Skip to content

[vectra_cloud] Initial release of the Vectra Cloud#13646

Merged
efd6 merged 5 commits intoelastic:mainfrom
janvi-elastic:package-vectra_cloud
May 8, 2025
Merged

[vectra_cloud] Initial release of the Vectra Cloud#13646
efd6 merged 5 commits intoelastic:mainfrom
janvi-elastic:package-vectra_cloud

Conversation

@janvi-elastic
Copy link
Contributor

@janvi-elastic janvi-elastic commented Apr 23, 2025
edited
Loading

Proposed commit message

The initial release includes an audit, entity events, detection events, health and lockdown data stream and associated dashboards and visualizations.

Vectra Cloud fields are mapped to their corresponding ECS fields where possible.

Test samples were derived from documentation.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

  • Clone integrations repo.
  • Install elastic package locally.
  • Start elastic stack using elastic-package.
  • Move to integrations/packages/vectra_cloud directory.
  • Run the following command to run tests.

elastic-package test

--- Test results for package: vectra_cloud - START ---
╭──────────────┬─────────────────┬───────────┬───────────────────────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE      │ DATA STREAM     │ TEST TYPE │ TEST NAME                                                             │ RESULT │ TIME ELAPSED │
├──────────────┼─────────────────┼───────────┼───────────────────────────────────────────────────────────────────────┼────────┼──────────────┤
│ vectra_cloud │                 │ asset     │ dashboard vectra_cloud-36228434-8783-49ab-ac0d-82cc651c0e7d is loaded │ PASS   │      1.364µs │
│ vectra_cloud │                 │ asset     │ dashboard vectra_cloud-55983c57-df67-41ea-8292-08c3c0357d05 is loaded │ PASS   │        212ns │
│ vectra_cloud │                 │ asset     │ dashboard vectra_cloud-6ddf7197-c2e5-4472-a814-05bfe2caa3eb is loaded │ PASS   │        166ns │
│ vectra_cloud │                 │ asset     │ dashboard vectra_cloud-9a7d587d-e61a-40dc-886b-25aa6da16717 is loaded │ PASS   │        275ns │
│ vectra_cloud │                 │ asset     │ dashboard vectra_cloud-ccfcc72d-78f4-4337-b542-de333bef5cf8 is loaded │ PASS   │        217ns │
│ vectra_cloud │                 │ asset     │ search vectra_cloud-3160e56b-1190-4e05-be6d-5beb3b5bf8a5 is loaded    │ PASS   │        243ns │
│ vectra_cloud │                 │ asset     │ search vectra_cloud-648e1825-c198-4bf0-ba1d-ee1c11ebd84f is loaded    │ PASS   │        198ns │
│ vectra_cloud │                 │ asset     │ search vectra_cloud-7180cae3-1a55-4e7a-a010-e7987dbdbd67 is loaded    │ PASS   │        280ns │
│ vectra_cloud │                 │ asset     │ search vectra_cloud-7ba8318c-2c41-4c43-af81-c35d599b6c74 is loaded    │ PASS   │        191ns │
│ vectra_cloud │                 │ asset     │ search vectra_cloud-fad8d0ee-bc58-43cd-a949-b0f0cf975256 is loaded    │ PASS   │        210ns │
│ vectra_cloud │ audit           │ asset     │ index_template logs-vectra_cloud.audit is loaded                      │ PASS   │        214ns │
│ vectra_cloud │ audit           │ asset     │ ingest_pipeline logs-vectra_cloud.audit-0.1.0 is loaded               │ PASS   │        238ns │
│ vectra_cloud │ detection_event │ asset     │ index_template logs-vectra_cloud.detection_event is loaded            │ PASS   │        247ns │
│ vectra_cloud │ detection_event │ asset     │ ingest_pipeline logs-vectra_cloud.detection_event-0.1.0 is loaded     │ PASS   │        173ns │
│ vectra_cloud │ entity_event    │ asset     │ index_template logs-vectra_cloud.entity_event is loaded               │ PASS   │        218ns │
│ vectra_cloud │ entity_event    │ asset     │ ingest_pipeline logs-vectra_cloud.entity_event-0.1.0 is loaded        │ PASS   │        111ns │
│ vectra_cloud │ health          │ asset     │ index_template logs-vectra_cloud.health is loaded                     │ PASS   │        496ns │
│ vectra_cloud │ health          │ asset     │ ingest_pipeline logs-vectra_cloud.health-0.1.0 is loaded              │ PASS   │        159ns │
