-
Notifications
You must be signed in to change notification settings - Fork 422
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Mattermost] Add Mattermost package (#2315)
* inital commit * updated pipeline and sample logs * update mattermost pipeline * update changelog * update to 7.16.0
- Loading branch information
1 parent
eb9336f
commit 60207e4
Showing
21 changed files
with
4,302 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
dependencies: | ||
ecs: | ||
reference: git@1.12 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
# Mattermost Integration | ||
|
||
The Mattermost integration collects logs from Mattermost servers. This integration has been tested with Mattermost version 5.31.9 but is expected to work with other versions. | ||
|
||
## Logs | ||
|
||
### Audit | ||
|
||
All access to the Mattermost REST API or CLI is audited. | ||
|
||
{{fields "audit"}} | ||
|
||
{{event "audit"}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
version: '2.3' | ||
services: | ||
mattermost: | ||
image: alpine | ||
volumes: | ||
- ./sample_logs:/sample_logs:ro | ||
- ${SERVICE_LOGS_DIR}:/var/log | ||
command: /bin/sh -c "cp /sample_logs/*.log /var/log/" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
{"timestamp":"2021-12-04 23:19:32.051 Z","event":"updateConfig","status":"success","user_id":"ag99yu4i1if63jrui63tsmq57y","session_id":"pjh4n69j3p883k7hhzippskcba","ip_address":"172.19.0.1","api_path":"/api/v4/config","cluster_id":"jq3utry71f8a7q9qgebmjccf4r","client":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36"} | ||
{"timestamp":"2021-12-04 23:19:48.599 Z","event":"updateConfig","status":"success","user_id":"ag99yu4i1if63jrui63tsmq57y","session_id":"pjh4n69j3p883k7hhzippskcba","ip_address":"172.19.0.1","api_path":"/api/v4/config","cluster_id":"jq3utry71f8a7q9qgebmjccf4r","client":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36"} | ||
{"timestamp":"2021-12-04 23:19:51.324 Z","event":"Logout","status":"success","user_id":"ag99yu4i1if63jrui63tsmq57y","session_id":"pjh4n69j3p883k7hhzippskcba","ip_address":"172.19.0.1","api_path":"/api/v4/users/logout","cluster_id":"jq3utry71f8a7q9qgebmjccf4r","client":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36"} | ||
{"timestamp":"2021-12-04 23:19:58.729 Z","event":"login","status":"success","user_id":"","session_id":"","ip_address":"172.19.0.1","api_path":"/api/v4/users/login","device_id":"","login_id":"admin","user":{"id":"ag99yu4i1if63jrui63tsmq57y","name":"admin","roles":"system_admin system_user"},"cluster_id":"jq3utry71f8a7q9qgebmjccf4r","client":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36"} | ||
{"timestamp":"2021-12-04 23:20:33.027 Z","event":"patchUser","status":"success","user_id":"ag99yu4i1if63jrui63tsmq57y","session_id":"mbz8h4gkxp8g3yzanizcpg43dc","ip_address":"172.19.0.1","api_path":"/api/v4/users/me/patch","patch":{"id":"ag99yu4i1if63jrui63tsmq57y","name":"admin","roles":"system_admin system_user"},"user":{"id":"ag99yu4i1if63jrui63tsmq57y","name":"admin","roles":"system_admin system_user"},"cluster_id":"jq3utry71f8a7q9qgebmjccf4r","client":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36"} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
# newer versions go on top | ||
- version: "1.0.0" | ||
changes: | ||
- description: Initial draft of the package | ||
type: enhancement | ||
link: https://github.com/elastic/integrations/pull/2315 |
32 changes: 32 additions & 0 deletions
32
packages/mattermost/data_stream/audit/_dev/test/pipeline/test-audit.log
Large diffs are not rendered by default.
Oops, something went wrong.
Oops, something went wrong.