Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update supported log types with recent logs #5700

Closed
wants to merge 3 commits into from
Closed

Update supported log types with recent logs #5700

wants to merge 3 commits into from

Conversation

Naarcha-AWS
Copy link
Collaborator

Fixes issue #5145

Checklist

  • By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and subject to the Developers Certificate of Origin.
    For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@Naarcha-AWS
Update supported log types with recent logs
deeef6c 
Fixes issue #5145.

Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
@Naarcha-AWS Naarcha-AWS self-assigned this Nov 29, 2023
@Naarcha-AWS Naarcha-AWS added backport 2.11 PR: Backport label for 2.11 security-analytics 3 - Tech review PR: Tech review in progress labels Nov 29, 2023
@Naarcha-AWS
Apply suggestions from code review
320514c 
Signed-off-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
@eirsep
Copy link
Member

eirsep commented Dec 12, 2023
edited
Loading

thanks for making this change @Naarcha-AWS
It would be very valuable for us to actually mention what are the field mappings for each log type that we use in our rule names (these are static configurations found in the plugin repo on Opensearch-Project)
That way users who have divergence in their mappings can be guided on how to using security analytics create mappings api as part of detector creation

@Naarcha-AWS
Copy link
Collaborator Author

Amardeepsingh is going to help me finalize this PR with some updated content. Keeping this open, but its on hold for now.

@Naarcha-AWS Naarcha-AWS added Blocked PR: Cannot move forward without assistance Needs SME Waiting on input from subject matter expert labels Dec 12, 2023
@Naarcha-AWS
Copy link
Collaborator Author

Closing this in favor of #6235

@Naarcha-AWS Naarcha-AWS deleted the security-log-types-update branch March 28, 2024 23:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hdhalter hdhalter Awaiting requested review from hdhalter

@kolchfa-aws kolchfa-aws Awaiting requested review from kolchfa-aws kolchfa-aws is a code owner

@vagimeli vagimeli Awaiting requested review from vagimeli

@ananzh ananzh Awaiting requested review from ananzh

@AMoo-Miki AMoo-Miki Awaiting requested review from AMoo-Miki AMoo-Miki is a code owner

@natebower natebower Awaiting requested review from natebower natebower is a code owner

Assignees

@Naarcha-AWS Naarcha-AWS

Labels
3 - Tech review PR: Tech review in progress backport 2.11 PR: Backport label for 2.11 Blocked PR: Cannot move forward without assistance Needs SME Waiting on input from subject matter expert security-analytics
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Naarcha-AWS @eirsep