Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add required version number to audit log #85390

Merged
merged 2 commits into from
Dec 9, 2020
Merged

Add required version number to audit log #85390

merged 2 commits into from
Dec 9, 2020

Conversation

thomheymann
Copy link
Contributor

@thomheymann thomheymann commented Dec 9, 2020
edited
Loading

Related to elastic/beats#22696

Summary

This PR adds the ECS version number to audit logs.

This is a required field in ECS and should be set at the point of logging, not during ingestion (e.g. in Filebeat).

{
  "@timestamp": "2020-12-09T11:18:40.003+00:00",
  "message": "User is updating config [id=8.0.0]",
  "ecs": {
    "version": "1.6.0"
  },
}

Checklist

Delete any items that are not applicable to this PR.

@thomheymann thomheymann added v8.0.0 v7.11.0 Feature:Security/Audit Platform Security - Audit Logging feature labels Dec 9, 2020
@thomheymann thomheymann requested a review from a team as a code owner December 9, 2020 11:21
@legrego legrego added release_note:skip Skip the PR/issue when compiling release notes and removed release_note:fix labels Dec 9, 2020
legrego
legrego approved these changes Dec 9, 2020
View reviewed changes
Copy link
Member

@legrego legrego left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM on green CI, with one nit - thanks for opening this!

As an aside, I changed your label from release_note:fix to release_note:skip, since we are fixing something that hasn't shipped yet. There's no need to include this in the public release notes, since there isn't anything that's been fixed from the user's perspective

x-pack/plugins/security/server/audit/audit_service.ts Show resolved Hide resolved
@legrego legrego added the Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! label Dec 9, 2020
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-security (Team:Security)

@thomheymann thomheymann mentioned this pull request Dec 9, 2020
Merged
6 tasks
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@thomheymann thomheymann merged commit 039c8e1 into master Dec 9, 2020
@thomheymann thomheymann deleted the audit/ecsversion branch December 9, 2020 16:07
@thomheymann thomheymann mentioned this pull request Dec 9, 2020
Merged
thomheymann added a commit that referenced this pull request Dec 9, 2020
@thomheymann
Add required version number to audit log (#85390) (#85426)
4c278a1 
* Add required version number to audit log

* Added suggestion from code review
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@legrego legrego legrego approved these changes

Assignees
No one assigned
Labels
Feature:Security/Audit Platform Security - Audit Logging feature release_note:skip Skip the PR/issue when compiling release notes Team:Security Team focused on: Auth, Users, Roles, Spaces, Audit Logging, and more! v7.11.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@thomheymann @elasticmachine @kibanamachine @legrego