Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[aws] Don't index empty AWS Security Hub responses #9705

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
May 13, 2024
Merged

[aws] Don't index empty AWS Security Hub responses #9705

merged 3 commits into from
May 13, 2024

Conversation

chrisberkhout
Copy link
Contributor

@chrisberkhout chrisberkhout commented Apr 25, 2024
edited
Loading

Proposed commit message

[aws] Don't index empty AWS Security Hub responses (#)

Set `response.split.ignore_empty_value: true` for splitting responses
from AWS Security Hub, to avoid indexing the empty wrapper document
when the Insights or Findings list is empty.

The [`response.split` documentation][1] says:

> If the split target is empty the parent document will be kept.
> If documents with empty splits should be dropped, the
> `ignore_empty_value` option should be set to `true`.
 
 [1]: https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-httpjson.html#response-split

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

@chrisberkhout chrisberkhout added Integration:aws AWS bugfix Pull request that fixes a bug issue Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] labels Apr 25, 2024
@chrisberkhout chrisberkhout self-assigned this Apr 25, 2024
@chrisberkhout chrisberkhout requested a review from a team as a code owner April 25, 2024 02:43
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@chrisberkhout chrisberkhout requested review from a team as code owners April 25, 2024 02:45
@elasticmachine
Copy link

elasticmachine commented Apr 25, 2024
edited
Loading

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@crocswithsocks
Copy link

Thank you for this update. I would also love to see support for the integration to retrieve Managed Security Hub insights

@chrisberkhout chrisberkhout mentioned this pull request Apr 26, 2024
Closed
@chrisberkhout chrisberkhout mentioned this pull request May 8, 2024
Closed
4 tasks
ShourieG
ShourieG approved these changes May 13, 2024
View reviewed changes
Copy link
Contributor

@ShourieG ShourieG left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lgtm

@chrisberkhout chrisberkhout enabled auto-merge (squash) May 13, 2024 13:36
@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@chrisberkhout chrisberkhout merged commit 0c42590 into elastic:main May 13, 2024
@elasticmachine
Copy link

💚 Build Succeeded

History

cc @chrisberkhout

@elasticmachine
Copy link

Package aws - 2.15.1 containing this change is available at https://epr.elastic.co/search?package=aws

@chrisberkhout chrisberkhout mentioned this pull request May 24, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShourieG ShourieG ShourieG approved these changes

Assignees

@chrisberkhout chrisberkhout

Labels
bugfix Pull request that fixes a bug issue Integration:aws AWS Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@chrisberkhout @elasticmachine @crocswithsocks @ShourieG