Skip to content

Updated description on ssl node in package level manifest.yml to be uniform and include links to online documentation for integrations owned by security-service-integrations #12781

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 19, 2025
Merged

Updated description on ssl node in package level manifest.yml to be uniform and include links to online documentation for integrations owned by security-service-integrations #12781

merged 1 commit into from
Feb 19, 2025

Conversation

StacieClark-Elastic
Copy link
Member

Proposed commit message

Updates description field on ssl nodes in package level manifest.yml file to include links to online documentation and to be consistent with other integrations. Changes are for integrations owned by security-service-integrations

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • [ x] I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

Originally, we updated the descriptions on all the files in integration. This created some issues with so many teams needing to validate the files. This is currently a partial update with files that are owned by security-service-integrations.

git diff main | grep description: | grep + | sort -u
results in the update fields for the ssl node description and the changelog.yml

Related issues

@StacieClark-Elastic StacieClark-Elastic added the bugfix Pull request that fixes a bug issue label Feb 13, 2025
@StacieClark-Elastic StacieClark-Elastic force-pushed the bugfix/update-ssl-option-descriptions-package-manifest-security-service-integration-12705 branch from 46846a2 to 36432b1 Compare February 13, 2025 21:53
@StacieClark-Elastic StacieClark-Elastic added Integration:snyk Snyk Integration:okta Okta Integration:proofpoint_tap Proofpoint TAP Integration:cloudflare Cloudflare (Community supported) Integration:tenable_sc Tenable Security Center Integration:zscaler_zpa Zscaler Private Access Integration:zscaler_zia Zscaler Internet Access Integration:netskope Netskope Integration:1password 1Password (Partner supported) Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:sentinel_one SentinelOne Integration:slack Slack Logs (Community supported) Integration:m365_defender Microsoft Defender XDR Integration:infoblox_nios Infoblox NIOS Integration:infoblox_bloxone_ddi Infoblox BloxOne DDI Integration:microsoft_exchange_online_message_trac Microsoft Exchange Online Message Trace Integration:lastpass LastPass Integration:trend_micro_vision_one Trend Micro Vision One Integration:darktrace Darktrace Integration:tanium Tanium Integration:tenable_io Tenable Vulnerability Management Integration:cloudflare_logpush Cloudflare Logpush Integration:forgerock ForgeRock Integration:f5_bigip F5 BIG-IP Integration:zeronetworks Zero Networks (Partner supported) Integration:google_scc Google Security Command Center Integration:bitwarden Bitwarden Integration:ti_rapid7_threat_command Rapid7 Threat Command (Partner supported) labels Feb 13, 2025
@elastic-vault-github-plugin-prod
Copy link

Package sentinel_one - 1.29.1 containing this change is available at https://epr.elastic.co/package/sentinel_one/1.29.1/

@elastic-vault-github-plugin-prod
Copy link

Package sentinel_one_cloud_funnel - 1.8.2 containing this change is available at https://epr.elastic.co/package/sentinel_one_cloud_funnel/1.8.2/

@elastic-vault-github-plugin-prod
Copy link

Package slack - 1.24.1 containing this change is available at https://epr.elastic.co/package/slack/1.24.1/

@elastic-vault-github-plugin-prod
Copy link

Package snyk - 1.27.1 containing this change is available at https://epr.elastic.co/package/snyk/1.27.1/

@elastic-vault-github-plugin-prod
Copy link

Package sophos_central - 1.18.1 containing this change is available at https://epr.elastic.co/package/sophos_central/1.18.1/

@elastic-vault-github-plugin-prod
Copy link

Package spycloud - 1.2.1 containing this change is available at https://epr.elastic.co/package/spycloud/1.2.1/

@elastic-vault-github-plugin-prod
Copy link

Package sublime_security - 1.5.1 containing this change is available at https://epr.elastic.co/package/sublime_security/1.5.1/

