39 Pull requests merged by 18 people

• [Cloudflare] Use CEL input to add support for token authorization in Audit log data stream

  #13698 merged May 8, 2025

• Added Endace integration

  #13423 merged May 7, 2025

• [CI] Update backport script to include latest changes for mage

  #13827 merged May 7, 2025

• [Cloud Security] Backport cloud security posture 1.13: remove GCP project and org Id from validation

  #13806 merged May 7, 2025

• [netflow] Expand the tcp_control_bits into the relevant flag names

  #13307 merged May 7, 2025

• [Cisco Secure Endpoint] Add Dashboard

  #13746 merged May 7, 2025

• [google_workspace] Add google meet data stream

  #13732 merged May 7, 2025

• [CI] Add missing mage scripts ci

  #13823 merged May 7, 2025

• [O365 Metrics] Fix Teams Call Quality cel code in case of multiple page responses & restructure field names

  #13132 merged May 7, 2025

• github-action: add catalog-validate for GitHub actions

  #13804 merged May 7, 2025

• [AWS] Handle duplicate fields in Network Firewall Logs data stream

  #13676 merged May 7, 2025

• [miniflux] New integration

  #13631 merged May 7, 2025

• [FireEye] Add Overview Dashboard

  #13713 merged May 7, 2025

• [okta] Fix dashboard filters

  #13761 merged May 7, 2025

• [Security Rules] Update security rules package to v9.0.4

  #13815 merged May 7, 2025

• [Security Rules] Update security rules package to v8.18.4

  #13814 merged May 7, 2025

• [Security Rules] Update security rules package to v8.17.11

  #13813 merged May 7, 2025

• [Security Rules] Update security rules package to v8.16.13

  #13812 merged May 7, 2025

• [Security Rules] Update security rules package to v8.18.4-beta.1

  #13809 merged May 7, 2025

• [Security Rules] Update security rules package to v8.17.11-beta.1

  #13808 merged May 7, 2025

• [Security Rules] Update security rules package to v8.16.13-beta.1

  #13807 merged May 7, 2025

• [Security Rules] Update security rules package to v9.0.4-beta.1

  #13810 merged May 7, 2025

• beyondinsight_password_safe: improve error reporting for API request failures

  #13796 merged May 6, 2025

• [Security Solution] Security AI Prompts

  #13323 merged May 6, 2025

• #11767 - Remove deprecated httpjson from packages zeek, apache, system, windows, aws.cloudtrail and nginx

