Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Packetbeat: enrich process info with process owner #21068

Closed
dddpaul opened this issue Sep 13, 2020 · 1 comment · Fixed by #21111
Closed

Packetbeat: enrich process info with process owner #21068

dddpaul opened this issue Sep 13, 2020 · 1 comment · Fixed by #21111

Comments

@dddpaul
Copy link
Contributor

dddpaul commented Sep 13, 2020

Describe the enhancement:
Currently add_process_metadata processor does not enrich event with process owner.

Describe a specific use case for the enhancement or feature:
Knowledge of the process owner is quite useful when Packetbeat is used as traffic monitor and control solution
@dddpaul dddpaul changed the title Enrich running process info with process owner Packetbeat: enrich running process info with process owner Sep 13, 2020
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Sep 13, 2020
@dddpaul dddpaul changed the title Packetbeat: enrich running process info with process owner Packetbeat: enrich process info with process owner Sep 13, 2020
dddpaul added a commit to dddpaul/beats that referenced this issue Sep 13, 2020
@dddpaul
Packetbeat: enrich process info with process owner (elastic#21068)
7b6a6e5
dddpaul added a commit to dddpaul/beats that referenced this issue Sep 13, 2020
@dddpaul
Packetbeat: enrich process info with process owner (elastic#21068)
ff39fd3
@elasticmachine
Copy link
Collaborator

Pinging @elastic/siem (Team:SIEM)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Sep 14, 2020
dddpaul added a commit to dddpaul/beats that referenced this issue Sep 14, 2020
@dddpaul
Packetbeat: enrich process info with process owner, update sysinfo pr…
9cd68a9 
…ovider (elastic#21068)
@dddpaul dddpaul mentioned this issue Sep 16, 2020
Merged
6 tasks
adriansr pushed a commit to dddpaul/beats that referenced this issue Jul 15, 2021
@dddpaul @adriansr
Packetbeat: enrich process info with process owner (elastic#21068)
2c2c4ee
adriansr pushed a commit to dddpaul/beats that referenced this issue Jul 15, 2021
@dddpaul @adriansr
Do not fail on getting process owner errors. Do not enrich event on e…
9c01c3d 
…mpty owner name. Update changelog. (elastic#21068)
adriansr pushed a commit that referenced this issue Jul 19, 2021
@dddpaul
add_process_metadata: enrich process info with process owner (#21068) (
16e2989 
…#21111)

Enrich process metadata with process owner info. Creates two new fields, "owner.id" and
"owner.name" under "process".
mdelapenya added a commit to mdelapenya/beats that referenced this issue Jul 20, 2021
@mdelapenya
Merge branch 'master' into archive-system-tests
05ab4ab 
* master:
  Forward port 7.13.4 to master (elastic#26971)
  Use MustAddMetricSet in all metricsets (elastic#26907)
  add_process_metadata: enrich process info with process owner (elastic#21068) (elastic#21111)
  Use aws sdk paginator for FilterLogEvents and GetMetricData (elastic#26852)
  [Filebeat] Allow - for source IP for AWS S3 Access pipeline (elastic#26940)
  Increase timeout to 30secs (elastic#26841)
  Add Cluster filter on Kubernetes Overview ECS dashboard (elastic#26919)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

add_process_metadata: enrich process info with process owner (#21068) dddpaul/beats
3 participants
@andresrc @dddpaul @elasticmachine