Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

[ti_cyware_intel_exchange] Initial release of Cyware Intel Exchange#14500

Merged
efd6 merged 9 commits intoelastic:mainfrom
muskan-agarwal26:ti_cyware_threat_intelligence-0.1.0
Aug 13, 2025
Merged

[ti_cyware_intel_exchange] Initial release of Cyware Intel Exchange#14500
efd6 merged 9 commits intoelastic:mainfrom
muskan-agarwal26:ti_cyware_threat_intelligence-0.1.0

Conversation

@muskan-agarwal26
Copy link
Contributor

@muskan-agarwal26muskan-agarwal26 commentedJul 11, 2025
edited
Loading

Proposed commit message

The initial release includes an indicator data stream for supporting indicators via REST API, along with their corresponding dashboards and visualizations.

Cyware Intel Exchange fields are mapped to their corresponding ECS fields where possible.

Test samples were derived from documentation.

Checklist

  • I have reviewedtips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package'schangelog.yml file.
  • I have verified that Kibana version constraints are current according toguidelines.
  • I have verified that any added dashboard complies with Kibana'sDashboard good practices

How to test this PR locally

  • Clone integrations repo.
  • Install elastic package locally.
  • Start elastic stack using elastic-package.
  • Move to integrations/packages/ti_cyware_intel_exchange directory.
  • Run the following command to run tests.

elastic-package test

elastic-package test2025/07/14 15:02:01  INFO New version is available - v0.112.0. Download from: https://github.com/elastic/elastic-package/releases/tag/v0.112.0Run asset tests for the package2025/07/14 15:02:02  INFO License text found in "/root/GITHUB/integrations/LICENSE.txt" will be included in package--- Test results for package: ti_cyware_intel_exchange - START ---╭──────────────────────────┬─────────────┬───────────┬───────────────────────────────────────────────────────────────────────────────────┬────────┬──────────────╮│ PACKAGE                  │ DATA STREAM │ TEST TYPE │ TEST NAME                                                                         │ RESULT │ TIME ELAPSED │├──────────────────────────┼─────────────┼───────────┼───────────────────────────────────────────────────────────────────────────────────┼────────┼──────────────┤│ ti_cyware_intel_exchange │             │ asset     │ dashboard ti_cyware_intel_exchange-56ee88b2-39b0-44f1-a122-46ff83bdbcb0 is loaded │ PASS   │      3.037µs ││ ti_cyware_intel_exchange │             │ asset     │ search ti_cyware_intel_exchange-d3c12e4c-1d77-4c81-8223-5f909ffb433f is loaded    │ PASS   │        428ns ││ ti_cyware_intel_exchange │ indicator   │ asset     │ index_template logs-ti_cyware_intel_exchange.indicator is loaded                  │ PASS   │        744ns ││ ti_cyware_intel_exchange │ indicator   │ asset     │ ingest_pipeline logs-ti_cyware_intel_exchange.indicator-0.1.0 is loaded           │ PASS   │        210ns │╰──────────────────────────┴─────────────┴───────────┴───────────────────────────────────────────────────────────────────────────────────┴────────┴──────────────╯--- Test results for package: ti_cyware_intel_exchange - END   ---DoneRun pipeline tests for the package--- Test results for package: ti_cyware_intel_exchange - START ---╭──────────────────────────┬─────────────┬───────────┬───────────────────────────────────────────────┬────────┬──────────────╮│ PACKAGE                  │ DATA STREAM │ TEST TYPE │ TEST NAME                                     │ RESULT │ TIME ELAPSED │├──────────────────────────┼─────────────┼───────────┼───────────────────────────────────────────────┼────────┼──────────────┤│ ti_cyware_intel_exchange │ indicator   │ pipeline  │ (ingest pipeline warnings test-indicator.log) │ PASS   │ 2.116439225s ││ ti_cyware_intel_exchange │ indicator   │ pipeline  │ test-indicator.log                            │ PASS   │ 517.895864ms │╰──────────────────────────┴─────────────┴───────────┴───────────────────────────────────────────────┴────────┴──────────────╯--- Test results for package: ti_cyware_intel_exchange - END   ---DoneRun policy tests for the package--- Test results for package: ti_cyware_intel_exchange - START ---No test results--- Test results for package: ti_cyware_intel_exchange - END   ---DoneRun static tests for the package--- Test results for package: ti_cyware_intel_exchange - START ---╭──────────────────────────┬─────────────┬───────────┬──────────────────────────┬────────┬──────────────╮│ PACKAGE                  │ DATA STREAM │ TEST TYPE │ TEST NAME                │ RESULT │ TIME ELAPSED │├──────────────────────────┼─────────────┼───────────┼──────────────────────────┼────────┼──────────────┤│ ti_cyware_intel_exchange │ indicator   │ static    │ Verify sample_event.json │ PASS   │ 695.053229ms │╰──────────────────────────┴─────────────┴───────────┴──────────────────────────┴────────┴──────────────╯--- Test results for package: ti_cyware_intel_exchange - END   ---DoneRun system tests for the package2025/07/14 15:02:19  INFO License text found in "/root/GITHUB/integrations/LICENSE.txt" will be included in package2025/07/14 15:04:01  INFO Write container logs to file: /root/GITHUB/integrations/build/container-logs/indicator-api-1752485641566741102.log2025/07/14 15:04:14  INFO Write container logs to file: /root/GITHUB/integrations/build/container-logs/elastic-agent-1752485654456033515.log--- Test results for package: ti_cyware_intel_exchange - START ---╭──────────────────────────┬─────────────┬───────────┬───────────┬────────┬────────────────╮│ PACKAGE                  │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │   TIME ELAPSED │├──────────────────────────┼─────────────┼───────────┼───────────┼────────┼────────────────┤│ ti_cyware_intel_exchange │ indicator   │ system    │ default   │ PASS   │ 1m26.57061371s │╰──────────────────────────┴─────────────┴───────────┴───────────┴────────┴────────────────╯--- Test results for package: ti_cyware_intel_exchange - END   ---Done