  #13246 merged May 6, 2025

• Remove event.original processors from several remaining integrations part 1

  #13521 merged May 6, 2025

• build(deps): bump golang.org/x/tools from 0.32.0 to 0.33.0

  #13803 merged May 6, 2025

• o365: improve clarity of CEL code

  #13795 merged May 6, 2025

• [Integrations docs] Fix mispelled word on the screenshot

  #13789 merged May 6, 2025

• [crowdstrike] Improve device.id ECS mapping for FDR data stream

  #13762 merged May 6, 2025

• [Crowdstrike] Fix navigation links in Table of Contents section

  #13763 merged May 6, 2025

• [Cloudflare Logpush] Fix data type for http_request.bot.detection_tags field

  #13581 merged May 6, 2025

• catalog-info: grant manage access to the CI robots team

  #13792 merged May 5, 2025

• #11810 Enabling Agentless for AWS Security Hub

  #13367 merged May 5, 2025

• build(deps): bump updatecli/updatecli-action from 2.82.0 to 2.83.0

  #13791 merged May 5, 2025

• [zeek] Fix date parsing error for smtp logs

  #13780 merged May 5, 2025

• [hpe_aruba_cx] Initial Release for HPE Aruba CX

  #13689 merged May 5, 2025

• [Atlassian JIRA and Atlassian Confluence] Fix Time Parsing in Cursor Logic

  #13784 merged May 5, 2025

• [Pulse Connect Secure] Add Support of Dashboard

  #13747 merged May 5, 2025

21 Pull requests opened by 17 people

• crowdstrike: improve falcon data stream document collision behaviour

  #13779 opened May 5, 2025

• Align datatypes with ECS

  #13781 opened May 5, 2025

• Add enable_batch_api option in azure resource metrics

  #13783 opened May 5, 2025

• [GreyNoise] Add transform pipeline for package

  #13786 opened May 5, 2025

• bk: use OIDC to create AWS cloud resources

  #13790 opened May 5, 2025

• Add support of Vertex AI Audit Logs

  #13799 opened May 6, 2025

• [Falco] Fix Conflicting Field Types

  #13800 opened May 6, 2025

• Test elastic-package#2572 - DO NOT MERGE

  #13801 opened May 6, 2025

• [system][fsstat] - Add support for ignore_types

  #13802 opened May 6, 2025

• [cisco_ios] Improve hostname parsing

  #13816 opened May 7, 2025

• varonis: add pre-processor option to allow ingestion of non-conforman…

  #13822 opened May 7, 2025

• [Jamf Protect] Fix field type from `long` to `keyword` for process fields

  #13824 opened May 7, 2025

• mimecast: resolve field data type conflicts between data streams

  #13825 opened May 7, 2025

• [ti_anomali] Add support for proxy URL and SSL configuration parameters

  #13826 opened May 7, 2025

• [system] Add support for more event-ids in the security data stream

  #13828 opened May 7, 2025

• [Symantec Endpoint Security]Update test logs

  #13829 opened May 7, 2025

• Add new AWS Config datastream.

  #13830 opened May 7, 2025

• Test pr merge 13810

  #13831 opened May 7, 2025

• [CI] Do not use -q parameter together with git commands in pipe

  #13832 opened May 7, 2025

• crowdstrike: handle UTCTimestamp values in Unix seconds

  #13833 opened May 7, 2025

• o365: ensure empty responses do not lead to invalid request ranges

  #13834 opened May 7, 2025

15 Issues closed by 8 people

• Due diligence ticket for clean up Aruba feature-branch integration before merging into `main`

  #12249 closed May 7, 2025

• [Google Workspace]: Add google meet event type

  #13512 closed May 7, 2025

• [LastPass] Update data collection after resolve request_body_on_pagination issue

  #4256 closed May 7, 2025

• [AWS] Network Firewall logs ingest pipeline duplicate field error

  #5071 closed May 7, 2025

• [Okta]: Incorrect filters in Okta Dashboard elements

  #13615 closed May 7, 2025

• beyondinsight_password_safe: improve error handling in agent collector programs

  #13794 closed May 6, 2025

• [fortinet_fortigate]: pipeline-error unable to parse URI error.message

  #11321 closed May 6, 2025

• Remove Deprecated "Collect Logs from third-party REST API" for 9.0

  #11767 closed May 6, 2025

• [Wiz Integration] - Doc update

  #11520 closed May 6, 2025

• Documentation changes for SSL nodes for integrations owned by security-service-integrations

  #12700 closed May 6, 2025

• [o365] multi-tenancy failing

  #1759 closed May 6, 2025

• [Crowdstrike]: Nav Panel Links do not work

  #13616 closed May 6, 2025

• [Cloudflare Logpush]: Wrong mapping on field cloudflare_logpush.http_request.bot.detection_tags

  #13477 closed May 6, 2025

• [Subscription basic] [opencanary] Failing test daily: pipeline test: test-events.log in opencanary.events

  #13503 closed May 6, 2025

• [New Integration] Add support for Aruba network device logs

  #5255 closed May 5, 2025

14 Issues opened by 5 people

• [Stack 9.1.0-SNAPSHOT] [nats] Failing test daily: system test: default (variant: v2) in nats.connection

  #13821 opened May 7, 2025

• [Stack 9.1.0-SNAPSHOT] [nats] Failing test daily: system test: default (variant: v1) in nats.connection

  #13820 opened May 7, 2025

• [Stack 9.1.0-SNAPSHOT] [nats] Failing test daily: system test: default (variant: v2) in nats.stats

  #13819 opened May 7, 2025

• [Stack 9.1.0-SNAPSHOT] [nats] Failing test daily: system test: default (variant: v1) in nats.stats

