Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Graylog connector #253

Merged
merged 19 commits into from
Aug 29, 2024
Merged

Graylog connector #253

merged 19 commits into from
Aug 29, 2024

Conversation

BuJo
Copy link
Member

@BuJo BuJo commented Aug 26, 2024

Adds capability of showing graylog events.

@BuJo BuJo requested a review from DerGeras August 26, 2024 09:33
DerGeras added 10 commits August 27, 2024 13:31
@DerGeras
Added X-Requested-By Header for the graylog connector
36e51c6 
The graylog API expects a CSRF protection header, namely X-Requested-By.
https://graylog2zh-cn.readthedocs.io/zh-cn/stable/pages/upgrade/graylog-2.5.html
@DerGeras
Logging Graylog instead of Alertmanager for the graylog connector
a7be5d9
@DerGeras
Set the Hostname of graylog alerts to the config hostname
b745360
@DerGeras
Removed alert filter for graylog connector
020866c 
Alerts have been deprecated in graylog, but old alerts are kept as alert type.
Modifying those alerts with a current graylog version causes them to be converted to the "event" type.
@DerGeras
Set the graylog event timestamp as Where field instead of TimeRangeStart
84aa5e9 
The TimeRangeStart shows the start time for the aggregation (if set), and does not show when the alert was triggered.
@DerGeras
Added priority label to graylog alerts
61f84c0
@DerGeras
Added priority to State mapping and displayed event type for graylog …
2d71034 
…connector
@DerGeras
Removed alert filter for graylog connector
c5b507e 
Alerts have been deprecated in graylog, but old alerts are kept as alert type.
Modifying those alerts with a current graylog version causes them to be converted to the "event" type.
@DerGeras
Added aggregation to graylog events
e311c5e 
We aggregate over the eventdefinitionid and the grouped field values, this should eliminate most duplications
@DerGeras
Increased graylog result page size to 100
48cefcc
@BuJo BuJo marked this pull request as ready for review August 27, 2024 12:39
@DerGeras
Updated graylog connector test to work with pagination
91deeed 
The test always returned non-empty results, which resulted in an infinite loop
BuJo added 4 commits August 29, 2024 13:29
@BuJo
graylog, revise testing infrastrucuture for multiple backend calls
64b3741 
* Like other mocking frameworks, this enables the mocked results
  to differ between multiple calls.
@BuJo
graylog, remove unused legacy alert structures
48d8505
@BuJo
graylog, acknowledge the existence of graylog enterprise correlations
446413c 
* Correlations in events are an enterprise feature.  It is assumed
  to at least contain a description field.
* see: https://archivedocs.graylog.org/en/latest/pages/alerts.html
@BuJo
Add graylog to readme
65058e7
@BuJo BuJo merged commit 51a9587 into main Aug 29, 2024
1 check passed
@BuJo BuJo deleted the graylog-connector branch August 29, 2024 12:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DerGeras DerGeras DerGeras left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@BuJo @DerGeras