-
Notifications
You must be signed in to change notification settings - Fork 458
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add automated tests for security packages #377
Labels
Comments
andrewkroh
added
enhancement
New feature or request
Team:Security-External Integrations
labels
Nov 2, 2020
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
This was referenced Nov 19, 2020
This was referenced Dec 2, 2020
This was referenced Dec 5, 2020
Issues encountered while implementing testing (I will open issues and link here):
|
3 tasks
This was referenced Jan 28, 2021
3 tasks
andrewkroh
added a commit
to andrewkroh/beats
that referenced
this issue
Feb 16, 2021
* Sync changes to AWS CloudTrail elastic/integrations#408 * Sync changes to CheckPoint Firewall Change type of event.severity. elastic/integrations#409 * Sync changes from Cisco ASA / FTD elastic/integrations#414 * Sync changes from Cisco IOS Make icmp and igmp fields strings because they are keywords. elastic/integrations#416 * Sync changes to CrowdStrike Falcon Fix some field types. elastic/integrations#377 * Sync changes to Fortinet Firewall Drop assignip if the value is "N/A". elastic/integrations#437 * Sync changes to Juniper SRX Convert event.risk values to float Protect against missing event.timezone Convert event.severity to long. elastic/integrations#443 * Sync changes to Suricata EVE Convert suricata.eve.flow_id to string because the field is a keyword in the mapping. elastic/integrations#457 * Sync changes to Zeek DNS Fix usages of ignore_failure with convert processor. Make DNS transaction ID a string. elastic/integrations#448 * Add changelog (cherry picked from commit bf46572)
adriansr
pushed a commit
to elastic/beats
that referenced
this issue
Feb 17, 2021
#24077) * Sync fixes from Integration Package Testing (#23424) * Sync changes to AWS CloudTrail elastic/integrations#408 * Sync changes to CheckPoint Firewall Change type of event.severity. elastic/integrations#409 * Sync changes from Cisco ASA / FTD elastic/integrations#414 * Sync changes from Cisco IOS Make icmp and igmp fields strings because they are keywords. elastic/integrations#416 * Sync changes to CrowdStrike Falcon Fix some field types. elastic/integrations#377 * Sync changes to Fortinet Firewall Drop assignip if the value is "N/A". elastic/integrations#437 * Sync changes to Juniper SRX Convert event.risk values to float Protect against missing event.timezone Convert event.severity to long. elastic/integrations#443 * Sync changes to Suricata EVE Convert suricata.eve.flow_id to string because the field is a keyword in the mapping. elastic/integrations#457 * Sync changes to Zeek DNS Fix usages of ignore_failure with convert processor. Make DNS transaction ID a string. elastic/integrations#448 * Add changelog (cherry picked from commit bf46572)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Automated tests need to be added to the security packages that we migrated over from Filebeat. This will prevent future regressions and save us from having to manually test. The tests should verify:
I think it would be ideal if all of this testing could be accomplished through system tests with the elastic-package tool. I'll work through setting up a test and see what additional features will be needed and work that via issues in the elastic-package repo.
Input Types
These are the different input types used in packages.
Data Streams to Test
This is every data stream and the inputs that they support.
The text was updated successfully, but these errors were encountered: