github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity

[Security Solution][Exceptions] Add lowercase normalizer for case-insensitivity + deprecate _tags field (new OS field) (#77379)

Browse source 
* Finish adding .lower to exceptionable fields

* Add back migrations

* .lower -> .caseless

* Add separate field for os type

* updates

* Type updates

* Switch over to osTypes

* get rid of _tags

* Add tests for schema validation

* Remove remaining references to _tags

* Another round of test fixes

* DefaultArray tests

* More test fixes

* Fix remaining test failures

* types / tests

* more test updates

* lowercase os values

* Address feedback + fix test failure

* tests

* Fix integration test

* process.executable.path -> process.executable.caseless

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
This commit is contained in:
Madison Caldwell 2020-10-02 15:54:43 -04:00 committed by GitHub
parent b66de2ce1d
commit c456f64a7e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
92 changed files with 636 additions and 479 deletions
Download patch file Download diff file Expand all files Collapse all files

20
x-pack/plugins/lists/README.md
View file

@ -113,12 +113,6 @@ You should see the new exception list created like so:
```sh
{
"_tags": [
"endpoint",
"process",
"malware",
"os:linux"
],
"created_at": "2020-05-28T19:16:31.052Z",
"created_by": "yo",
"description": "This is a sample endpoint type exception",
@ -141,12 +135,6 @@ And you can attach exception list items like so:
```ts
{
"_tags": [
"endpoint",
"process",
"malware",
"os:linux"
],
"comments": [],
"created_at": "2020-05-28T19:17:21.099Z",
"created_by": "yo",
@ -173,6 +161,7 @@ And you can attach exception list items like so:
"list_id": "endpoint_list",
"name": "Sample Endpoint Exception List",
"namespace_type": "single",
"os_types": ["linux"],
"tags": [
"user added string for a tag",
"malware"
@ -222,12 +211,6 @@ or for finding exception lists:
{
"data": [
{
"_tags": [
"endpoint",
"process",
"malware",
"os:linux"
],
"created_at": "2020-05-28T19:16:31.052Z",
"created_by": "yo",
"description": "This is a sample endpoint type exception",
@ -235,6 +218,7 @@ or for finding exception lists:
"list_id": "endpoint_list",
"name": "Sample Endpoint Exception List",
"namespace_type": "single",
"os_types": ["linux"],
"tags": [
"user added string for a tag",
"malware"