Related issues

Screenshots

ss-1ss-2

@muskan-agarwal26muskan-agarwal26 requested a review froma team as acode ownerJuly 11, 2025 05:58
@kcreddykcreddy added dashboardRelates to a Kibana dashboard bug, enhancement, or modification. New IntegrationIssue or pull request for creating a new integration package. Team:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations] labelsJul 11, 2025
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@kcreddy
Copy link
Contributor

/test

@kcreddykcreddy added documentationImprovements or additions to documentation. Applied to PRs that modify *.md files. CrestContributions from Crest developement team. labelsJul 11, 2025
@elastic-vault-github-plugin-prod

🚀 Benchmarks report

To see the full report comment with/test benchmark fullreport

1. Changed integration name to ti_cyware_intel_exchange.2. Added state variables in error branch
@muskan-agarwal26muskan-agarwal26 changed the title[ti_cyware_threat_intelligence] Initial release of Cyware Threat Intelligence[ti_cyware_intel_exchange] Initial release of Cyware Intel ExchangeJul 14, 2025
1. Removed few visuals.Mapped ctix_score with event.severity.
@kcreddy
Copy link
Contributor

/test

@kcreddy
Copy link
Contributor

/test

Copy link
Contributor

@efd6efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Minor changes only.

@efd6
Copy link
Contributor

/test

@elasticmachine
Copy link

💚 Build Succeeded

History

@elastic-sonarqube
Copy link

Copy link
Contributor

@efd6efd6 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Thanks

@efd6efd6 merged commit970756a intoelastic:mainAug 13, 2025
9 checks passed
@elastic-vault-github-plugin-prod

Package ti_cyware_intel_exchange - 0.1.0 containing this change is available athttps://epr.elastic.co/package/ti_cyware_intel_exchange/0.1.0/

robester0403 pushed a commit to robester0403/integrations that referenced this pull requestAug 14, 2025
…lastic#14500)The initial release includes an indicator data stream for supportingindicators via REST API, along with their corresponding dashboards andvisualizations.Cyware Intel Exchange fields are mapped to their corresponding ECSfields where possible.Test samples were derived from documentation.
tehbooom pushed a commit to tehbooom/integrations that referenced this pull requestNov 19, 2025
…lastic#14500)The initial release includes an indicator data stream for supportingindicators via REST API, along with their corresponding dashboards andvisualizations.Cyware Intel Exchange fields are mapped to their corresponding ECSfields where possible.Test samples were derived from documentation.
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@efd6efd6efd6 approved these changes

Assignees

No one assigned

Labels

CrestContributions from Crest developement team.dashboardRelates to a Kibana dashboard bug, enhancement, or modification.documentationImprovements or additions to documentation. Applied to PRs that modify *.md files.Integration:ti_cyware_intel_exchangeCyware Intel ExchangeNew IntegrationIssue or pull request for creating a new integration package.Team:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[New Integration] Cyware Threat Intelligence eXchange (CTIX)

6 participants

@muskan-agarwal26@elasticmachine@kcreddy@efd6@andrewkroh@muskan-crest

Comments


[8]ページ先頭

©2009-2026 Movatter.jp