Skip to content

Add new policy fields for firewall_anti_tamper plugin #637

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 13, 2025
Merged

Add new policy fields for firewall_anti_tamper plugin #637

merged 3 commits into from
Jun 13, 2025

Conversation

matthewh-elastic
Copy link
Contributor

@matthewh-elastic matthewh-elastic commented Jun 12, 2025
edited
Loading

Change Summary

Add additional Policy field entries for new firewall_anti_tamper plugin.

For mapping changes:

  • I ran make after making the schema changes, and committed all changes
  • If these field(s) are "exception"-able, I made a companion PR to Kibana adding it (see Readme)
  • If this is a metadata change, I also updated both transform destination schemas to match

For Transform changes:

  • The new transform successfully starts in Kibana
  • The corresponding transform destination schema was updated if necessary

@matthewh-elastic matthewh-elastic requested review from a team as code owners June 12, 2025 08:57
@szwarckonrad szwarckonrad requested review from pzl and removed request for szwarckonrad June 12, 2025 08:58
intxgo
intxgo reviewed Jun 12, 2025
View reviewed changes
Copy link
Contributor

@intxgo intxgo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the descriptions doesn't look good

pzl
pzl reviewed Jun 12, 2025
View reviewed changes
Copy link
Member

@pzl pzl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please add sample values for these new fields to package/endpoint/data_stream/policy/sample_event.json?

brian-mckinney
brian-mckinney approved these changes Jun 12, 2025
View reviewed changes
custom_schemas/custom_endpoint.yml Outdated
the overall status of firewall anti-tamper, this is correlated to the status of concerned actions
but not a simple sum of the actions
short: the overall status of firewall anti-tamper

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You could also add the example field to these definitions. It's useful for enhancing the auto generated docs (see: #606)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. All of the fields for existing plugins are currently in the same format (eg here) so I copied these for consistency. Perhaps a separate PR could be raised to add the example field to all of them at once?

@matthewh-elastic matthewh-elastic merged commit 3889c4c into main Jun 13, 2025
4 checks passed
@pzl pzl deleted the matthew/firewall_plugin_fields branch June 24, 2025 16:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pzl pzl pzl approved these changes

@tomsonpl tomsonpl tomsonpl approved these changes

@intxgo intxgo intxgo approved these changes

@brian-mckinney brian-mckinney brian-mckinney approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@matthewh-elastic @pzl @tomsonpl @intxgo @brian-mckinney