maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/x-pack/test
History
Frank Hassanabad c9a11ee971
[SIEM] Adds process_started ECS fields to Uncommon Process Table (#45664) 
## Summary

Adds process_started ECS fields to the uncommon process table for any agents which support it. This removes duplicates from the uncommon process table as well in some cases where we were counting process started and process ended as two different counts.

https://github.com/elastic/kibana/issues/45530

Anyone outside of beats implementing this will need these two fields to show up:

```ts
event.type: process_start
event.category: process,
```

Their ECS record should have this bare minimum:

```ts
  "event": {
    "type:": "process_start",
    "category": "process",
  },
```

To show up
### Checklist

Use ~~strikethroughs~~ to remove checklist items you don't feel are applicable to this PR.

- [ ] This was checked for cross-browser compatibility, [including a check against IE11](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility)
- [ ] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/master/packages/kbn-i18n/README.md)
- [ ] [Documentation](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#writing-documentation) was added for features that require explanation or tutorials
- [x] [Unit or functional tests](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#cross-browser-compatibility) were updated or added to match the most common scenarios
- [ ] This was checked for [keyboard-only and screenreader accessibility](https://developer.mozilla.org/en-US/docs/Learn/Tools_and_testing/Cross_browser_testing/Accessibility#Accessibility_testing_checklist)

### For maintainers

- [x] This was checked for breaking API changes and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)
- [x] This includes a feature addition or change that requires a release note and was [labeled appropriately](https://github.com/elastic/kibana/blob/master/CONTRIBUTING.md#release-notes-process)
2019-09-13 14:37:52 -06:00
..
alerting_api_integration [alerting] Renames the AlertInstance.fire to scheduleActions (#45245) 2019-09-12 09:34:24 +01:00
api_integration [SIEM] Adds process_started ECS fields to Uncommon Process Table (#45664) 2019-09-13 14:37:52 -06:00
common/services [x-pack/ftr] refactor types to be more accurate/consistent wit… (#42407) 2019-08-02 15:43:05 -07:00
functional [SIEM] Adds process_started ECS fields to Uncommon Process Table (#45664) 2019-09-13 14:37:52 -06:00
kerberos_api_integration Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
oidc_api_integration Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
pki_api_integration Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
plugin_api_integration Expose task manager as plugin instead of server argument (#42966) 2019-08-09 15:17:32 -04:00
reporting [Reporting] Skip failing test (#45656) 2019-09-13 13:36:11 -07:00
saml_api_integration Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
saved_object_api_integration Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
spaces_api_integration Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
token_api_integration Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
typings [Alerting] Adds a builtin action for triggering webhooks (#43538) 2019-08-23 19:42:25 +01:00
ui_capabilities Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
upgrade_assistant_integration Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
visual_regression Revert "Revert "Revert "Revert "[ci] compress jobs for CI stab… (#45454) 2019-09-11 15:27:43 -07:00
mocha.opts
mocha_decorations.d.ts [x-pack/ftr] refactor types to be more accurate/consistent wit… (#42407) 2019-08-02 15:43:05 -07:00
tsconfig.json [@kbn/expect] "fork" expect.js into repo (#33761) 2019-03-25 09:56:48 -07:00