New Exchange Server integration by SimonKoetting · Pull Request #9197 · elastic/integrations

SimonKoetting · 2024-02-20T08:53:21Z

Initial push of new developed Microsoft Exchange Server Integration (on-prem)

Co-authored-by: Simon Schneider <95302847+smnschneider@users.noreply.github.com>

elasticmachine · 2024-02-20T11:21:27Z

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

elasticmachine · 2024-02-22T10:19:40Z

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

taylor-swanson

I did an initial look over this, but I'll be diving deeper into the data streams next.

taylor-swanson · 2024-02-22T22:10:37Z

I feel like this integration would be better suited under the @elastic/sec-windows-platform team.

@elastic/sec-deployment-and-devices primarily works with physical devices (routers, firewalls) where as this a Windows-exclusive application. While this currently reads from log files, I do believe Exchange can write to Windows Event Logs for at least some of its events, which would involve the winlog input.

marc-gr

Looking good! Just couple of observations to simplify the pipelines if it makes sense.

PS: added them to the first one, but they apply to all pipelines

SimonKoetting · 2024-03-06T15:26:44Z

Hi @marc-gr
thanks for your report! Good points that I hadn't thought of.
The first 3 points are now implemented.

marc-gr · 2024-03-11T08:55:45Z

/test

elasticmachine · 2024-03-11T09:08:18Z

💚 Build Succeeded

Buildkite Build
Commit: d4abdb7

History

💚 Build #9357 succeeded d4abdb7
💚 Build #9288 succeeded 6463eb3
💚 Build #9244 succeeded 6866bee
💚 Build #9196 succeeded d589c59
💔 Build #9195 failed 0af5b1d
💔 Build #9194 failed f8db86d

cc @marc-gr @taylor-swanson

elastic-sonarqube · 2024-03-11T09:08:21Z

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
95.2% 95.2% Coverage on New Code
0.0% 0.0% Duplication on New Code

See analysis details on SonarQube

elasticmachine · 2024-03-11T09:38:01Z

Package microsoft_exchange_server - 0.1.0 containing this change is available at https://epr.elastic.co/search?package=microsoft_exchange_server

* initial commit new Exchange Server integration Co-authored-by: Simon Schneider <95302847+smnschneider@users.noreply.github.com> * Remove License file * change Codeowner * rename test-files for validation check * add validation.yml * Update Changelog, switch to filestream and fix docs * adjust manifest description * Change Codeowner * Added failure processors, switch to copy_from and remove duplicates --------- Co-authored-by: Simon Schneider <95302847+smnschneider@users.noreply.github.com>

initial commit new Exchange Server integration

2a00633

Co-authored-by: Simon Schneider <95302847+smnschneider@users.noreply.github.com>

SimonKoetting changed the title ~~initial commit new Exchange Server integration~~ New Exchange Server integration Feb 20, 2024

Remove License file

477d36b

jamiehynds requested a review from a team February 20, 2024 11:17

jamiehynds added New Integration Issue or pull request for creating a new integration package. Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices] labels Feb 20, 2024

SimonKoetting added 3 commits February 22, 2024 09:35

change Codeowner

f8db86d

rename test-files for validation check

0af5b1d

add validation.yml

d589c59

norrietaylor assigned taylor-swanson Feb 22, 2024

taylor-swanson reviewed Feb 22, 2024

View reviewed changes

norrietaylor added the Team:Security-Windows Platform Security Windows Platform team [elastic/sec-windows-platform] label Feb 22, 2024

SimonKoetting added 2 commits February 23, 2024 09:34

Update Changelog, switch to filestream and fix docs

4902e98

adjust manifest description

6866bee

jamiehynds requested a review from a team February 23, 2024 12:32

taylor-swanson reviewed Feb 28, 2024

View reviewed changes

Comment thread .github/CODEOWNERS Outdated

Comment thread packages/microsoft_exchange_server/manifest.yml Outdated

Change Codeowner

6463eb3

norrietaylor removed the Team:Security-Deployment and Devices DEPRECATED Deployment and Devices Security team [elastic/sec-deployment-and-devices] label Mar 5, 2024

marc-gr reviewed Mar 6, 2024

View reviewed changes

marc-gr self-assigned this Mar 6, 2024

Added failure processors, switch to copy_from and remove duplicates

d4abdb7

SimonKoetting requested a review from marc-gr March 8, 2024 14:47

marc-gr approved these changes Mar 11, 2024

View reviewed changes

marc-gr enabled auto-merge (squash) March 11, 2024 08:56

marc-gr merged commit 0da0ea5 into elastic:main Mar 11, 2024

SimonKoetting mentioned this pull request Mar 11, 2024

Fix Exchange Server Dashboard references #9325

Merged

SimonKoetting mentioned this pull request Apr 8, 2024

Microsoft Exchange Server Integration #8937

Closed

andrewkroh added the Integration:microsoft_exchange_server Microsoft Exchange Server (Community supported) label Jul 22, 2024

Conversation

SimonKoetting commented Feb 20, 2024

Uh oh!

elasticmachine commented Feb 20, 2024

Uh oh!

elasticmachine commented Feb 22, 2024

🚀 Benchmarks report

Uh oh!

taylor-swanson left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

taylor-swanson commented Feb 22, 2024

Uh oh!

Uh oh!

Uh oh!

marc-gr left a comment • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

SimonKoetting commented Mar 6, 2024

Uh oh!

marc-gr commented Mar 11, 2024

Uh oh!

elasticmachine commented Mar 11, 2024

💚 Build Succeeded

History

Uh oh!

elastic-sonarqube Bot commented Mar 11, 2024

Quality Gate passed

Uh oh!

elasticmachine commented Mar 11, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

marc-gr left a comment •

edited

Loading