@elastic-vault-github-plugin-prod
Copy link

Package symantec_edr_cloud - 1.8.1 containing this change is available at https://epr.elastic.co/package/symantec_edr_cloud/1.8.1/

@elastic-vault-github-plugin-prod
Copy link

Package symantec_endpoint_security - 1.7.1 containing this change is available at https://epr.elastic.co/package/symantec_endpoint_security/1.7.1/

@elastic-vault-github-plugin-prod
Copy link

Package tanium - 1.14.1 containing this change is available at https://epr.elastic.co/package/tanium/1.14.1/

@elastic-vault-github-plugin-prod
Copy link

Package tenable_io - 3.6.2 containing this change is available at https://epr.elastic.co/package/tenable_io/3.6.2/

@elastic-vault-github-plugin-prod
Copy link

Package tenable_sc - 1.28.2 containing this change is available at https://epr.elastic.co/package/tenable_sc/1.28.2/

@elastic-vault-github-plugin-prod
Copy link

Package ti_crowdstrike - 2.3.1 containing this change is available at https://epr.elastic.co/package/ti_crowdstrike/2.3.1/

@elastic-vault-github-plugin-prod
Copy link

Package ti_eclecticiq - 1.3.2 containing this change is available at https://epr.elastic.co/package/ti_eclecticiq/1.3.2/

@elastic-vault-github-plugin-prod
Copy link

Package ti_opencti - 2.5.1 containing this change is available at https://epr.elastic.co/package/ti_opencti/2.5.1/

@elastic-vault-github-plugin-prod
Copy link

Package ti_rapid7_threat_command - 2.3.1 containing this change is available at https://epr.elastic.co/package/ti_rapid7_threat_command/2.3.1/

@elastic-vault-github-plugin-prod
Copy link

Package ti_threatconnect - 1.7.1 containing this change is available at https://epr.elastic.co/package/ti_threatconnect/1.7.1/

@elastic-vault-github-plugin-prod
Copy link

Package trellix_edr_cloud - 1.6.1 containing this change is available at https://epr.elastic.co/package/trellix_edr_cloud/1.6.1/

@elastic-vault-github-plugin-prod
Copy link

Package trellix_epo_cloud - 1.14.1 containing this change is available at https://epr.elastic.co/package/trellix_epo_cloud/1.14.1/

@elastic-vault-github-plugin-prod
Copy link

Package trend_micro_vision_one - 1.25.1 containing this change is available at https://epr.elastic.co/package/trend_micro_vision_one/1.25.1/

@elastic-vault-github-plugin-prod
Copy link

Package wiz - 2.8.1 containing this change is available at https://epr.elastic.co/package/wiz/2.8.1/

@elastic-vault-github-plugin-prod
Copy link

Package zeronetworks - 1.17.2 containing this change is available at https://epr.elastic.co/package/zeronetworks/1.17.2/

@elastic-vault-github-plugin-prod
Copy link

Package zscaler_zia - 3.7.1 containing this change is available at https://epr.elastic.co/package/zscaler_zia/3.7.1/

@elastic-vault-github-plugin-prod
Copy link

Package zscaler_zpa - 1.20.1 containing this change is available at https://epr.elastic.co/package/zscaler_zpa/1.20.1/

@kcreddy kcreddy mentioned this pull request Feb 25, 2025
Merged
4 tasks
@kcreddy kcreddy mentioned this pull request Mar 7, 2025
Merged
5 tasks
flexitrev pushed a commit that referenced this pull request Mar 20, 2025
@StacieClark-Elastic @flexitrev
bugfix/update-ssl-option-descriptions-package-manifest-security-servi…
114ea77 
…ce-integration-12705 (#12781)

Updates description field on ssl nodes in package level manifest.yml file to include links to online documentation and to be consistent with other integrations.
Changes are for integrations owned by security-service-integration
@ilcomix
Copy link

ilcomix commented May 12, 2025
edited
Loading

Has anyone else experienced issues with the ingestion pipeline (default pipeline for the SentinelOne integration) logs-sentinel_one.agent-1.29.1?
I'm encountering a parse error in every document ingested for the sentinel_one.agent dataset, specifically: "field [host.name] already exists".
To resolve this, I created a custom pipeline and applied it as the default pipeline within a custom package, which was then assigned to a custom index template.
However, I would appreciate it if this issue could be addressed in the integration itself.

