Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ti_custom: Add docs about retrieving ISAC feeds #12098

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

ti_custom: Add docs about retrieving ISAC feeds #12098

wants to merge 2 commits into from
+46 −1

Conversation

chemamartinez
Copy link
Contributor

Proposed commit message

See title.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

Screenshots

image

@chemamartinez chemamartinez added documentation Improvements or additions to documentation enhancement New feature or request Team:Security-Service Integrations Security Service Integrations Team [elastic/security-service-integrations] Integration:ti_custom Custom Threat Intelligence labels Dec 13, 2024
@chemamartinez chemamartinez self-assigned this Dec 13, 2024
@chemamartinez chemamartinez marked this pull request as ready for review December 13, 2024 13:24
@chemamartinez chemamartinez requested a review from a team as a code owner December 13, 2024 13:24
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

💚 Build Succeeded

cc @chemamartinez

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

chrisberkhout
chrisberkhout reviewed Dec 13, 2024
View reviewed changes
packages/ti_custom/_dev/build/docs/README.md
- Authentication Credentials: Username, password, API Key, or client certificate, as required by the ISAC.

3. Set up the integration:
- The server URL and collection name should be used to build the URL as follows: `https://{server_url}/{api-root}/collections/{name}/objects/`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- The server URL and collection name should be used to build the URL as follows: `https://{server_url}/{api-root}/collections/{name}/objects/`
- The server URL and collection name should be used to build the URL as follows: `https://{base_url}/{api-root}/collections/{name}/objects/`

Matches what's in the url variable description in the manifest, and avoids confusion with the above "Server URL" example https://example-isac.org/taxii/, which I assume would be {base_url} of example-isac.org and {api-root} of taxii.

chrisberkhout
chrisberkhout approved these changes Dec 13, 2024
View reviewed changes
Copy link
Contributor

@chrisberkhout chrisberkhout left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor suggestion.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrisberkhout chrisberkhout chrisberkhout approved these changes

Assignees

@chemamartinez chemamartinez

Labels
documentation Improvements or additions to documentation enhancement New feature or request Integration:ti_custom Custom Threat Intelligence Team:Security-Service Integrations Security Service Integrations Team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@chemamartinez @elasticmachine @chrisberkhout