Open narph opened 1 year ago
Pinging @elastic/security-external-integrations (Team:Security-External Integrations)
Meeting with Aruba partner this week, who may be willing to give us access to sample data to unblock us from building Aruba integrations.
@jamiehynds @cpascale43 Looking to get some further details about:
Integration release checklist
Logs are syslogs, with the message part looking like this:
"message" => "<142>Feb 3 09:37:00 sw-tes-03-rack2 00179 mgr: ST1-CMDR: SME SSH from 10.56.12.21 - MANAGER Mode", "message" => "<142>Feb 3 09:38:58 sw-tes-03-rack2 03362 auth: ST1-CMDR: User 'test' logged in from 10.56.12.21 to SSH session", "message" => "<142>Feb 3 09:39:00 sw-tes-03-rack2 00179 mgr: ST1-CMDR: SME SSH from 10.56.12.21 - MANAGER Mode", "message" => "<142>Feb 3 09:39:06 sw-tes-03-rack2 03363 auth: ST1-CMDR: User 'test' logged out of SSH session from 10.56.12.21", ....
All changes
cc @jamiehynds