Skip to content

[qualys_vmdr] Rename and convert fields. Lower case cloud.provider #10966

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 28 commits into from
Sep 3, 2024
Merged

[qualys_vmdr] Rename and convert fields. Lower case cloud.provider #10966

merged 28 commits into from
Sep 3, 2024

Conversation

clement-fouque
Copy link
Contributor

@clement-fouque clement-fouque commented Sep 2, 2024
edited
Loading

Proposed commit message

This PR is doing several things:

Lower case cloud.provider and qualys_vmdr.asset_host_detection.cloud_provider

ECS field cloud.provider provides examples in lowercase. As most elastic field values are lowercase, I think it makes sense to align the Qualys integration. I don't want to have to specify query cloud.provider: "AWS" or cloud.provider: "aws"

Rename fields

Previous field name New field name
qualys_vmdr.asset_host_detection.vulnerability.qds.text qualys_vmdr.asset_host_detection.vulnerability.qds.score
qualys_vmdr.asset_host_detection.affect.exploitable_config qualys_vmdr.asset_host_detection. affect_exploitable_config
qualys_vmdr.asset_host_detection.affect.running.kernel qualys_vmdr.asset_host_detection.affect_running_kernel
qualys_vmdr.asset_host_detection.affect.running.service qualys_vmdr.asset_host_detection.affect_running_service
qualys_vmdr.asset_host_detection.first.found_datetime qualys_vmdr.asset_host_detection.first_found_datetime
qualys_vmdr.asset_host_detection.first.reopened_datetime qualys_vmdr.asset_host_detection.first_reopened_datetime
qualys_vmdr.asset_host_detection.last.fixed_datetime qualys_vmdr.asset_host_detection.last_fixed_datetime
qualys_vmdr.asset_host_detection.last.found_datetime qualys_vmdr.asset_host_detection.last_found_datetime
qualys_vmdr.asset_host_detection.last.processed_datetime qualys_vmdr.asset_host_detection.last_processed_datetime
qualys_vmdr.asset_host_detection.last.reopened_datetime qualys_vmdr.asset_host_detection.last_reopened_datetime
qualys_vmdr.asset_host_detection.last.test_datetime qualys_vmdr.asset_host_detection.last_test_datetime
qualys_vmdr.asset_host_detection.last.update_datetime qualys_vmdr.asset_host_detection.last_update_datetime
qualys_vmdr.asset_host_detection.times.found qualys_vmdr.asset_host_detection.times_found
qualys_vmdr.asset_host_detection.times.reopened qualys_vmdr.asset_host_detection.times_reopened

Convert field types

Field Old type New type
qualys_vmdr.asset_host_detection.asset_id keyword long
qualys_vmdr.asset_host_detection.vulnerability.qds.score (initially text) keyword integer
qualys_vmdr.asset_host_detection.vulnerability.qid keyword integer

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

@clement-fouque clement-fouque added enhancement New feature or request breaking change labels Sep 2, 2024
@clement-fouque clement-fouque self-assigned this Sep 2, 2024
@clement-fouque clement-fouque changed the title Qualys vmdr update [qualys_vmdr] Convert fields and lower case cloud.provider Sep 2, 2024
@elasticmachine
Copy link

elasticmachine commented Sep 2, 2024
edited
Loading

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@clement-fouque clement-fouque marked this pull request as ready for review September 3, 2024 09:53
@clement-fouque clement-fouque requested a review from a team as a code owner September 3, 2024 09:53
@andrewkroh andrewkroh added the Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] label Sep 3, 2024
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@clement-fouque clement-fouque changed the title [qualys_vmdr] Convert fields and lower case cloud.provider [qualys_vmdr] Rename and convert fields. Lower case cloud.provider Sep 3, 2024
efd6
efd6 reviewed Sep 3, 2024
View reviewed changes
clement-fouque and others added 2 commits September 4, 2024 00:00
efd6
efd6 previously approved these changes Sep 3, 2024
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@clement-fouque
Copy link
Contributor Author

@efd6 I pushed the last update (generated sample events from system test). Once the build will be successful, it's ready to be approved and hopefully merged.

@efd6
Copy link
Contributor

efd6 commented Sep 3, 2024

Probably premature, this will fail due to README.md mismatch. Please also elastic-package build.

@efd6 efd6 dismissed their stale review September 3, 2024 22:24

not complete yet

@clement-fouque
Copy link
Contributor Author

Learning is continuing 😉!

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
92.9% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @clement-fouque

@efd6 efd6 merged commit ba8280b into main Sep 3, 2024
5 checks passed
@efd6 efd6 deleted the qualys_vmdr-update branch September 3, 2024 23:16
@elasticmachine
Copy link

Package qualys_vmdr - 5.0.0 containing this change is available at https://epr.elastic.co/search?package=qualys_vmdr

harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@clement-fouque
[qualys_vmdr] Rename and convert fields. Lower case cloud.provider (e…
12162c4 
…lastic#10966)

* Rename fields to match Qualys name.
* Convert numeric fields to long/integer.
* Lowercase `cloud.provider` field.
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@clement-fouque
[qualys_vmdr] Rename and convert fields. Lower case cloud.provider (e…
f1ec250 
…lastic#10966)

* Rename fields to match Qualys name.
* Convert numeric fields to long/integer.
* Lowercase `cloud.provider` field.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

@clement-fouque clement-fouque

Labels
breaking change enhancement New feature or request Integration:qualys_vmdr Qualys VMDR Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@clement-fouque @elasticmachine @efd6 @andrewkroh