Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement IEP009 - product & vuln. identification #2574

Open
wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

Implement IEP009 - product & vuln. identification #2574

wants to merge 2 commits into from

Conversation

kamil-certat
Copy link
Contributor

The related IEP has already been discussed and
open for more than a year.

Compatibility: as no bot uses the field by default at the moment, there is no incompatibility risk if the local operator uses modified IDF schema or stores all data in e.g. SQL database. To prevent issues, until the next major release the official bots using the field should fall back to extra.<field name> if the field does not exist in the local IDF.

IEP: https://github.com/certtools/ieps/tree/main/009
Related discussion: https://lists.cert.at/mailman3/hyperkitty/list/[email protected]/thread/CHOJSDCZUAYIHWHF35WUODL3WVW3JDP6/#PKXIAE6DQRX5XQW4NNXUS4WJAYNMPW52

@kamil-certat
Implement IEP009 - product & vuln. identification
2dbde56 
The related IEP has already been discussed and
open for more than a year.
@kamil-certat kamil-certat requested a review from sebix March 3, 2025 14:49
@kamil-certat kamil-certat requested a review from aaronkaplan March 3, 2025 15:02
@sebix sebix added this to the 3.4.0 milestone Mar 3, 2025
sebix
sebix requested changes Mar 3, 2025
View reviewed changes
Copy link
Member

@sebix sebix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • missing documentation in docs/user/event.md
  • missing documentation in NEWS.md

intelmq/tests/bin/initdb.sql
@@ -93,4 +98,4 @@ CREATE INDEX "idx_events_source.asn" ON events USING btree ("source.asn");
CREATE INDEX "idx_events_source.ip" ON events USING btree ("source.ip");
CREATE INDEX "idx_events_source.fqdn" ON events USING btree ("source.fqdn");
CREATE INDEX "idx_events_time.observation" ON events USING btree ("time.observation");
CREATE INDEX "idx_events_time.source" ON events USING btree ("time.source");
CREATE INDEX "idx_events_time.source" ON events USING btree ("time.source");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

missing newline at end of file

@sebix
Copy link
Member

sebix commented Mar 7, 2025

Upgrade function in intelmq/lib/upgrades to update the harmonization.conf is missing too

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sebix sebix sebix requested changes

@aaronkaplan aaronkaplan Awaiting requested review from aaronkaplan

Assignees
No one assigned
Labels
data-format
Projects
None yet
Milestone
3.5.0
Development

Successfully merging this pull request may close these issues.
2 participants
@kamil-certat @sebix