x-pack/filebeat/input/entityanalytics/{okta,azuread/fetcher/graph}: add ability to remove request trace logs

efd6 commented 4 days ago

Proposed commit message

This is essentially a replay of #39969, but for the entity analytics providers.

The previous configuration system did not allow users to remove trace logs from agents after they are no longer needed. This is potential security risk as it leaves potentially sensitive information on the file system beyond its required lifetime. The mechanism for communicating to the input whether to write logs is not currently powerful enough to indicate that existing logs should be removed without deleting logs from other instances. So add an enabled configuration option to allow the target name to be sent independently of whether the files should be written or removed.

The new option is optional, defaulting to the previous behaviour so that it can be opted into via progressive repair in the client integrations.

Checklist

[ ] My code follows the style guidelines of this project
[ ] I have commented my code, particularly in hard-to-understand areas
[ ] I have made corresponding changes to the documentation
[ ] I have made corresponding change to the default configuration files
[ ] I have added tests that prove my fix is effective or that my feature works
[x] I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Disruptive User Impact

Author's Checklist

[ ]

How to test this PR locally

Related issues

-

Use cases

Screenshots

Logs

elasticmachine commented 4 days ago

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

mergify[bot] commented 3 days ago

This pull request is now in conflicts. Could you fix it? 🙏 To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b 39969-entityanalytics upstream/39969-entityanalytics
git merge upstream/main
git push upstream 39969-entityanalytics

mergify[bot] commented 1 day ago

This pull request is now in conflicts. Could you fix it? 🙏 To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b 39969-entityanalytics upstream/39969-entityanalytics
git merge upstream/main
git push upstream 39969-entityanalytics

mergify[bot] commented 1 day ago

This pull request is now in conflicts. Could you fix it? 🙏 To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b 39969-entityanalytics upstream/39969-entityanalytics
git merge upstream/main
git push upstream 39969-entityanalytics

elastic / beats