-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify capabilities of the Filebeat auditd module #17068
Conversation
Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module
Pinging @elastic/siem (Team:SIEM) |
Hope you don't mind me commenting on this draft-level PR. The CI intake job is failing because you've updated a generated file. You need to update this file instead: beats/filebeat/module/auditd/_meta/docs.asciidoc Then run If you don't have your development environment set up, I can always run the update and push it to your branch. (I'm on vacation next week, though, so remind me when I'm back.) |
💔 Build FailedExpand to view the summary
Build stats
Steps errorsExpand to view the steps failures
Log outputExpand to view the last 100 lines of log output
|
Hey @dedemorton, sorry I forgot about this one and do not have a dev environment. As mentioned in #17068 (comment), would you be able to update the branch for me? |
So I made a little edit to your text, but it's weird because my second edit didn't get picked up by the update script. Anyhow, I'll figure out what's wrong and push another commit soon. |
jenkins run the tests please |
* Update filebeat/docs/modules/auditd.asciidoc Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module * Edit text and run make update * Run make update again Co-authored-by: DeDe Morton <dede.morton@elastic.co>
* Update filebeat/docs/modules/auditd.asciidoc Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module * Edit text and run make update * Run make update again Co-authored-by: DeDe Morton <dede.morton@elastic.co>
* Update filebeat/docs/modules/auditd.asciidoc Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module * Edit text and run make update * Run make update again Co-authored-by: DeDe Morton <dede.morton@elastic.co>
…-stage-level * upstream/master: (30 commits) Add a GRPC listener service for Agent (elastic#18827) Disable host.* fields by default for iptables module (elastic#18756) [WIP] Clarify capabilities of the Filebeat auditd module (elastic#17068) fix: rename file and remove extra separator (elastic#18881) ci: enable JJBB (elastic#18812) Disable host.* fields by default for Checkpoint module (elastic#18754) Disable host.* fields by default for Cisco module (elastic#18753) Update latest.yml testing env to 7.7.0 (elastic#18535) Upgrade k8s.io/client-go and k8s keystore tests (elastic#18817) Add missing Jenkins stages for Auditbeat (elastic#18835) [Elastic Log Driver] Create a config shim between libbeat and the user (elastic#18605) Use indexers and matchers in config when defaults are enabled (elastic#18818) Fix panic on `metricbeat test modules` (elastic#18797) [CI] Fix permissions in MacOSX agents (elastic#18847) [Ingest Manager] When not port are specified and the https is used fallback to 443 (elastic#18844) [Ingest Manager] Fix install service script for windows (elastic#18814) [Metricbeat] Fix getting compute instance metadata with partial zone/region config (elastic#18757) Improve error messages in s3 input (elastic#18824) Add memory metrics into compute googlecloud (elastic#18802) include bucket name when logging error (elastic#18679) ...
…8884) * Update filebeat/docs/modules/auditd.asciidoc Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module * Edit text and run make update * Run make update again Co-authored-by: DeDe Morton <dede.morton@elastic.co> Co-authored-by: Rob Waight <43173714+rwaight@users.noreply.github.com>
…8885) * Update filebeat/docs/modules/auditd.asciidoc Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module * Edit text and run make update * Run make update again Co-authored-by: DeDe Morton <dede.morton@elastic.co> Co-authored-by: Rob Waight <43173714+rwaight@users.noreply.github.com>
…8886) * Update filebeat/docs/modules/auditd.asciidoc Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module * Edit text and run make update * Run make update again Co-authored-by: DeDe Morton <dede.morton@elastic.co> Co-authored-by: Rob Waight <43173714+rwaight@users.noreply.github.com>
…) (elastic#18886) * Update filebeat/docs/modules/auditd.asciidoc Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module * Edit text and run make update * Run make update again Co-authored-by: DeDe Morton <dede.morton@elastic.co> Co-authored-by: Rob Waight <43173714+rwaight@users.noreply.github.com>
Update
filebeat/docs/modules/auditd.asciidoc
- Add note regarding capabilities of the Filebeat auditd moduleWhat does this PR do?
Update Filebeat auditd module documentation
Why is it important?
Clarify capabilities of the Filebeat auditd module
Checklist
- [ ] My code follows the style guidelines of this project- [ ] I have commented my code, particularly in hard-to-understand areas- [ ] I have made corresponding changes to the documentation- [ ] I have made corresponding change to the default configuration files- [ ] I have added tests that prove my fix is effective or that my feature worksAuthor's Checklist
Related issues
Use cases