  #13818 opened May 7, 2025

• [Stack 9.1.0-SNAPSHOT] [crowdstrike] Failing test daily: system test: (elastic-agent logs - default) in crowdstrike.fdr

  #13817 opened May 7, 2025

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [cassandra] Failing test daily: system test: default (variant: v3.11.11) in cassandra.log

  #13811 opened May 7, 2025

• [LogsDB] [Subscription basic] [mysql] Failing test daily: system test: default (variant: percona_8_0_36) in mysql.status

  #13798 opened May 6, 2025

• [Stack 9.1.0-SNAPSHOT] [hpe_aruba_cx] Failing test daily: system test: filestream in hpe_aruba_cx.log

  #13797 opened May 6, 2025

• [Cisco Duo]: receiving error messages for Auth Logs

  #13793 opened May 5, 2025

• [Feature Request] SAP integrations

  #13788 opened May 5, 2025

• [Feature Request] Cisco Catalyst Center (DNA Center) Integration

  #13787 opened May 5, 2025

• [linux]: Linux Metrics Pageinfo can throw `illegal_argument_exception`

  #13785 opened May 5, 2025

• [Infoblox NIOS]: error.message Processor 'convert' with tag '' in pipeline logs-infoblox_nios.log-1.29.0-pipeline_audit failed with message ''2001\1234\1234\1234\1235\1234' is not an IP string literal.'

  #13782 opened May 5, 2025

• [Stack 9.1.0-SNAPSHOT] [aws] Failing test daily: system test: (elastic-agent logs - default) in aws.vpcflow

  #13778 opened May 5, 2025

125 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• [vectra_cloud] Initial release of the Vectra Cloud

  #13646 commented on May 7, 2025 • 24 new comments

• [ti_recordedfuture] Add Support for Legacy and Playbook Alerts

  #13494 commented on May 7, 2025 • 17 new comments

• [panw_cortex_xdr] Add event data stream and dashboards of incident and alert

  #13680 commented on May 6, 2025 • 10 new comments

• tenable_io: Add mappings and transform for Cloud Detection and Response (CDR) workflow

  #13636 commented on May 7, 2025 • 9 new comments

• Use journald input by default when running system integration for SLES 15-SP6

  #13759 commented on May 7, 2025 • 6 new comments

• [DOCS] Part 1 - Remove duplicated installation instructions

  #13573 commented on May 7, 2025 • 5 new comments

• [M365 Defender] Add support of vulnerability data-stream

  #13595 commented on May 7, 2025 • 5 new comments

• tencent_cloud: Add new datastreams

  #13565 commented on May 7, 2025 • 3 new comments

• Gigamon: ZT and OT dashboards added and Renaming of NPM Dashboards to Network Telemetry Insights.

  #13733 commented on May 5, 2025 • 3 new comments

• [Tenable OT Security] Fix field type of `message` field

  #13723 commented on May 8, 2025 • 3 new comments

• zscaler_zpa: fix handling of multiple remote IPs, and event categorisation

  #13755 commented on May 7, 2025 • 2 new comments

• [Falco] Split datastream based on CNCF or agent-based ingest type

  #12896 commented on May 6, 2025 • 1 new comment

• [crowdstrike] Reset state values to overcome error in vulnerability data collection.

  #13740 commented on May 7, 2025 • 1 new comment

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [cisco_umbrella] Failing test daily: system test: default in cisco_umbrella.log

  #13432 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [github] Failing test daily: pipeline test: test-github-issues-json.log in github.issues

  #13230 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [qualys_vmdr] Failing test daily: pipeline test: test-asset-host-detection.log in qualys_vmdr.asset_host_detection

  #13231 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [symantec_endpoint_security] Failing test daily: system test: (elastic-agent logs - default) in symantec_endpoint_security.event

  #13696 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [qualys_vmdr] Failing test daily: pipeline test: test-knowledge-base.log in qualys_vmdr.knowledge_base

  #13222 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [qualys_vmdr] Failing test daily: pipeline test: test-asset-host-detection.log in qualys_vmdr.asset_host_detection

