-
Notifications
You must be signed in to change notification settings - Fork 427
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Amazon Security Lake] - OCSF v1.1 update with major refactor & adding support for dynamic template and mappings & system tests #10405
Open
ShourieG
wants to merge
34
commits into
elastic:main
Choose a base branch
from
ShourieG:security_lake/ocsf_1.1
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from 1 commit
Commits
Show all changes
34 commits
Select commit
Hold shift + click to select a range
66c9372
added support for new user inventory info event class and updated inc…
ShourieG fb78670
trying to make a working system test
ShourieG 3902a02
merged with upstream
ShourieG 6bec44b
initial working system tests added pending elastic-package changes to…
ShourieG 64f285b
merged with upstream/main
ShourieG 118b2d2
test commit to be reverted
ShourieG 185e2f9
initial working test for dynamic template
ShourieG f784e75
updated root org templates
ShourieG 4282225
reworked 'org' object mapping as tynamic template for all data streams
ShourieG e2f8457
Merge branch 'main' into security_lake/ocsf_1.1
ShourieG d4788f4
Merge remote-tracking branch 'upstream/main' into security_lake/ocsf_1.1
ShourieG 32ed102
segregated process fields in 'findings', added 'actor' fields for new…
ShourieG 78c1ea2
added fulnerability findings support and segregated 'resource' group …
ShourieG 0656284
Merge remote-tracking branch 'upstream/main' into security_lake/ocsf_1.1
ShourieG 8f7122d
added ntp activity event class, deprecated proxy event class, aded pr…
ShourieG 5352aac
added os patch state event class, segregated device fields across all…
ShourieG ac66e6e
added datastore activity event class, segregated actor, user & metada…
ShourieG 73b7be8
added support for detection finding event class, segregated and mappe…
ShourieG 1236584
added support of compliance finding event class, segregated and updat…
ShourieG 03b5099
segregated and expanded api object across all data streams, added sup…
ShourieG e99119c
added support for Device Config State Change event class, updated sch…
ShourieG 7e5f687
added support for scan activity event class
ShourieG 516b63b
segregated file fields across required data streams, added support fo…
ShourieG bf779a5
added cwe & epss objects as flattened to cve object
ShourieG 97459f5
converted feature object to follow dynamic mapping rules across all d…
ShourieG bb88d57
added firewall rule object to respective event categories
ShourieG f0fdc32
added some missing fields after locally running system tests for disc…
ShourieG 0b356dc
reworked terrform deployer to support multi-bucket based system tests
ShourieG 19ffbf7
updated docs and changelog
ShourieG dd90df2
fixed timestamp issues across all data streams, added all system test…
ShourieG 360c3d8
resolved merge conflicts
ShourieG 2b1250d
resolved merge conflicts
ShourieG 2261431
removed system test configs until respective elastic-package changes …
ShourieG 5794401
updated with main, resolved merge conflicts
ShourieG File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this work? til
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yup this works