Is there any additional information about my cluster that would help explain why this is happening? I'd be happy to provide further details if needed.

@efd6
Copy link
Contributor

efd6 commented May 12, 2025
edited
Loading

@ilcomix Please file an issue. Include the version from which you upgraded in the issue; there is no change in this set of changes that impacts ingest, so if there is a change in the integration that caused this for you, it must have been in another commit.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@efd6 efd6 efd6 approved these changes

Assignees
No one assigned
Labels
bugfix Pull request that fixes a bug issue Integration:abnormal_security Abnormal AI Integration:authentik authentik Integration:bitwarden Bitwarden Integration:blacklens blacklens.io (Community supported) Integration:carbon_black_cloud VMware Carbon Black Cloud Integration:checkpoint_email Check Point Harmony Email & Collaboration Integration:claroty_ctd Claroty CTD Integration:cloudflare_logpush Cloudflare Logpush Integration:cloudflare Cloudflare (Community supported) Integration:crowdstrike CrowdStrike Integration:cyberark_epm CyberArk EPM Integration:cybereason Cybereason Integration:darktrace Darktrace Integration:f5_bigip F5 BIG-IP Integration:first_epss First EPSS (Community supported) Integration:forgerock ForgeRock Integration:google_scc Google Security Command Center Integration:infoblox_bloxone_ddi Infoblox BloxOne DDI Integration:infoblox_nios Infoblox NIOS Integration:jamf_pro Jamf Pro Integration:jamf_protect Jamf Protect (Partner supported) Integration:lastpass LastPass Integration:m365_defender Microsoft Defender XDR Integration:menlo Menlo Security Integration:microsoft_exchange_online_message_trac Microsoft Exchange Online Message Trace Integration:microsoft_sentinel Microsoft Sentinel Integration:netskope Netskope Integration:okta Okta Integration:ping_one PingOne Integration:pps Pleasant Password Server (Community supported) Integration:prisma_cloud Palo Alto Prisma Cloud Integration:proofpoint_tap Proofpoint TAP Integration:rapid7_insightvm Rapid7 InsightVM Integration:sentinel_one_cloud_funnel SentinelOne Cloud Funnel Integration:sentinel_one SentinelOne Integration:slack Slack Logs (Community supported) Integration:snyk Snyk Integration:sophos_central Sophos Central Integration:spycloud SpyCloud Enterprise Protection (Partner supported) Integration:sublime_security Sublime Security Integration:symantec_edr_cloud Symantec EDR Cloud (Deprecated) [Integration not found in source] Integration:symantec_endpoint_security Symantec Endpoint Security Integration:tanium Tanium Integration:tenable_io Tenable Vulnerability Management Integration:tenable_sc Tenable Security Center Integration:ti_crowdstrike CrowdStrike Falcon Intelligence Integration:ti_eclecticiq EclecticIQ (Partner supported) Integration:ti_opencti OpenCTI Integration:ti_rapid7_threat_command Rapid7 Threat Command (Partner supported) Integration:ti_threatconnect ThreatConnect (Partner supported) Integration:trellix_edr_cloud Trellix EDR Cloud Integration:trellix_epo_cloud Trellix ePO Cloud Integration:trend_micro_vision_one Trend Micro Vision One Integration:wiz Wiz Integration:zeronetworks Zero Networks (Partner supported) Integration:zscaler_zia Zscaler Internet Access Integration:zscaler_zpa Zscaler Private Access Integration:1password 1Password (Partner supported) Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Documentation changes for package level SSL nodes for integrations owned by security-services-integration
5 participants
@StacieClark-Elastic @elasticmachine @ilcomix @efd6 @andrewkroh