[SIEMINT-120] DDS: Sonicwall Firewall Integration #18667
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
datadog-agent-integrations-bot
bot
added
documentation
dev/testing
dev/tooling
release
qa/skip-qa
drichards-87
added
the
editorial review
|
Created a Jira card for Docs Team editorial review. |
dj0well
changed the title
Kaustubhtandel-crest
force-pushed
the
sonicwall-firewall--v1.0.0
branch
from
19206e8
to
9b57041
Compare
Kaustubhtandel-crest
force-pushed
the
sonicwall-firewall--v1.0.0
branch
from
9b57041
to
64db290
Compare
Kaustubhtandel-crest
force-pushed
the
sonicwall-firewall--v1.0.0
branch
from
64db290
to
33d9451
Compare
maycmlee
reviewed
Oct 7, 2024
sonicwall_firewall/README.md
Outdated
|
|
||
| To install the Sonicwall Firewall integration, run the following Agent installation command and the steps below. | ||
|
|
||
| For more information, see the [Integration Management][2] documentation. |
There was a problem hiding this comment.
I'd suggest moving this sentence to after the command.
| { | ||
| "id": 7820565410491022, | ||
| "definition": { | ||
| "title": "High Security Signals", |
There was a problem hiding this comment.
Suggested change
| "title": "High Security Signals", | |
| "title": "High Severity Security Signals", |
| { | ||
| "id": 3620809096696840, | ||
| "definition": { | ||
| "title": "Medium Security Signals", |
There was a problem hiding this comment.
Suggested change
| "title": "Medium Security Signals", | |
| "title": "Medium Severity Security Signals", |
| "id": 4284048486660124, | ||
| "definition": { | ||
| "type": "note", | ||
| "content": "## Overview\n- This dashboard gives insights about Security Services logs, includes track of various attacks detected with their source and destination IP addresses. It also includes information such as allowed and blocked websites.\n- SonicWall Security Services logs capture information about traffic that is monitored and controlled by various security services, such as content filtering, intrusion prevention, anti-virus scanning, and anti-spyware\n", |
There was a problem hiding this comment.
Suggested change
| "content": "## Overview\n- This dashboard gives insights about Security Services logs, includes track of various attacks detected with their source and destination IP addresses. It also includes information such as allowed and blocked websites.\n- SonicWall Security Services logs capture information about traffic that is monitored and controlled by various security services, such as content filtering, intrusion prevention, anti-virus scanning, and anti-spyware\n", | |
| "content": "## Overview\n- This dashboard provides insights on Security Services logs, including the various attacks detected and their source and destination IP addresses. It also includes information such as allowed and blocked websites.\n- SonicWall Security Services logs capture information about traffic that is monitored and controlled by various security services, such as content filtering, intrusion prevention, anti-virus scanning, and anti-spyware\n", |
| @@ -0,0 +1,1019 @@ | |||
| { | |||
| "title": "SonicWall Firewall - User", | |||
| "description": "This dashboard provides information about the User logs generated in SonicWall Firewall.", | |||
There was a problem hiding this comment.
Suggested change
| "description": "This dashboard provides information about the User logs generated in SonicWall Firewall.", | |
| "description": "This dashboard provides information about user logs generated in SonicWall Firewall.", |
| "id": 6474031660100888, | ||
| "definition": { | ||
| "type": "note", | ||
| "content": "## Overview\n- The Users Dashboard provides comprehensive insights into user authentication activities across various access methods, ensuring effective monitoring of login attempts, failures, and overall authentication performance. \n- This dashboard is designed to help administrators track and analyze user authentication patterns, troubleshoot authentication issues, and enhance security measures.", |
There was a problem hiding this comment.
Suggested change
| "content": "## Overview\n- The Users Dashboard provides comprehensive insights into user authentication activities across various access methods, ensuring effective monitoring of login attempts, failures, and overall authentication performance. \n- This dashboard is designed to help administrators track and analyze user authentication patterns, troubleshoot authentication issues, and enhance security measures.", | |
| "content": "## Overview\n- The Users Dashboard provides insights into user authentication activities across various access methods and monitoring of login attempts, failures, and overall authentication performance. \n- This dashboard helps administrators track and analyze user authentication patterns, troubleshoot authentication issues, and enhance security measures.", |
Co-authored-by: May Lee <[email protected]>
Kaustubhtandel-crest
force-pushed
the
sonicwall-firewall--v1.0.0
branch
from
1100336
to
f65330c
Compare
maycmlee
reviewed
Oct 11, 2024
sonicwall_firewall/README.md
Outdated
| rule %{date("yyyy-MM-dd HH:mm:ss", "Asia/Calcutta"):timestamp} | ||
| ``` | ||
|
|
||
| - Additional step |
There was a problem hiding this comment.
Thanks @Kaustubhtandel-crest. I clarified it in the below suggestion, does that work?
Updated suggested changes for README.md Co-authored-by: May Lee <[email protected]>
HadhemiDD
approved these changes
Oct 21, 2024
maycmlee
approved these changes
Oct 25, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
PR for a new integration Sonicwall Firewall 1.0.0
Additional Notes
-- OOTB detection rules JSON would be shared separately with the required teams as a part of separate repository .
-- Since during the standard attribute remapping we are not preserving the source attributes as per suggested best practices, it would result in filters using these standard attributes populating the values of other integrations as well as per current datadog behaviour.
Review checklist (to be filled by reviewers)
qa/skip-qalabel if the PR doesn't need to be tested during QA.backport/<branch-name>label to the PR and it will automatically open a backport PR once this one is merged