cisco_meraki: handle blocked ARP packet, auth and port messages#7771
cisco_meraki: handle blocked ARP packet, auth and port messages#7771efd6 merged 3 commits intoelastic:mainfrom
Conversation
efd6
added
enhancement
efd6
force-pushed
the
7770-cisco_meraki
branch
2 times, most recently
from
db74b7a to
215ca81
Compare
efd6
changed the title
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
🤖 GitHub commentsExpand to view the GitHub comments
To re-run your PR in the CI, just comment with:
|
🌐 Coverage report
|
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
|
LGTM |
|
@LaZyDK Are you happy with the subtype? I was also wondering whether we should be retaining the fact that it's a ARP packet that's being blocked somewhere other than in the |
|
If you want to follow the current format then Do you want some more log lines that are not normalized? |
|
I just found something that could be optimized in the Meraki integrations. |
efd6
changed the title
|
@LaZyDK Added your new events and changed the subtype. That optimisation is worth considering, please open an issue for it. |
packages/cisco_meraki/data_stream/log/_dev/test/pipeline/test-events.log-expected.json
Outdated
Show resolved
Hide resolved
|
You don't have to implement my suggestions. I will add it to another PR to be reviewed later on. |
efd6
force-pushed
the
7770-cisco_meraki
branch
from
0a850be to
66c7bea
Compare
|
Package cisco_meraki - 1.13.0 containing this change is available at https://epr.elastic.co/search?package=cisco_meraki |
2 similar comments
|
Package cisco_meraki - 1.13.0 containing this change is available at https://epr.elastic.co/search?package=cisco_meraki |
|
Package cisco_meraki - 1.13.0 containing this change is available at https://epr.elastic.co/search?package=cisco_meraki |
4 participants
What does this PR do?
See title.
Checklist
changelog.ymlfile.Author's Checklist
How to test this PR locally
Related issues
Screenshots