8000 [AI-5153] DDS: Mac Audit Logs Integration v1.0.0 by tirthrajchaudhari-crest · Pull Request #19989 · DataDog/integrations-core · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 #19989

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 33 commits into from
Jun 16, 2025
Merged

[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 #19989

merged 33 commits into from
Jun 16, 2025

Conversation

tirthrajchaudhari-crest
Copy link
Contributor

What does this PR do?

This is an initial release PR of Mac Audit Logs integration including all the required assets. This is agent based integration.

Additional Notes

  • OOTB detection rules JSON would be shared separately with the required teams as a part of separate repository .
  • Since during the standard attribute remapping we are not preserving the source attributes as per suggested best practices, it would result in filters using these standard attributes populating the values of other integrations as well as per current datadog behaviour.

Review checklist (to be filled by reviewers)

  • Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
  • Add the qa/skip-qa label if the PR doesn't need to be tested during QA.
  • If you need to backport this PR to another branch, you can add the backport/<branch-name> label to the PR and it will automatically open a backport PR once this one is merged

@codecov Codecov
Copy link
codecov bot commented Apr 2, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 80.79096% with 68 lines in your changes missing coverage. Please review.

Project coverage is 90.09%. Comparing base (06de05a) to head (957d7fa).
Report is 10 commits behind head on master.

Additional details and impacted files
Flag Coverage Δ
cassandra ?
confluent_platform ?
hive ?
hivemq ?
hudi ?
ignite ?
kafka ?
mac_audit_logs 80.79% <80.79%> (?)
presto ?
solr ?
tomcat ?
weblogic ?

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@tirthrajchaudhari-crest tirthrajchaudhari-crest marked this pull request as ready for review April 2, 2025 15:26
@tirthrajchaudhari-crest tirthrajchaudhari-crest requested review from a team as code owners April 2, 2025 15:26
@tirthrajchaudhari-crest tirthrajchaudhari-crest changed the title DDS: Mac Audit Logs Integration v1.0.0 [AI-5153] DDS: Mac Audit Logs Integration v1.0.0 Apr 2, 2025
@drichards-87 drichards-87 added the editorial review Waiting on a more in-depth review from a docs team editor label Apr 2, 2025
@drichards-87
Copy link
Contributor

Created DOCS-10537 for Docs Team editorial review.

@tirthrajchaudhari-crest
Copy link
Contributor Author

Could you double-check the situation where there are multiple 'not_terminated' files? According to the docs, it could happen. If it's not feasible to recover logging from the exact point we left of from efficiently, we could still make sure that having multiple not_terminated files won't break logging permanently, or make the integration reprocess entire log files every single iteration.

@nubtron, Our code also handles situations where multiple .not_terminated files exist. We have also updated the test case to cover this scenario.

nubtron
nubtron approved these changes Jun 13, 2025
View reviewed changes
Copy link
Contributor
@nubtron nubtron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the changes! Approved.

@nubtron nubtron added this pull request to the merge queue Jun 13, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to no response for status checks Jun 13, 2025
@nubtron nubtron added this pull request to the merge queue Jun 16, 2025
Merged via the queue into DataDog:master with commit 9ee6ff2 Jun 16, 2025
43 of 44 checks passed
github-actions bot pushed a commit that referenced this pull request Jun 16, 2025
@github-merge-queue
[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (#19989)
8f9aa53 
* Add mac audit logs integration

* Add test results and unit test case

* Resolve lint issue

* Add images and resolve CI sync failure

* Update spec name and ci sync

* Resolve CI sync

* Update cloud siem panels

* update source type name

* update manifest.json

* Update test-all.yml

* Update constants.py

* Add support for timezone

* Update test samples

* Update test results

* Update data collection flow

* Add licence headers in utils.py file

* Sync config models

* Address PR comments

* Resolve linting failures

* Fix ruff issue

* Address review comments

* Resolve linting issue

* Add test case

* Update test case

* Resolve ci sync failure

* Resolve lint failures

* Removed unused test case

---------

Co-authored-by: akaila-crest <abhi.kaila@crestdata.ai> 9ee6ff2
rdesgroppes
rdesgroppes reviewed Jun 18, 2025
View reviewed changes
mac_audit_logs/pyproject.toml
]
dependencies = [
"datadog-checks-base>=37.0.0",
"lxml>=5.3.2"
Copy link
Contributor
@rdesgroppes rdesgroppes Jun 18, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks conflicting with:

integrations-core/agent_requirements.in

Line 23 in 5d7e120

lxml==5.1.1

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @rdesgroppes, thanks for the heads up! I've reverted the PR while I look into the issue.