│ vectra_cloud │ lockdown        │ asset     │ index_template logs-vectra_cloud.lockdown is loaded                   │ PASS   │        242ns │
│ vectra_cloud │ lockdown        │ asset     │ ingest_pipeline logs-vectra_cloud.lockdown-0.1.0 is loaded            │ PASS   │        113ns │
╰──────────────┴─────────────────┴───────────┴───────────────────────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: vectra_cloud - END   ---
Done
--- Test results for package: vectra_cloud - START ---
╭──────────────┬─────────────────┬───────────┬─────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE      │ DATA STREAM     │ TEST TYPE │ TEST NAME                                           │ RESULT │ TIME ELAPSED │
├──────────────┼─────────────────┼───────────┼─────────────────────────────────────────────────────┼────────┼──────────────┤
│ vectra_cloud │ audit           │ pipeline  │ (ingest pipeline warnings test-audit.log)           │ PASS   │ 313.047451ms │
│ vectra_cloud │ audit           │ pipeline  │ test-audit.log                                      │ PASS   │ 141.330693ms │
│ vectra_cloud │ detection_event │ pipeline  │ (ingest pipeline warnings test-detection-event.log) │ PASS   │ 299.225141ms │
│ vectra_cloud │ detection_event │ pipeline  │ test-detection-event.log                            │ PASS   │ 150.379479ms │
│ vectra_cloud │ entity_event    │ pipeline  │ (ingest pipeline warnings test-entity-event.log)    │ PASS   │ 283.741304ms │
│ vectra_cloud │ entity_event    │ pipeline  │ test-entity-event.log                               │ PASS   │ 120.738096ms │
│ vectra_cloud │ health          │ pipeline  │ (ingest pipeline warnings test-health.log)          │ PASS   │ 303.073442ms │
│ vectra_cloud │ health          │ pipeline  │ test-health.log                                     │ PASS   │ 235.386842ms │
│ vectra_cloud │ lockdown        │ pipeline  │ (ingest pipeline warnings test-lockdown.log)        │ PASS   │ 271.347977ms │
│ vectra_cloud │ lockdown        │ pipeline  │ test-lockdown.log                                   │ PASS   │ 103.822052ms │
╰──────────────┴─────────────────┴───────────┴─────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: vectra_cloud - END   ---
Done
--- Test results for package: vectra_cloud - START ---
╭──────────────┬─────────────────┬───────────┬──────────────────────────┬────────┬──────────────╮
│ PACKAGE      │ DATA STREAM     │ TEST TYPE │ TEST NAME                │ RESULT │ TIME ELAPSED │
├──────────────┼─────────────────┼───────────┼──────────────────────────┼────────┼──────────────┤
│ vectra_cloud │ audit           │ static    │ Verify sample_event.json │ PASS   │ 117.463687ms │
│ vectra_cloud │ detection_event │ static    │ Verify sample_event.json │ PASS   │ 114.558666ms │
│ vectra_cloud │ entity_event    │ static    │ Verify sample_event.json │ PASS   │ 130.596506ms │
│ vectra_cloud │ health          │ static    │ Verify sample_event.json │ PASS   │ 151.602007ms │
│ vectra_cloud │ lockdown        │ static    │ Verify sample_event.json │ PASS   │ 128.658336ms │
╰──────────────┴─────────────────┴───────────┴──────────────────────────┴────────┴──────────────╯
--- Test results for package: vectra_cloud - END   ---
Done
--- Test results for package: vectra_cloud - START ---
╭──────────────┬─────────────────┬───────────┬───────────┬────────┬───────────────╮
│ PACKAGE      │ DATA STREAM     │ TEST TYPE │ TEST NAME │ RESULT │  TIME ELAPSED │
├──────────────┼─────────────────┼───────────┼───────────┼────────┼───────────────┤
│ vectra_cloud │ audit           │ system    │ common    │ PASS   │ 34.904570101s │
│ vectra_cloud │ detection_event │ system    │ common    │ PASS   │  38.24373629s │
│ vectra_cloud │ entity_event    │ system    │ common    │ PASS   │ 42.137084271s │
│ vectra_cloud │ health          │ system    │ common    │ PASS   │ 37.099288261s │
│ vectra_cloud │ lockdown        │ system    │ common    │ PASS   │ 39.865316176s │
╰──────────────┴─────────────────┴───────────┴───────────┴────────┴───────────────╯
--- Test results for package: vectra_cloud - END   ---
Done