  #13221 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [github] Failing test daily: pipeline test: test-github-issues-json.log in github.issues

  #13219 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [qualys_vmdr] Failing test daily: pipeline test: test-asset-host-detection.log in qualys_vmdr.asset_host_detection

  #13217 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [qualys_vmdr] Failing test daily: pipeline test: test-knowledge-base.log in qualys_vmdr.knowledge_base

  #13215 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [github] Failing test daily: pipeline test: test-github-issues-json.log in github.issues

  #13213 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [bitwarden] Failing test daily: pipeline test: test-policy.log in bitwarden.policy

  #13208 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [bitwarden] Failing test daily: pipeline test: test-policy.log in bitwarden.policy

  #13205 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [symantec_endpoint_security] Failing test daily: system test: default in symantec_endpoint_security.event

  #13381 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [cisco_umbrella] Failing test daily: system test: default in cisco_umbrella.log

  #13004 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [cisco_umbrella] Failing test daily: system test: default in cisco_umbrella.log

  #13699 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [ti_misp] Failing test daily: pipeline test: test-misp-attributes-ndjson.log in ti_misp.threat

  #13218 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [ti_misp] Failing test daily: pipeline test: test-misp-sample-ndjson.log in ti_misp.threat

  #13220 commented on May 7, 2025 • 0 new comments

• [SentinelOne]: Activities by OS Family visualization is unpopulated

  #12902 commented on May 7, 2025 • 0 new comments

• [Azure Logs]: AzureFirewallNetworkRuleLog - Provided Grok expressions do not match field value

  #13096 commented on May 7, 2025 • 0 new comments

• [Office365] Populate ECS `message` Field with Alert Titles from SecurityComplianceAlerts

  #12596 commented on May 7, 2025 • 0 new comments

• [Azure]: Standardize Azure field names across all integrations

  #13369 commented on May 7, 2025 • 0 new comments

• [Office365] Populate ECS `message` Field with Alert Titles for DLP Exchange Alerts

  #12598 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [aws] Failing test daily: system test: default in aws.route53_resolver_logs

  #12980 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [google_workspace] Failing test daily: system test: default in google_workspace.saml

  #12978 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [bitwarden] Failing test daily: pipeline test: test-policy.log in bitwarden.policy

  #13225 commented on May 7, 2025 • 0 new comments

• [M365 Defender] Improve response action support in event dataset.

  #13769 commented on May 5, 2025 • 0 new comments

• [Fleet Server] Added support for the fleet scalability settings as direct toggles in fleet ui

  #13766 commented on May 5, 2025 • 0 new comments

• [System] Add pipeline for AD FS Auditing to security data stream.

