Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Comments

Adds missing manifest value to DGA integration#17444

Open
jmikell821 wants to merge 3 commits intomainfrom
fix-issue-753
Open

Adds missing manifest value to DGA integration#17444
jmikell821 wants to merge 3 commits intomainfrom
fix-issue-753

Conversation

@jmikell821
Copy link
Contributor

Proposed commit message

Adds serverless security capability tomanifest.yml file.

Note

For the Kibana team, the DGA integration appears in theexcludePackages listhere. Shouldn't this be removed if it's serverless supported? 🤔

Checklist

  • I have reviewedtips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package'schangelog.yml file.
  • I have verified that Kibana version constraints are current according toguidelines.
  • I have verified that any added dashboard complies with Kibana'sDashboard good practices

How to test this PR locally

Commands I guess?

Related issues

@jmikell821jmikell821 self-assigned thisFeb 17, 2026
@jmikell821jmikell821 requested a review froma team as acode ownerFebruary 17, 2026 22:12
@jmikell821jmikell821 added the enhancementNew feature or request labelFeb 17, 2026
@elasticmachine
Copy link

💚 Build Succeeded

History

cc@jmikell821

@theletterf
Copy link
Contributor

@claude Please review this PR against what is described inhttps://github.com/elastic/docs-content-internal/issues/753

github-actions[bot] reacted with eyes emoji

@github-actions
Copy link
Contributor

github-actionsbot commentedFeb 18, 2026
edited
Loading

Claude finished@theletterf's task in 1m 7s ——View job

Reviewing PR against Issue#753

  • Fetch repository context
  • Fetch the referenced issue (docs-content-internal/issues/753) -⚠️ Private repo, cannot access directly
  • Review PR changes
  • Compare PR changes against issue requirements
  • Provide review feedback

Review Summary

⚠️ Note: The referenced issue (elastic/docs-content-internal#753) is in a private repository that I cannot access. However, based on the PR description and the changes made, I can validate the implementation.

Changes Analysis

What this PR does:

  1. Addscapabilities: - security topackages/dga/manifest.yml under theelastic: section (lines 18-19)
  2. Bumps version from2.3.5 to2.3.6
  3. Adds a changelog entry documenting the enhancement

Pattern Validation ✅

I compared this change against similar ML security packages that already have the serverless security capability:

PackageHascapabilities: - security
lmd (Lateral Movement Detection)
problemchild (Living off the Land Attack Detection)
beaconing (Network Beaconing Identification)
pad
ded
hta

The DGA integration is part of the same family of ML security packages (same owner:elastic/sec-applied-ml) and follows the exact same structure. The implementation correctly places thecapabilities block underelastic: alongsidesubscription: platinum.

Findings

No issues found. The changes are correct and consistent with:

  • The existing pattern used by similar security ML packages
  • The Elastic Package manifest specification
  • Proper changelog formatting

Note on KibanaexcludePackages list

As mentioned in the PR description, the DGA integration is listed in Kibana'sserverless.security.ymlexcludePackages. After this PR merges, a follow-up change in Kibana may be needed to remove DGA from that exclusion list for the integration to be fully enabled in serverless security environments. The PR author has already flagged this question to the Kibana team.

Why is Claude responding? | Type@claude to interact further

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.

Copy link

CopilotAI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Pull request overview

This pull request adds serverless security capability support to the DGA (Domain Generation Algorithm Detection) integration by updating the manifest configuration. The DGA integration is an ML-based security package used to detect domain generation algorithm activity in network data.

Changes:

  • Addedcapabilities: - security configuration to the manifest.yml file under theelastic: section
  • Incremented package version from 2.3.5 to 2.3.6
  • Added changelog entry documenting the serverless security capability enhancement

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

FileDescription
packages/dga/manifest.ymlAdds serverless security capability configuration and bumps version to 2.3.6
packages/dga/changelog.ymlAdds changelog entry for version 2.3.6 documenting the serverless security capability enhancement

💡Add Copilot custom instructions for smarter, more guided reviews.Learn how to get started.

@andrewkrohandrewkroh added Integration:dgaDomain Generation Algorithm Detection Team:Security-Applied MLElastic Security Protections Machine Learning (ML) team [elastic/sec-applied-ml] labelsFeb 18, 2026
@elasticmachine
Copy link

Pinging @elastic/sec-applied-ml (Team:Security-Applied ML)

Copy link
Contributor

@alaudazzialaudazzi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

LGTM

Copy link
Contributor

@sodhikirti07sodhikirti07 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

@jmikell821 DGA was intentionally skipped for serverless as we were seeing some errors installing the model on serverless due to the model's size. For details, see this issue:https://github.com/elastic/security-team/issues/7776

@elastic/sec-applied-ml We should test DGA again in serverless and should not merge this PR before that.

jmikell821, susan-shu-c, and jmcarlock reacted with thumbs up emoji
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

Copilot code reviewCopilotCopilot left review comments

@sodhikirti07sodhikirti07sodhikirti07 requested changes

@theletterftheletterftheletterf approved these changes

@alaudazzialaudazzialaudazzi approved these changes

Requested changes must be addressed to merge this pull request.

Assignees

@jmikell821jmikell821

Labels

enhancementNew feature or requestIntegration:dgaDomain Generation Algorithm DetectionTeam:Security-Applied MLElastic Security Protections Machine Learning (ML) team [elastic/sec-applied-ml]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@jmikell821@elasticmachine@theletterf@alaudazzi@sodhikirti07@andrewkroh
[8]ページ先頭
©2009-2026 Movatter.jp