Skip to content

[symantec_endpoint_security] Merge Symantec EDR Cloud into Symantec Endpoint Security #10530

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 26, 2024
Merged

[symantec_endpoint_security] Merge Symantec EDR Cloud into Symantec Endpoint Security #10530

merged 3 commits into from
Jul 26, 2024

Conversation

janvi-elastic
Copy link
Contributor

@janvi-elastic janvi-elastic commented Jul 18, 2024
edited
Loading

Type of change

  • Enhancement

Proposed commit message

  • Add incident data-stream of Symantec EDR Cloud into Symantec Endpoint Security.
  • Update Table of Contents of all dashboards.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

  • Clone integrations repo.
  • Install elastic package locally.
  • Start elastic stack using elastic-package.
  • Move to integrations/packages/symantec_endpoint_security directory.
  • Run the following command to run tests.

elastic-package test

--- Test results for package: symantec_endpoint_security - START ---
╭────────────────────────────┬─────────────┬───────────┬───────────┬────────┬────────────────╮
│ PACKAGE                    │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │   TIME ELAPSED │
├────────────────────────────┼─────────────┼───────────┼───────────┼────────┼────────────────┤
│ symantec_endpoint_security │ event       │ system    │ default   │ PASS   │ 2m8.694973658s │
│ symantec_endpoint_security │ incident    │ system    │ default   │ PASS   │  36.991390064s │
╰────────────────────────────┴─────────────┴───────────┴───────────┴────────┴────────────────╯
--- Test results for package: symantec_endpoint_security - END   ---
Done
--- Test results for package: symantec_endpoint_security - START ---
╭────────────────────────────┬─────────────┬───────────┬──────────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE                    │ DATA STREAM │ TEST TYPE │ TEST NAME                                                │ RESULT │ TIME ELAPSED │
├────────────────────────────┼─────────────┼───────────┼──────────────────────────────────────────────────────────┼────────┼──────────────┤
│ symantec_endpoint_security │ event       │ pipeline  │ (ingest pipeline warnings test-category-application.log) │ PASS   │ 364.089605ms │
│ symantec_endpoint_security │ event       │ pipeline  │ (ingest pipeline warnings test-category-audit.log)       │ PASS   │ 306.423918ms │
│ symantec_endpoint_security │ event       │ pipeline  │ (ingest pipeline warnings test-category-diagnostic.log)  │ PASS   │ 292.880368ms │
│ symantec_endpoint_security │ event       │ pipeline  │ (ingest pipeline warnings test-category-license.log)     │ PASS   │  313.24475ms │
│ symantec_endpoint_security │ event       │ pipeline  │ (ingest pipeline warnings test-category-security.log)    │ PASS   │ 284.728507ms │
│ symantec_endpoint_security │ event       │ pipeline  │ (ingest pipeline warnings test-category-system.log)      │ PASS   │ 282.881417ms │
│ symantec_endpoint_security │ event       │ pipeline  │ test-category-application.log                            │ PASS   │ 3.661320534s │
│ symantec_endpoint_security │ event       │ pipeline  │ test-category-audit.log                                  │ PASS   │ 1.401408111s │
│ symantec_endpoint_security │ event       │ pipeline  │ test-category-diagnostic.log                             │ PASS   │ 799.963301ms │
│ symantec_endpoint_security │ event       │ pipeline  │ test-category-license.log                                │ PASS   │ 911.965757ms │
│ symantec_endpoint_security │ event       │ pipeline  │ test-category-security.log                               │ PASS   │ 8.131367082s │
│ symantec_endpoint_security │ event       │ pipeline  │ test-category-system.log                                 │ PASS   │ 7.365000171s │
│ symantec_endpoint_security │ incident    │ pipeline  │ (ingest pipeline warnings test-incident.log)             │ PASS   │  264.28448ms │
│ symantec_endpoint_security │ incident    │ pipeline  │ test-incident.log                                        │ PASS   │ 102.452417ms │
╰────────────────────────────┴─────────────┴───────────┴──────────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: symantec_endpoint_security - END   ---
Done
--- Test results for package: symantec_endpoint_security - START ---
╭────────────────────────────┬─────────────┬───────────┬─────────────────────────────────────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE                    │ DATA STREAM │ TEST TYPE │ TEST NAME                                                                           │ RESULT │ TIME ELAPSED │
├────────────────────────────┼─────────────┼───────────┼─────────────────────────────────────────────────────────────────────────────────────┼────────┼──────────────┤
│ symantec_endpoint_security │             │ asset     │ dashboard symantec_endpoint_security-2926c4d6-8bd4-4591-b16f-9a2fe92d9537 is loaded │ PASS   │      1.259µs │
│ symantec_endpoint_security │             │ asset     │ dashboard symantec_endpoint_security-307802ca-681c-42d5-9518-93d8cb3f9cc6 is loaded │ PASS   │        353ns │
│ symantec_endpoint_security │             │ asset     │ dashboard symantec_endpoint_security-48a8e233-f36c-4acb-99f2-c348c6781f6f is loaded │ PASS   │        368ns │
│ symantec_endpoint_security │             │ asset     │ dashboard symantec_endpoint_security-8f4d2ce2-c5f2-421f-be7b-ffde36b86a0f is loaded │ PASS   │        386ns │
│ symantec_endpoint_security │             │ asset     │ dashboard symantec_endpoint_security-a1361bd2-d3ef-4ee3-8dfa-4930bb91be4a is loaded │ PASS   │        901ns │
│ symantec_endpoint_security │             │ asset     │ dashboard symantec_endpoint_security-bfbe8f7e-74af-4f0e-9037-793baa3709d5 is loaded │ PASS   │        390ns │
│ symantec_endpoint_security │             │ asset     │ dashboard symantec_endpoint_security-ca452d05-b541-49e3-aa31-61d619188235 is loaded │ PASS   │        399ns │
│ symantec_endpoint_security │             │ asset     │ search symantec_endpoint_security-fcfc6277-7973-4116-8358-a20c3d8f7663 is loaded    │ PASS   │        462ns │
│ symantec_endpoint_security │ event       │ asset     │ index_template logs-symantec_endpoint_security.event is loaded                      │ PASS   │        383ns │
│ symantec_endpoint_security │ event       │ asset     │ ingest_pipeline logs-symantec_endpoint_security.event-0.3.0 is loaded               │ PASS   │        186ns │
│ symantec_endpoint_security │ incident    │ asset     │ index_template logs-symantec_endpoint_security.incident is loaded                   │ PASS   │        403ns │
│ symantec_endpoint_security │ incident    │ asset     │ ingest_pipeline logs-symantec_endpoint_security.incident-0.3.0 is loaded            │ PASS   │      1.157µs │
╰────────────────────────────┴─────────────┴───────────┴─────────────────────────────────────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: symantec_endpoint_security - END   ---
Done
Run static tests for the package
--- Test results for package: symantec_endpoint_security - START ---
╭────────────────────────────┬─────────────┬───────────┬──────────────────────────┬────────┬──────────────╮
│ PACKAGE                    │ DATA STREAM │ TEST TYPE │ TEST NAME                │ RESULT │ TIME ELAPSED │
├────────────────────────────┼─────────────┼───────────┼──────────────────────────┼────────┼──────────────┤
│ symantec_endpoint_security │ event       │ static    │ Verify sample_event.json │ PASS   │ 649.387377ms │
│ symantec_endpoint_security │ incident    │ static    │ Verify sample_event.json │ PASS   │  127.00076ms │
╰────────────────────────────┴─────────────┴───────────┴──────────────────────────┴────────┴──────────────╯
--- Test results for package: symantec_endpoint_security - END   ---
Done