  #13765 commented on May 6, 2025 • 0 new comments

• entityanalytics_okta: add user roles collection support

  #13750 commented on May 5, 2025 • 0 new comments

• [GreyNoise] Add Integration Package

  #13745 commented on May 7, 2025 • 0 new comments

• [mattermost] Add Support of Dashboard

  #13731 commented on May 5, 2025 • 0 new comments

• [Keycloak] Add Support of Dashboard

  #13717 commented on May 5, 2025 • 0 new comments

• [wiz] Add defend data stream

  #13688 commented on May 5, 2025 • 0 new comments

• [O11y][Postgresql] Add support for user specific timezone map

  #13681 commented on May 6, 2025 • 0 new comments

• Make kv more resillient and fingerprint more accurate

  #13640 commented on May 5, 2025 • 0 new comments

• Document Journald on docker

  #13597 commented on May 7, 2025 • 0 new comments

• [trend_micro_vision_one] Collect telemetry via the Datalake Pipeline API

  #13588 commented on May 6, 2025 • 0 new comments

• [checkpoint] Expand and fix IANA number handling

  #13568 commented on May 6, 2025 • 0 new comments

• Remove event.original processors from several remaining integrations part 2

  #13522 commented on May 7, 2025 • 0 new comments

• Removed event.original processors from network and network-obs relate…

  #13520 commented on May 7, 2025 • 0 new comments

• [Google Threat Intelligence] Add IOC Stream data stream

  #13449 commented on May 7, 2025 • 0 new comments

• [AWS] Update README - EC2 Instance IAM Role for AWS Authentication

  #13434 commented on May 7, 2025 • 0 new comments

• [Armis] Initial release of the armis

  #13429 commented on May 5, 2025 • 0 new comments

• [integration/system] add use_performance_counters in system integration

  #13150 commented on May 7, 2025 • 0 new comments

• OTel Metrics for Docker Stats

  #13018 commented on May 5, 2025 • 0 new comments

• crowdstrike: implement enhanced field mapping logic

  #12913 commented on May 7, 2025 • 0 new comments

• Security ai prompts

  #12721 commented on May 7, 2025 • 0 new comments

• [ Azure Logs ] Wrong mapping in the Activity Logs data set result in ignored fields and poor data set quality

  #13692 commented on May 7, 2025 • 0 new comments

• [Juniper SRX] Documentation improvement needed

  #11807 commented on May 7, 2025 • 0 new comments

• [Google Workspace] Support All Event Types

  #4722 commented on May 7, 2025 • 0 new comments

• Use 'terminate' processor instead of 'fail'

  #12083 commented on May 6, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-anomalous-download.log in box_events.events

  #13206 commented on May 6, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-malicious-content.log in box_events.events

  #13207 commented on May 6, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-suspicious-locations.log in box_events.events

  #13209 commented on May 6, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-anomalous-download.log in box_events.events

  #13210 commented on May 6, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-suspicious-sessions.log in box_events.events

  #13211 commented on May 6, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-malicious-content.log in box_events.events

  #13212 commented on May 6, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-suspicious-locations.log in box_events.events

  #13214 commented on May 6, 2025 • 0 new comments

• [entityanalytics_ad]: Support to Computer Object Collection

  #13176 commented on May 6, 2025 • 0 new comments

• [entityanalytics_ad.user]: Unable to select OU other then Users

  #13055 commented on May 6, 2025 • 0 new comments

• [opencanary]: Various bug fixes / enhancements

  #13025 commented on May 6, 2025 • 0 new comments

• ti_threatconnect: revise pagination and cursor logic in agent config

  #13336 commented on May 6, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [teleport] Failing test daily: system test: filestream in teleport.audit

  #13556 commented on May 6, 2025 • 0 new comments

• [ GCP ] The field gcp.audit.authorization_info in the Audit Logs is mapped as nested, but should be mapped as flattened

  #13695 commented on May 6, 2025 • 0 new comments

• [Microsoft M365 Defender]: Events failing to parse due to index mappings since upgrade to v2.23.0

  #13739 commented on May 6, 2025 • 0 new comments

• [entityanalytics_ad]: Investigate efficient handling of group membership data

  #12520 commented on May 6, 2025 • 0 new comments

• [Subscription basic] [mysql] Failing test daily: system test: default (variant: percona_8_0_36) in mysql.performance

  #13774 commented on May 6, 2025 • 0 new comments

• [LogsDB] [Subscription basic] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.replica_status

  #13772 commented on May 6, 2025 • 0 new comments

• [LogsDB] [Subscription basic] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.performance

  #13758 commented on May 6, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.performance

  #13406 commented on May 6, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.galera_status

  #13127 commented on May 6, 2025 • 0 new comments

• [keycloak]: Change Keycloak ingest pipeline to support ECS log support from v26.2.0

  #13749 commented on May 6, 2025 • 0 new comments

• [LogsDB] [Subscription basic] [mysql] Failing test daily: system test: default (variant: percona_8_0_36) in mysql.replica_status

  #13773 commented on May 5, 2025 • 0 new comments

• [LogsDB] [Subscription basic] [apache_tomcat] Failing test daily: system test: default (variant: v10.1.5) in apache_tomcat.catalina

  #13771 commented on May 5, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [network_traffic] Failing test daily: system test: dns-mx in network_traffic.dns

  #13770 commented on May 5, 2025 • 0 new comments

• [Subscription basic] [apache_tomcat] Failing test daily: system test: default (variant: v10.1.5) in apache_tomcat.catalina

