Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Checkpoint] Include sequencenum for checkpoint fingerprint #12439

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

[Checkpoint] Include sequencenum for checkpoint fingerprint #12439

wants to merge 2 commits into from

Conversation

gogochan
Copy link
Contributor

@gogochan gogochan commented Jan 23, 2025
edited
Loading

Proposed commit message

From Checkpoint admin guide

loguid - Some Check Point logs are updated over time. Updated logs have the same loguid value. Check Point SmartLog client correlates those updates into a single unified log. When the update logs are sent to 3rd party servers, they arrive as distinct logs.

It is possible for multiple log entries to share the existing attributes as it was shown in https://github.com/elastic/sdh-beats/issues/5556, hence adding sequencenum to calculate the fingerprint.

Also adding additional missing fields.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

@gogochan gogochan requested a review from a team as a code owner January 23, 2025 14:40
@andrewkroh andrewkroh added Integration:checkpoint Check Point Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices] labels Jan 23, 2025
@elasticmachine
Copy link

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

@andrewkroh andrewkroh added the bugfix Pull request that fixes a bug issue label Jan 23, 2025
@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

💚 Build Succeeded

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
96.2% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mjwolf mjwolf mjwolf approved these changes

Assignees
No one assigned
Labels
bugfix Pull request that fixes a bug issue Integration:checkpoint Check Point Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@gogochan @elasticmachine @mjwolf @andrewkroh