Skip to content

[auditd] Remove elasticsearch.dynamic_{dataset,namespace} #7800

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 20, 2023
Merged

[auditd] Remove elasticsearch.dynamic_{dataset,namespace} #7800

merged 1 commit into from
Sep 20, 2023

Conversation

@andrewkroh
Copy link
Member

@andrewkroh andrewkroh commented Sep 13, 2023
edited
Loading

auditd is not a generic input type that you would be applying to different sources. It specifically reads the output of the Linux auditd daemon. It does not need to be able to write to arbitrary logs-* data streams.

Relates: #6808 (comment)

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Related issues

@andrewkroh andrewkroh requested a review from a team as a code owner September 13, 2023 16:21
@elasticmachine
Copy link

elasticmachine commented Sep 13, 2023

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@elasticmachine
Copy link

elasticmachine commented Sep 13, 2023
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-09-19T20:15:00.259+0000

  • Duration: 15 min 20 sec

Test stats 🧪

Test Results
Failed 0
Passed 9
Skipped 0
Total 9

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@elasticmachine
Copy link

elasticmachine commented Sep 13, 2023
edited
Loading

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 100.0% (1/1) 💚
Files 100.0% (1/1) 💚 5.772
Classes 100.0% (1/1) 💚 5.772
Methods 100.0% (15/15) 💚 8.591
Lines 97.985% (2140/2184) 👍 10.936
Conditionals 100.0% (0/0) 💚

@andrewkroh andrewkroh mentioned this pull request Sep 14, 2023
Closed
11 tasks
@andrewkroh
[auditd] Remove elasticsearch.dynamic_{dataset,namespace}
77b3144 
auditd is not a generic input type that you would be applying to different sources.
It specifically reads the output of the Linux auditd daemon. It does not need to be able
to write to arbitrary logs-* data streams.

Relates: #6808 (comment)
efd6
efd6 approved these changes Sep 20, 2023
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On the basis of the PR description, this LGTM, but the logic behind the addition and the subsequent related closed PR is a little muddy.

@andrewkroh andrewkroh merged commit 7fdf53e into elastic:main Sep 20, 2023
@elasticmachine
Copy link

elasticmachine commented Sep 20, 2023

Package auditd - 3.13.1 containing this change is available at https://epr.elastic.co/search?package=auditd

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

No one assigned

Labels

Integration:auditd Auditd Logs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@andrewkroh @elasticmachine @efd6