This is a initial release PR of Trellix Endpoint Security integration including all the required assets.
Additional Notes
Crawler code for this integration has been committed in its respective repo
Pipeline and Facet group created for this integration are available in our sandbox and would be shared separately with the required teams.
Samples for the pipeline review would also be shared separately with the required teams.
OOTB detection rules JSON would be shared separately with the required teams as a part of separate repository.
Since during the standard attribute remapping we are not preserving the source attributes as per suggested best practices, it would result in filters using these standard attributes populating the values of other integrations as well as per current Datadog behaviour.
Review checklist (to be filled by reviewers)
[ ] Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
[ ] Changelog entries must be created for modifications to shipped code
[ ] Add the qa/skip-qa label if the PR doesn't need to be tested during QA.
[ ] If you need to backport this PR to another branch, you can add the backport/<branch-name> label to the PR and it will automatically open a backport PR once this one is merged
What does this PR do?
This is a initial release PR of Trellix Endpoint Security integration including all the required assets.
Additional Notes
Review checklist (to be filled by reviewers)
qa/skip-qalabel if the PR doesn't need to be tested during QA.backport/<branch-name>label to the PR and it will automatically open a backport PR once this one is merged