Skip to content

[integrations] - Fixed aggregation error in AWS Guard Duty Severity Overview Dashboard#9253

Merged
ShourieG merged 11 commits intoelastic:mainfrom
ShourieG:bugfix/guardduty
Feb 28, 2024
Merged

[integrations] - Fixed aggregation error in AWS Guard Duty Severity Overview Dashboard#9253
ShourieG merged 11 commits intoelastic:mainfrom
ShourieG:bugfix/guardduty

Conversation

@ShourieG
Copy link
Copy Markdown
Contributor

@ShourieG ShourieG commented Feb 28, 2024

Type of change

Please label this PR with one of the following labels, depending on the scope of your change:

  • Bug

Proposed commit message

The Severity Overview Dashboard had a bug where the Severity Over Time Logs Visualisation was aggregating on the "_id" field. Since this is meta field it cannot be aggregated on. This has been fixed to count the number of records, which is a default feature.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

@ShourieG ShourieG requested review from a team as code owners February 28, 2024 13:17
@ShourieG ShourieG self-assigned this Feb 28, 2024
kcreddy
kcreddy approved these changes Feb 28, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@kcreddy kcreddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ShourieG ShourieG enabled auto-merge (squash) February 28, 2024 14:23
@ShourieG ShourieG disabled auto-merge February 28, 2024 14:23
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Feb 28, 2024

🚀 Benchmarks report

Package aws 👍(11) 💚(3) 💔(3)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
route53_public_logs 12658.23 7692.31 -4965.92 (-39.23%) 💔
ec2_logs 37037.04 27777.78 -9259.26 (-25%) 💔
guardduty 1005.03 711.74 -293.29 (-29.18%) 💔

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Feb 28, 2024

💚 Build Succeeded

cc @ShourieG

@elastic-sonarqube
Copy link
Copy Markdown

elastic-sonarqube bot commented Feb 28, 2024

Quality Gate passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No Coverage information No data about Coverage
No Duplication information No data about Duplication

See analysis details on SonarQube

@ShourieG ShourieG merged commit 4c91ffc into elastic:main Feb 28, 2024
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Feb 28, 2024

Package aws - 2.12.2 containing this change is available at https://epr.elastic.co/search?package=aws

@ShourieG ShourieG deleted the bugfix/guardduty branch February 29, 2024 03:03
@louisong
Copy link
Copy Markdown

louisong commented Mar 4, 2024

@ShourieG Customer is asking if it is possible for the bug fix to be backported to older version 8.10 or 8.11?
They are trying to avoid upgrading the entire stack to 8.12 for testing out the fix.

@ShourieG
Copy link
Copy Markdown
Contributor Author

ShourieG commented Mar 5, 2024

@ShourieG Customer is asking if it is possible for the bug fix to be backported to older version 8.10 or 8.11? They are trying to avoid upgrading the entire stack to 8.12 for testing out the fix.

@louisong Unfortunately this cannot be backported as integration rollouts are tied to specific Kibana versions unlike beats. Previous updates already bumped up the version to 8.12 so this PR is built on top of that. The customer could update to the latest 8.12 or manually clone the dashboard and replace the unique count function with a record count function in Kibana Lens, which is pretty simple to do.

gizas pushed a commit that referenced this pull request Mar 13, 2024
@ShourieG @gizas
[integrations] - Fixed aggregation error in AWS Guard Duty Severity O…
6ab18ea 
…verview Dashboard (#9253)

* refactored the integration, added new parameters and improved documentation for making integration GA

* bugfix for aggregating on _id

* updated changelog
qcorporation pushed a commit that referenced this pull request Feb 3, 2025
@ShourieG @gizas
[integrations] - Fixed aggregation error in AWS Guard Duty Severity O…
43c5007 
…verview Dashboard (#9253)

* refactored the integration, added new parameters and improved documentation for making integration GA

* bugfix for aggregating on _id

* updated changelog
qcorporation pushed a commit that referenced this pull request Feb 4, 2025
@ShourieG @gizas
[integrations] - Fixed aggregation error in AWS Guard Duty Severity O…
477913e 
…verview Dashboard (#9253)

* refactored the integration, added new parameters and improved documentation for making integration GA

* bugfix for aggregating on _id

* updated changelog
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@drewdaemon drewdaemon drewdaemon approved these changes

@kcreddy kcreddy kcreddy approved these changes

@muthu-mps muthu-mps muthu-mps approved these changes

Assignees

@ShourieG ShourieG

Labels

Integration:aws AWS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@ShourieG @elasticmachine @louisong @drewdaemon @kcreddy @muthu-mps @andrewkroh