Skip to content

[cisco_ios] Add Dissect and Grok patterns for IPACCESSLOGP logs with Event Code Trimming #14464

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

[cisco_ios] Add Dissect and Grok patterns for IPACCESSLOGP logs with Event Code Trimming #14464

wants to merge 2 commits into from
+155 −1

Conversation

mohitjha-elastic
Copy link
Collaborator

Proposed commit message

cisco_ios: add dissect and grok patterns for IPACCESSLOGP logs with event code trimming.

Added dissect and grok patterns to support multiple log formats for IPACCESSLOGP logs.
Trimmed whitespace around the event code field to ensure accurate parsing and normalization of log entries.
These changes enhance compatibility with varied log formats and improve field extraction reliability.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

  • Clone integrations repo.
  • Install elastic package locally.
  • Start elastic stack using elastic-package.
  • Move to integrations/packages/cisco_ios directory.
  • Run the following command to run tests.

elastic-package test -v

Related Issue

  • Enhancement issue 22830

@mohitjha-elastic mohitjha-elastic self-assigned this Jul 9, 2025
@mohitjha-elastic mohitjha-elastic requested a review from a team as a code owner July 9, 2025 08:59
@mohitjha-elastic mohitjha-elastic added enhancement New feature or request Integration:cisco_ios Cisco IOS Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors] labels Jul 9, 2025
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

💚 Build Succeeded

cc @mohitjha-elastic

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@kcreddy kcreddy added the Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices] label Jul 9, 2025
@elasticmachine
Copy link

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@mohitjha-elastic mohitjha-elastic

Labels
enhancement New feature or request Integration:cisco_ios Cisco IOS Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices] Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mohitjha-elastic @elasticmachine @kcreddy