Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#12249-9b Updated events.* required fields #12553

Open
wants to merge 7 commits into
base: feature-5255-aruba
Choose a base branch
from
Open

#12249-9b Updated events.* required fields #12553

wants to merge 7 commits into from
+20,687 −3,737

Conversation

qcorporation
Copy link
Contributor

Parent Ticket

#12249

Description

  • generated the expected value from the logs
  • generated but did not properly populate the values for most event types besides LLDP (this will come later)
  • tested that if( xxx != null ) logic works for each event.* field being populated

@qcorporation
Last change for OS 10.15 support
2595ba3 
- updated Power events (3xx), added 320-324
- updated Port events (60x), added 608-609
- updated Redundant Management events (220x)
- updated Replication Manager events (270x)
- updated Proxy ARP events (420x)
- updated Rapid per VLAN Spanning Tree Protocol events (500x), added event 5018
- updated Quality of Service events (570x), added event 5703-5704
- updated QoS ASIC Provider events (580x), added 5807
- updated Port Statistics events (660x)
- updated Power over Ethernet events (79xx), added 7941
- updated Port access roles events (930x), added event 9303
- updated Port security events (940x), added throttle message
- updated RBAC events (1030x)
- added new events PTP events (1210x)
- added new events Port access application-based policy events (1470x)
@qcorporation
Merge branch 'feature-5255-aruba' into aruba-12249-9
5e181d8
@qcorporation
missed Port access group based policy events
3b1624c
@qcorporation
fixing labelling and CI issue
f73574b
@qcorporation
fixed docs
729226a
@qcorporation
Merge branch 'feature-5255-aruba' into aruba-12249-9
b298783
@qcorporation
Created scripts that would populate event.type, event.kind and event.…
7674b7e 
…outcome

- generated the expected value from the logs
- generated but did not properly populate the values for most event types besides LLDP (this will come later)
- tested that if( xxx != null ) logic works for each event.* field being populated
@qcorporation qcorporation added New Integration Issue or pull request for creating a new integration package. Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices] Integration:hpe_aruba_cx [Integration not found in source] labels Jan 31, 2025
@qcorporation qcorporation requested review from gogochan, dwhyrock and a team January 31, 2025 14:39
@qcorporation qcorporation self-assigned this Jan 31, 2025
@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

💚 Build Succeeded

cc @qcorporation

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@qcorporation qcorporation marked this pull request as ready for review January 31, 2025 14:59
@elasticmachine
Copy link

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

dwhyrock
dwhyrock approved these changes Jan 31, 2025
View reviewed changes
Copy link
Contributor

@dwhyrock dwhyrock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'm going to trust that you got the event code parameters correct since i'm not going to go through a over a thousand logs and check the mappings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dwhyrock dwhyrock dwhyrock approved these changes

@gogochan gogochan Awaiting requested review from gogochan

Assignees

@qcorporation qcorporation

Labels
Integration:hpe_aruba_cx [Integration not found in source] New Integration Issue or pull request for creating a new integration package. Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@qcorporation @elasticmachine @dwhyrock