audit logs capture the type and id of each saved object, but lack a human-readable component. We need to provide the capability for these audit records to include a friendlier identifier.

Motivation

The response-ops team would like to leverage this name field to enhance the audit logs they are generating. This also takes us one step closer to resolving #100523

Tasks
Beta Give feedback

Out of scope

Explicitly out of scope is the rest of the work to resolve #100523, which includes populating this field for all SO types/operations.
@legrego legrego added Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! enhancement New value added to drive a business result Feature:Security/Audit Platform Security - Audit Logging feature NeededFor:ResponseOps labels Jan 25, 2024
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@kc13greiner kc13greiner self-assigned this Feb 22, 2024
This was referenced Mar 12, 2024
Merged
Merged
Merged
kc13greiner added a commit that referenced this issue Mar 19, 2024
@kc13greiner
Adding name to the so definition for audit events (#178350)
9425de1 
## Summary

Closes #175626

This PR adds a `name` field to the Audit Logging definition of a saved
object. It will be available for consumers to populate

## Related PR

Integrations elastic/integrations#9318
@pmuellr pmuellr mentioned this issue Mar 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kc13greiner kc13greiner

Labels
enhancement New value added to drive a business result Feature:Security/Audit Platform Security - Audit Logging feature NeededFor:ResponseOps Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more!
Projects
None yet
Milestone
No milestone
3 participants
@legrego @elasticmachine @kc13greiner