Related issues

@janvi-elastic janvi-elastic requested a review from a team as a code owner July 18, 2024 11:10
@kcreddy kcreddy added Crest Contributions from Crest developement team. Integration:symantec_endpoint_security Symantec Endpoint Security enhancement New feature or request Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] labels Jul 19, 2024
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@jamiehynds
Copy link

@janvi-elastic as part of this merging of Symantec integrations, could you also add an issue to deprecate the EDR Cloud integration. This will avoid confusion as to which integration to use - we should only have one (i.e. Symantec Endpoint Security)

efd6
efd6 reviewed Jul 22, 2024
View reviewed changes
@elasticmachine
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
94.1% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@elasticmachine
Copy link

💚 Build Succeeded

History

@janvi-elastic janvi-elastic requested a review from efd6 July 23, 2024 09:27
efd6
efd6 approved these changes Jul 26, 2024
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@efd6 efd6 merged commit 3bca581 into elastic:main Jul 26, 2024
5 checks passed
@elasticmachine
Copy link

Package symantec_endpoint_security - 0.3.0 containing this change is available at https://epr.elastic.co/search?package=symantec_endpoint_security

harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@janvi-elastic
[symantec_endpoint_security] Merge Symantec EDR Cloud into Symantec E…
9ff87e2 
…ndpoint Security (elastic#10530)

* Add incident data-stream of Symantec EDR Cloud into Symantec Endpoint
  Security.
* Update Table of Contents of all dashboards.
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@janvi-elastic
[symantec_endpoint_security] Merge Symantec EDR Cloud into Symantec E…
0f73762 
…ndpoint Security (elastic#10530)

* Add incident data-stream of Symantec EDR Cloud into Symantec Endpoint
  Security.
* Update Table of Contents of all dashboards.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees
No one assigned
Labels
Crest Contributions from Crest developement team. enhancement New feature or request Integration:symantec_endpoint_security Symantec Endpoint Security Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Symantec] Combining EDR Cloud and SES Integrations
5 participants
@janvi-elastic @elasticmachine @jamiehynds @efd6 @kcreddy