Skip to content

[ti_anomali] Update ECS to 8.4.0#3920

Merged
leehinman merged 3 commits intoelastic:mainfrom
leehinman:3888_ti_anomail_ecs_8.4
Aug 9, 2022
Merged

[ti_anomali] Update ECS to 8.4.0#3920
leehinman merged 3 commits intoelastic:mainfrom
leehinman:3888_ti_anomail_ecs_8.4

Conversation

@leehinman
Copy link
Contributor

@leehinman leehinman commented Aug 1, 2022
edited
Loading

  • Update ti_anomali to ECS 8.4.0

Closes #3888

@leehinman
Update ECS version for ti_anomali
0f259aa 
ECS version updated to 8.4.0
@leehinman leehinman force-pushed the 3888_ti_anomail_ecs_8.4 branch from 44ced90 to 0f259aa Compare August 1, 2022 15:16
@elasticmachine
Copy link

elasticmachine commented Aug 1, 2022
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-08-01T15:47:40.159+0000

  • Duration: 18 min 0 sec

Test stats 🧪

Test Results
Failed 0
Passed 16
Skipped 0
Total 16

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@leehinman leehinman changed the title Update ECS to 8.4.0 [ti_anomali] Update ECS to 8.4.0 Aug 1, 2022
@elasticmachine
Copy link

elasticmachine commented Aug 1, 2022
edited
Loading

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 100.0% (2/2) 💚
Files 100.0% (2/2) 💚 2.868
Classes 100.0% (2/2) 💚 2.868
Methods 96.296% (26/27) 👍 6.841
Lines 92.888% (431/464) 👍 2.282
Conditionals 100.0% (0/0) 💚

@leehinman leehinman marked this pull request as ready for review August 1, 2022 17:28
@leehinman leehinman requested a review from a team as a code owner August 1, 2022 17:28
@elasticmachine
Copy link

elasticmachine commented Aug 1, 2022

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@andrewkroh andrewkroh added the Integration:ti_util Threat Intelligence Utilities label Aug 2, 2022
efd6
efd6 reviewed Aug 3, 2022
View reviewed changes
packages/ti_anomali/data_stream/threatstream/elasticsearch/ingest_pipeline/default.yml
@@ -190,11 +190,11 @@ processors:
#
- append:
field: threat.indicator.marking.tlp
Copy link
Contributor

@efd6 efd6 Aug 3, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't see threat.indicator.marking.tlp in the fields docs. Should this be added?

Copy link
Contributor Author

@leehinman leehinman Aug 5, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it is in the ecs.yml file.

integrations/packages/ti_anomali/data_stream/threatstream/fields/ecs.yml

Line 60 in 35d1cb3

name: threat.indicator.marking.tlp

taylor-swanson
taylor-swanson approved these changes Aug 8, 2022
View reviewed changes
Copy link
Contributor

@taylor-swanson taylor-swanson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@leehinman leehinman merged commit d738c9b into elastic:main Aug 9, 2022
@leehinman leehinman deleted the 3888_ti_anomail_ecs_8.4 branch August 9, 2022 14:01
@andrewkroh andrewkroh mentioned this pull request Aug 25, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@efd6 efd6 efd6 left review comments

@taylor-swanson taylor-swanson taylor-swanson approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request Integration:ti_util Threat Intelligence Utilities

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[ti_anomali] ECS 8.4.0 threat.indicator.type and threat.indicator.confidence expected value mismatch

5 participants

@leehinman @elasticmachine @efd6 @taylor-swanson @andrewkroh