Skip to content

Fix skipping Authentication Pipeline in panw panos Integration #10803

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Sep 6, 2024
Merged

Fix skipping Authentication Pipeline in panw panos Integration #10803

merged 7 commits into from
Sep 6, 2024

Conversation

@mick-lue
Copy link
Contributor

PA Firewalls can use type AUTH aswell as AUTHENTICATION for AUTH events. Previously, the pipeline for authentication events was only triggered for AUTHENTICATION

Proposed commit message

Fix skipping authentication pipeline for authentication events with type AUTH

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
@mick-lue
Fix skipping Authentication Pipeline
ee9a168 
PA Firewalls can use type 'AUTH' aswell as 'AUTHENTICATION' for AUTH events
@mick-lue
Update changelog.yml
094748f
@mick-lue
Merge branch 'elastic:main' into patch-1
ab0654b
@mick-lue mick-lue requested a review from a team as a code owner August 16, 2024 11:32
@cla-checker-service
Copy link

cla-checker-service bot commented Aug 16, 2024
edited
Loading

💚 CLA has been signed
@andrewkroh andrewkroh added Integration:panw Palo Alto Next-Gen Firewall needs CLA User must sign the Elastic Contributor License before review. Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices] labels Aug 16, 2024
@elasticmachine
Copy link

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)
@mick-lue
Copy link
Contributor Author

mick-lue commented Aug 19, 2024
edited
Loading

Signed the CLA - not sure where to go from here...
Edit: okay the CLA Checker got it now, perfect
@pkoutsovasilis
Copy link
Contributor

/test
@pkoutsovasilis
Copy link
Contributor

@mick-lue can you please add an raw log entry in test-panw-panos-authentication-sample.log with AUTH so that the pipeline test cover both cases? after this addition run, inside panw package folder, elastic-package test pipeline --generate to see the generated event from you new log entry

Also please generate the changelog with the elastic-package command to update both the changelog.yml and the manifest.yml. Inside panw package folder, run elastic-package changelog add --next patch --description "YOUR_DESCRIPTION" --type bugfix --link LINK_TO_YOUR_PR
@andrewkroh andrewkroh removed the needs CLA User must sign the Elastic Contributor License before review. label Aug 19, 2024
muskan-crest and others added 2 commits August 27, 2024 14:49
@muskan-crest @mick-lue
Initial release of Spycloud (elastic#10608)
6694862 
Initial release of Spycloud Added three data streams - breach_catalog, breach_record and compass. Added data collection logic for all the three data streams. Added the ingest pipeline for all the three data streams. Mapped fields according to the ECS schema and added Fields metadata in the appropriate yml files. Added dashboards and visualizations. Added test for pipeline for all the three data streams. Added system test cases for all the three data streams.
@mick-lue
Merged main into patch-1
c5cc9c4
aleksmaus
aleksmaus suggested changes Aug 27, 2024
View reviewed changes
Copy link
Contributor

@aleksmaus aleksmaus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems outdated, version needs to be updated, manifest version change is not included.
Please update this PR.
@mick-lue
Copy link
Contributor Author

I am on it since today. Got the environment up finally (did the first change via GitHub editor...)
@andrewkroh andrewkroh added the bugfix Pull request that fixes a bug issue label Aug 27, 2024
@mick-lue
Copy link
Contributor Author

PR is up to date. Thanks for your patience! Can be tested now I hope
@mick-lue mick-lue requested a review from aleksmaus August 27, 2024 14:05
aleksmaus
aleksmaus approved these changes Aug 27, 2024
View reviewed changes
Copy link
Contributor

@aleksmaus aleksmaus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thank you!
@andrewkroh
Copy link
Member

/test
@elasticmachine
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport
@elasticmachine
Copy link

💚 Build Succeeded

History
@elastic-sonarqube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube
@taylor-swanson taylor-swanson merged commit 8616f26 into elastic:main Sep 6, 2024
@elasticmachine
Copy link

Package panw - 4.0.3 containing this change is available at https://epr.elastic.co/search?package=panw
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@mick-lue @muskan-crest
[panw] Fix skipping authentication pipeline (elastic#10803)
6b2dba4 
- Fix skipping authentication pipeline for authentication events with type AUTH --------- Co-authored-by: muskan-crest <muskan.agarwal@crestdata.ai>
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@mick-lue @muskan-crest
[panw] Fix skipping authentication pipeline (elastic#10803)
36b658d 
- Fix skipping authentication pipeline for authentication events with type AUTH --------- Co-authored-by: muskan-crest <muskan.agarwal@crestdata.ai>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bugfix Pull request that fixes a bug issue Integration:panw Palo Alto Next-Gen Firewall Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices]

7 participants

@mick-lue @elasticmachine @pkoutsovasilis @andrewkroh @aleksmaus @taylor-swanson @muskan-crest