nubtron added a commit that referenced this pull request Jun 18, 2025
@nubtron
Revert "[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (#19989)"
4f4e829 
This reverts commit 9ee6ff2.
@nubtron nubtron mentioned this pull request Jun 18, 2025
Merged
nubtron added a commit that referenced this pull request Jun 18, 2025
@nubtron
Revert "[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (#19989)" (#…
a065a24 
…20535)

This reverts commit 9ee6ff2.
@nubtron
Copy link
Contributor
nubtron commented Jun 18, 2025

Hi @tirthrajchaudhari-crest, I've temporarily reverted this PR to look into a dependency conflict. No action needed on your side.

github-actions bot pushed a commit that referenced this pull request Jun 18, 2025
@nubtron
Revert "[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (#19989)" (#…
4dcaccd 
…20535)

This reverts commit 9ee6ff2. a065a24
nubtron added a commit that referenced this pull request Jun 19, 2025
@nubtron
Reapply "[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (#19989)" (#…
a86fc66 
…20535)

This reverts commit a065a24.
This was referenced Jun 19, 2025
Closed
Merged
nubtron added a commit that referenced this pull request Jun 19, 2025
@nubtron
Reapply Mac Audit Logs (#19989) after fixing the dependency (#20554)
f6efbf3 
* Reapply "[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (#19989)" (#20535)

This reverts commit a065a24.

* Fix dependency (move it to optional dependencies, pin it, and set it to the same version the agent is using)
github-actions bot pushed a commit that referenced this pull request Jun 19, 2025
@nubtron
Reapply Mac Audit Logs (#19989) after fixing the dependency (#20554)
205edda 
* Reapply "[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (#19989)" (#20535)

This reverts commit a065a24.

* Fix dependency (move it to optional dependencies, pin it, and set it to the same version the agent is using) f6efbf3
github-actions bot pushed a commit to vinodkumar-sacumen/integrations-core that referenced this pull request Jun 20, 2025
@vinodkumar-sacumen
Reapply Mac Audit Logs (DataDog#19989) after fixing the dependency (D…
3ae67c5 
…ataDog#20554)

* Reapply "[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (DataDog#19989)" (DataDog#20535)

This reverts commit a065a24.

* Fix dependency (move it to optional dependencies, pin it, and set it to the same version the agent is using) f6efbf3
Kyle-Neale pushed a commit that referenced this pull request Jun 24, 2025
@nubtron @Kyle-Neale
Reapply Mac Audit Logs (#19989) after fixing the dependency (#20554)
fda570f 
* Reapply "[AI-5153] DDS: Mac Audit Logs Integration v1.0.0 (#19989)" (#20535)

This reverts commit a065a24.

* Fix dependency (move it to optional dependencies, pin it, and set it to the same version the agent is using)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nubtron nubtron nubtron approved these changes

@rdesgroppes rdesgroppes rdesgroppes left review comments

@jnhunsberger jnhunsberger jnhunsberger approved these changes

@estherk15 estherk15 estherk15 approved these changes

@thibaultkrebs thibaultkrebs thibaultkrebs approved these changes

Assignees
No one assigned
Labels
agent/approved assets/deploy-logs-staging ONLY USED BY Logs Backend - Validates that a PR is OK to go to staging dev/testing dev/tooling docs/approved documentation ecosystems/review-requested editorial review Waiting on a more in-depth review from a docs team editor product/review-requested qa/skip-qa Automatically skip this PR for the next QA release team/agent-integrations team/documentation team/logs-backend team/logs-integrations-reviewers team/saas-integrations
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@tirthrajchaudhari-crest @drichards-87 @nubtron @rdesgroppes @jnhunsberger @estherk15 @thibaultkrebs @akaila-crest
0