Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[7.x](backport #27638) Filebeat auditd: Fix Top Exec Commands dashboard visualization #27646

Merged
merged 1 commit into from
Aug 30, 2021
Merged

[7.x](backport #27638) Filebeat auditd: Fix Top Exec Commands dashboard visualization #27646

merged 1 commit into from
Aug 30, 2021

Conversation

adriansr
Copy link
Contributor

@adriansr adriansr commented Aug 30, 2021
edited
Loading

This is a manual backport of pull request #27638 for the 7.x branch, as dashboards have changed name and format in master, it's easier to merge a custom fix.

@adriansr
Filebeat auditd: Fix Top Exec Commands dashboard visualization (elast…
40a9c7b 
…ic#27638)

This visualization was expecting an uppercase EXECVE value in
event.action while the ingest pipeline was lowercasing this value.
@adriansr adriansr added bug Team:Security-External Integrations backport-v7.14.0 Automated backport with mergify backport-v7.15.0 Automated backport with mergify labels Aug 30, 2021
@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Aug 30, 2021
@elasticmachine
Copy link
Collaborator

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2021-08-30T14:16:19.768+0000

  • Duration: 104 min 21 sec

  • Commit: 40a9c7b

Test stats 🧪

Test Results
Failed 0
Passed 14563
Skipped 2327
Total 16890

Trends 🧪

Image of Build Times

Image of Tests

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 14563
Skipped 2327
Total 16890

@adriansr adriansr merged commit 9b574ef into elastic:7.x Aug 30, 2021
mergify bot pushed a commit that referenced this pull request Aug 30, 2021
@adriansr
Filebeat auditd: Fix Top Exec Commands dashboard visualization (#27638)…
1b398b1 
… (#27646)

This visualization was expecting an uppercase EXECVE value in
event.action while the ingest pipeline was lowercasing this value.

(cherry picked from commit 9b574ef)

# Conflicts:
#	filebeat/module/auditd/_meta/kibana/7/dashboard/Filebeat-auditd.ndjson
@mergify mergify bot mentioned this pull request Aug 30, 2021
Merged
mergify bot pushed a commit that referenced this pull request Aug 30, 2021
@adriansr
Filebeat auditd: Fix Top Exec Commands dashboard visualization (#27638)…
1da6b71 
… (#27646)

This visualization was expecting an uppercase EXECVE value in
event.action while the ingest pipeline was lowercasing this value.

(cherry picked from commit 9b574ef)
@mergify mergify bot mentioned this pull request Aug 30, 2021
Closed
@adriansr adriansr mentioned this pull request Aug 31, 2021
Merged
adriansr added a commit that referenced this pull request Aug 31, 2021
@adriansr
Filebeat auditd: Fix Top Exec Commands dashboard visualization (#27638)…
e3c9257 
… (#27646)

This visualization was expecting an uppercase EXECVE value in
event.action while the ingest pipeline was lowercasing this value.

(cherry picked from commit 9b574ef)
adriansr added a commit that referenced this pull request Aug 31, 2021
@mergify @adriansr
Filebeat auditd: Fix Top Exec Commands dashboard visualization (#27638)…
f230b31 
… (#27646) (#27649)

This visualization was expecting an uppercase EXECVE value in
event.action while the ingest pipeline was lowercasing this value.

(cherry picked from commit 9b574ef)

Co-authored-by: Adrian Serrano <adrisr83@gmail.com>
adriansr added a commit that referenced this pull request Aug 31, 2021
@adriansr
Re-apply fix for auditd dashboard (#27672)
a389f38 
Re-applies the fix introduced by #27646, as it's been reverted in #27636.
This is caused by merging PRs in a different order than in master.
mergify bot pushed a commit that referenced this pull request Aug 31, 2021
@adriansr
Re-apply fix for auditd dashboard (#27672)
3653271 
Re-applies the fix introduced by #27646, as it's been reverted in #27636.
This is caused by merging PRs in a different order than in master.

(cherry picked from commit a389f38)
adriansr pushed a commit that referenced this pull request Aug 31, 2021
@mergify
[7.15](backport #27672) Re-apply fix for auditd dashboard (#27673)
c5df499 
Re-applies the fix introduced by #27646, as it's been reverted in #27636.
This is caused by merging PRs in a different order than in master.

(cherry picked from commit a389f38)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
backport-v7.14.0 Automated backport with mergify backport-v7.15.0 Automated backport with mergify bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@adriansr @elasticmachine