[Google Workspace] Fixed a bug where a panel in the Login Dashboard did not filter correctly. #12628
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
StacieClark-Elastic added bug 
Fixed a bug where a panel in the Login Dashboard did not filter correctly. The 'Successful Logins by Compromised Users [Logs Google Workspace]' panel showed all logins. The panel was renamed to accurately describe the data being shown after a filter for google_workspace.login.is_suspicious: true was added. Updated ingest to store google_workspace.login data that are boolValue to capture is_suspicious flag on logins. Changed name of panel 'Successful Logins by Compromised Users [Logs Google Workspace]' to 'Successful Logins that are Suspicious [Logs Google Workspace]'. Added filter for google_workspace.login.is_suspicious: true to renamed panel.
added correct PR number
andrewkroh force-pushed the bugfix/add-missing-filter-to-a-login-dashboard-panel branch from 560593d to 6797d04 Compare 
🚀 Benchmarks reportPackage |
| Data stream | Previous EPS | New EPS | Diff (%) | Result |
|---|---|---|---|---|
login | 9090.91 | 7194.24 | -1896.67 (-20.86%) | 💔 |
user_accounts | 18518.52 | 13333.33 | -5185.19 (-28%) | 💔 |
To see the full report comment with /test benchmark fullreport
chemamartinez approved these changes Feb 11, 2025
Contributor
chemamartinez left a comment
chemamartinez left a comment There was a problem hiding this comment.
LGTM! Please solve conflicts before merging it.
Merged main and fixed conflicts
💚 Build Succeeded
History
|
|
StacieClark-Elastic deleted the bugfix/add-missing-filter-to-a-login-dashboard-panel branch | Package google_workspace - 2.30.4 containing this change is available at https://epr.elastic.co/package/google_workspace/2.30.4/ |
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Fixed a bug where a panel in the Login Dashboard did not filter correctly. The 'Successful Logins by Compromised Users [Logs Google Workspace]' panel showed all logins. The panel was renamed to accurately describe the data being shown after a filter for google_workspace.login.is_suspicious: true was added. Updated ingest to store google_workspace.login data that are boolValue to capture is_suspicious flag on logins. Changed name of panel 'Successful Logins by Compromised Users [Logs Google Workspace]' to 'Successful Logins that are Suspicious [Logs Google Workspace]'. Added filter for google_workspace.login.is_suspicious: true to renamed panel.
Checklist
changelog.ymlfile.How to test this PR locally
Load the test data into the local elastic stack:
In the google_workspace package directory
Related issues
Successful Logins by Compromised Userspanel #8745