  #13543 commented on May 5, 2025 • 0 new comments

• [CrowdStrike]: Processing of different events can lead to identical `_id`s

  #13720 commented on May 5, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.galera_status

  #13151 commented on May 5, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.slowlog

  #13134 commented on May 5, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.slowlog

  #13051 commented on May 5, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [mysql] Failing test daily: system test: default (variant: percona_8_0_36) in mysql.performance

  #13259 commented on May 5, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-suspicious-locations.log in box_events.events

  #13228 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [box_events] Failing test daily: pipeline test: test-suspicious-sessions.log in box_events.events

  #13229 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [ti_misp] Failing test daily: pipeline test: test-misp-attributes-ndjson.log in ti_misp.threat

  #13223 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [ti_misp] Failing test daily: pipeline test: test-misp-sample-ndjson.log in ti_misp.threat

  #13224 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [ti_misp] Failing test daily: pipeline test: test-misp-attributes-ndjson.log in ti_misp.threat

  #13233 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [ti_misp] Failing test daily: pipeline test: test-misp-sample-ndjson.log in ti_misp.threat

  #13234 commented on May 7, 2025 • 0 new comments

• [Subscription basic] [imperva_cloud_waf] Failing test daily: system test: default in imperva_cloud_waf.event

  #13677 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [trellix_edr_cloud] Failing test daily: system test: (elastic-agent logs - default) in trellix_edr_cloud.event

  #13693 commented on May 7, 2025 • 0 new comments

• Bug: MISP elastic-agent integration don't get any logs in Kibana discover view

  #5684 commented on May 7, 2025 • 0 new comments

• Add username fields to CrowdStrike FDR

  #10661 commented on May 7, 2025 • 0 new comments

• SSI Integration: Missing Dashboard

  #13702 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [qualys_vmdr] Failing test daily: pipeline test: test-knowledge-base.log in qualys_vmdr.knowledge_base

  #13232 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Subscription basic] [system] Failing test daily: system test: default in system.process

  #13531 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Subscription basic] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.status

  #13605 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Subscription basic] [canva] Failing test daily: system test: default in canva.audit

  #13604 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [system] Failing test daily: system test: journald in system.auth

  #12785 commented on May 7, 2025 • 0 new comments

• [Stack 9.1.0-SNAPSHOT] [sql_input] Failing test daily: system test: mssql in sql_input.

  #13027 commented on May 7, 2025 • 0 new comments

• [entityanalytics_ad]: Include computers in AD query

  #12950 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [system] Failing test daily: system test: journald in system.auth

  #12763 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [sql_input] Failing test daily: system test: mssql in sql_input.

  #13128 commented on May 7, 2025 • 0 new comments

• [Stack 8.19.0-SNAPSHOT] [mysql] Failing test daily: system test: default (variant: mysql_8_0_35) in mysql.status

  #13005 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [system] Failing test daily: system test: journald in system.auth

  #12765 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [sql_input] Failing test daily: system test: mssql in sql_input.

  #13113 commented on May 7, 2025 • 0 new comments

• [LogsDB] [Stack 8.19.0-SNAPSHOT] [mysql] Failing test daily: system test: default (variant: percona_8_0_36) in mysql.galera_status

  #13030 commented on May 7, 2025 • 0 new comments

• [Varonis]: Ingest Pipeline Error

  #13764 commented on May 6, 2025 • 0 new comments

• [pfsense] Parsing errors when rule action is Match

  #13738 commented on May 6, 2025 • 0 new comments

• Change Rapid7 InsightVM integration to one doc per vulnerability

  #9354 commented on May 6, 2025 • 0 new comments

• Ensure Consistency Across Ingested Data for Analyzer Development

  #12562 commented on May 6, 2025 • 0 new comments

• [qualys_was] Additional Datastream - web applications

  #13570 commented on May 6, 2025 • 0 new comments

• [TI Recorded Future] Request gzip compressed CSV

  #6011 commented on May 6, 2025 • 0 new comments

• [USN Journal]: Ingest and parse USN journal file

  #13154 commented on May 6, 2025 • 0 new comments