Skip to content

[osquery] Ensure event.type is an array #13667

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 24, 2025
Merged

[osquery] Ensure event.type is an array #13667

merged 2 commits into from
Apr 24, 2025

Conversation

@taylor-swanson
Copy link
Contributor

@taylor-swanson taylor-swanson commented Apr 24, 2025
edited
Loading

Proposed commit message

  • Changed the set processor for event.type so it sets the value as an array to ensure compliance with ECS.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
    - [ ] I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

cd packages/osquery elastic-package test

Related issues
@taylor-swanson
[osquery] Ensure event.type is an array
722cf1f 
- Changed the set processor for event.type so it sets the value as an array to ensure compliance with ECS.
@taylor-swanson taylor-swanson added bugfix Pull request that fixes a bug issue Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices] Integration:osquery Osquery Logs labels Apr 24, 2025
@taylor-swanson taylor-swanson self-assigned this Apr 24, 2025
@elasticmachine
Copy link

elasticmachine commented Apr 24, 2025

💚 Build Succeeded

cc @taylor-swanson
@elastic-sonarqube
Copy link

elastic-sonarqube bot commented Apr 24, 2025

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube
@taylor-swanson taylor-swanson marked this pull request as ready for review April 24, 2025 13:31
@taylor-swanson taylor-swanson requested a review from a team as a code owner April 24, 2025 13:31
@elasticmachine
Copy link

elasticmachine commented Apr 24, 2025

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)
qcorporation
qcorporation approved these changes Apr 24, 2025
View reviewed changes
Copy link
Contributor

@qcorporation qcorporation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks OK
@taylor-swanson taylor-swanson merged commit 6b5a1e2 into elastic:main Apr 24, 2025
7 checks passed
@taylor-swanson taylor-swanson deleted the bugfix/osquery-ecs-event-type branch April 24, 2025 13:51
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Apr 24, 2025

Package osquery - 1.22.1 containing this change is available at https://epr.elastic.co/package/osquery/1.22.1/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bugfix Pull request that fixes a bug issue Integration:osquery Osquery Logs Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices]

3 participants

@taylor-swanson @elasticmachine @qcorporation