Metricbeat Module / Dataset release checklist

This checklist is intended for Devs which create or update a module to make sure modules are consistent.

Modules

For a metricset to go GA, the following criterias should be met:

• Supported versions are documented
• Supported operating systems are documented (if applicable)
• Integration tests exist
• System tests exist
• Automated checks that all fields are documented
• Documentation
• Fields follow ECS and naming conventions
• Dashboards exists (if applicable)
• Kibana Home Tutorial (if applicable)
  • Open PR against Kibana repo with tutorial. Examples can be found here.

Filebeat module

• Test log files exist for the grok patterns
• Generated output for at least 1 log file exists

Metricbeat module

• Example data.json exists and an automated way to generate it exists (go test -data)
• Test environment in Docker exist for integration tests

Hi Elastic team,

I'm interested on a module Microsoft Graph API Security to fetch logs from there to Filebeat. In one word, reopening issue #26878 (Filebeat Module - Microsoft Graph API Security).

A lot of Microsoft insights are being fetched through Filebeat modules tho, one important is missing in my opinion.
Microsoft Graph API Security https://docs.microsoft.com/en-us/graph/api/resources/security-api-overview?view=graph-rest-1.0

Especially the alerts. There is already the Microsoft Module which include M365Defender but the graph API security endpoint offer theses alerts along with multiple others.

Thank you in advance.

Kind regards,

Rex