Related issues

Screenshot

image (15)
image (16)

@janvi-elastic janvi-elastic requested a review from a team as a code owner April 23, 2025 04:18
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Apr 23, 2025

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@jamiehynds
Copy link

jamiehynds commented Apr 23, 2025

@cpascale43 @janvi-elastic can we confirm that Vectra Cloud is the the correct naming/branding of the Vectra product we're integrating with? I don't think Vectra Cloud aligns with any naming on their end.

@andrewkroh andrewkroh added dashboard Relates to a Kibana dashboard bug, enhancement, or modification. Crest Contributions from Crest developement team. New Integration Issue or pull request for creating a new integration package. labels Apr 23, 2025
@piyush-elastic
Copy link
Contributor

piyush-elastic commented Apr 24, 2025

@cpascale43 @janvi-elastic can we confirm that Vectra Cloud is the the correct naming/branding of the Vectra product we're integrating with? I don't think Vectra Cloud aligns with any naming on their end.

@jamiehynds, @cpascale43 - The customer referred to this integration as 'Vectra Cloud' in their email. We also noticed that other vendors are using the same name, so we've used 'Vectra Cloud' as well for consistency. Also based on the information available on Vectra's official website and documentation, Vectra Cloud refers to the cloud-based offerings of Vectra AI. The term "Vectra UX" in the documentation likely refers to the user interface of Vectra AI’s cloud platform. Let me know your thoughts please.

@cpascale43
Copy link

cpascale43 commented Apr 25, 2025

Checking with Vectra @piyush-elastic, will keep you posted here

@kcreddy kcreddy added the Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] label Apr 25, 2025
@elasticmachine
Copy link

elasticmachine commented Apr 25, 2025

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@piyush-elastic
Copy link
Contributor

piyush-elastic commented Apr 29, 2025

Checking with Vectra @piyush-elastic, will keep you posted here

Hi @cpascale43,
Based on Dale's email response, do you think we should consider renaming it to "Vectra RUX"? That said, as he mentioned, this seems to be part of their future plans, but there is currently no reference to it in the official documentation.

@cpascale43
Copy link

cpascale43 commented May 1, 2025

Hi @piyush-elastic - Vectra RUX works, in keeping with their future plans. We should reference the other names in the first sentence of the docs like: "Vectra Respond User Experience (RUX), also known as Vectra Cloud or Vectra SaaS..."

efd6
efd6 reviewed May 2, 2025
View reviewed changes
@janvi-elastic janvi-elastic requested a review from efd6 May 7, 2025 08:10
efd6
efd6 reviewed May 7, 2025
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor changes, then good.

@janvi-elastic janvi-elastic requested a review from efd6 May 8, 2025 06:29
efd6
efd6 approved these changes May 8, 2025
View reviewed changes
Copy link
Contributor

@efd6 efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks

@elasticmachine
Copy link

elasticmachine commented May 8, 2025

💚 Build Succeeded

History

@elastic-sonarqube
Copy link

elastic-sonarqube bot commented May 8, 2025

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
97.8% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@efd6 efd6 merged commit 530820c into elastic:main May 8, 2025
7 checks passed
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented May 8, 2025

Package vectra_rux - 0.1.0 containing this change is available at https://epr.elastic.co/package/vectra_rux/0.1.0/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jsoriano jsoriano jsoriano approved these changes

@efd6 efd6 efd6 approved these changes

Assignees

No one assigned

Labels

Crest Contributions from Crest developement team. dashboard Relates to a Kibana dashboard bug, enhancement, or modification. Integration:vectra_rux Vectra RUX New Integration Issue or pull request for creating a new integration package. Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@janvi-elastic @jamiehynds @piyush-elastic @cpascale43 @elasticmachine @jsoriano @efd6 @andrewkroh @kcreddy