Skip to content

m365_defender: ensure $skip parameter is correctly formatted #15392

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 18, 2025
Merged

m365_defender: ensure $skip parameter is correctly formatted #15392

merged 2 commits into from
Sep 18, 2025

Conversation

efd6
Copy link
Contributor

@efd6 efd6 commented Sep 18, 2025

Proposed commit message

m365_defender: ensure $skip parameter is correctly formatted

The values used to populate this parameter can be greater than the
cutover to e-notation for doubles, so convert to int before converting
to string.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

@efd6 efd6 self-assigned this Sep 18, 2025
@efd6 efd6 added Integration:m365_defender Microsoft Defender XDR bugfix Pull request that fixes a bug issue Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] labels Sep 18, 2025
@efd6 efd6 force-pushed the s6433-m365_defender branch 2 times, most recently from 68b7e1b to e6838bf Compare September 18, 2025 09:15
@efd6
m365_defender: ensure $skip parameter is correctly formatted
1a61b11 
The values used to populate this parameter can be greater than the
cutover to e-notation for doubles, so convert to int before converting
to string.
@efd6 efd6 force-pushed the s6433-m365_defender branch from e6838bf to 1a61b11 Compare September 18, 2025 09:16
@efd6
Copy link
Contributor Author

efd6 commented Sep 18, 2025
edited
Loading

The failures here are both unrelated and cosmetic, and unfixable until 8.19.4 is released since it depends on elastic/beats#46332. However, this change is fixing a real issue. So it would be good if on approval this could be merged despite the failures in alert and incident (I have added changes that will pick up the fix in those data streams when the stack is updated).

@efd6 efd6 marked this pull request as ready for review September 18, 2025 10:15
@efd6 efd6 requested a review from a team as a code owner September 18, 2025 10:15
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@efd6 efd6 requested a review from a team September 18, 2025 10:16
@efd6 efd6 force-pushed the s6433-m365_defender branch from b5482bd to be65262 Compare September 18, 2025 10:17
@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @efd6

@kcreddy
Copy link
Contributor

kcreddy commented Sep 18, 2025

hope for the future

Curious how the CI passed after adding do_not_log_failure: true when the fix was added to 8.19.4 but integration's min stack version is 8.19.2.

@efd6 efd6 merged commit 88930ee into elastic:main Sep 18, 2025
9 checks passed
@elastic-vault-github-plugin-prod
Copy link

Package m365_defender - 4.0.2 containing this change is available at https://epr.elastic.co/package/m365_defender/4.0.2/

kcreddy added a commit that referenced this pull request Sep 26, 2025
@kcreddy
microsoft_defender_endpoint: ensure $skip parameter is correctly form…
9e09eb3 
…atted (#15471)

microsoft_defender_endpoint: ensure $skip parameter is correctly formatted

The values used to populate this parameter can be greater than the
cutover to e-notation for doubles, so convert to int before converting
to string.

Fix is similar to #15392 as it the same API and CEL program.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees

@efd6 efd6

Labels

bugfix Pull request that fixes a bug issue Integration:m365_defender Microsoft Defender XDR Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@efd6 @elasticmachine @kcreddy @andrewkroh