« Hashicorp Vault IBM MQ integration »
Elastic Docs Elastic integrations

Custom HTTP Endpoint Log integration

edit

Custom HTTP Endpoint Log integration

edit

Version

2.3.0 (View all)

Compatible Kibana version(s)

8.14.0 or higher

Supported Serverless project types
What’s this?

Security
Observability

Subscription level
What’s this?

Basic

Level of support
What’s this?

Elastic

The custom HTTP Endpoint Log integration initializes a listening HTTP server that collects incoming HTTP POST requests containing a JSON body. The body must be either an object or an array of objects. Any other data types will result in an HTTP 400 (Bad Request) response. For arrays, one document is created for each object in the array.

These are the possible response codes from the server.

HTTP Response Code Name Reason

200

OK

Returned on success.

400

Bad Request

Returned if JSON body decoding fails.

401

Unauthorized

Returned when basic auth, secret header, or HMAC validation fails.

405

Method Not Allowed

Returned if methods other than POST are used.

406

Not Acceptable

Returned if the POST request does not contain a body.

415

Unsupported Media Type

Returned if the Content-Type is not application/json.

500

Internal Server Error

Returned if an I/O error occurs reading the request.

Custom ingest pipelines may be added by adding the name to the pipeline configuration option, creating custom ingest pipelines can be done either through the API or the Ingest Node Pipeline UI (use the global search field to search for "ingest pipelines").

Changelog

edit
Changelog
Version Details Kibana version(s)

2.3.0

Enhancement (View pull request)
Make CEL program configuration available.

8.14.0 or higher

2.2.1

Bug fix (View pull request)
Pass preserve_original_event state to input.

8.14.0 or higher

2.2.0

Enhancement (View pull request)
ECS version updated to 8.11.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template.

8.14.0 or higher

2.1.0

Enhancement (View pull request)
Provide request tracing support.

Enhancement (View pull request)
Added test for end-to-end ACK behaviour.

Bug fix (View pull request)
Clarify supported HMAC header format.

8.12.0 or higher

2.0.0

Enhancement (View pull request)
Converted package to input type.

8.12.0 or higher

1.16.0

Enhancement (View pull request)
Allow user selection of HTTP method.

8.12.0 or higher

1.15.0

Enhancement (View pull request)
Set sensitive values as secret.

8.12.0 or higher

1.14.1

Enhancement (View pull request)
Changed owners

7.16.0 or higher
8.0.0 or higher

1.14.0

Enhancement (View pull request)
ECS version updated to 8.11.0.

7.16.0 or higher
8.0.0 or higher

1.13.0

Enhancement (View pull request)
ECS version updated to 8.10.0.

7.16.0 or higher
8.0.0 or higher

1.12.0

Enhancement (View pull request)
The format_version in the package manifest changed from 2.11.0 to 3.0.0. Removed dotted YAML keys from package manifest. Added owner.type: elastic to package manifest.

7.16.0 or higher
8.0.0 or higher

1.11.0

Enhancement (View pull request)
Add tags.yml file so that integration’s dashboards and saved searches are tagged with "Security Solution" and displayed in the Security Solution UI.

7.16.0 or higher
8.0.0 or higher

1.10.0

Enhancement (View pull request)
Update package to ECS 8.9.0.

7.16.0 or higher
8.0.0 or higher

1.9.1

Bug fix (View pull request)
Fix handling of include header config.

7.16.0 or higher
8.0.0 or higher

1.9.0

Enhancement (View pull request)
Update package to ECS 8.8.0.

7.16.0 or higher
8.0.0 or higher

1.8.0

Enhancement (View pull request)
Update package-spec version to 2.7.0.

7.16.0 or higher
8.0.0 or higher

1.7.0

Enhancement (View pull request)
Update package to ECS 8.7.0.

7.16.0 or higher
8.0.0 or higher

1.6.1

Enhancement (View pull request)
Added categories and/or subcategories.

7.16.0 or higher
8.0.0 or higher

1.6.0

Enhancement (View pull request)
Update package to ECS 8.6.0.

7.16.0 or higher
8.0.0 or higher

1.5.0

Enhancement (View pull request)
Added infrastructure category.

7.16.0 or higher
8.0.0 or higher

1.4.0

Enhancement (View pull request)
Update package to ECS 8.5.0.

7.16.0 or higher
8.0.0 or higher

1.3.0

Enhancement (View pull request)
Update package to ECS 8.4.0

7.16.0 or higher
8.0.0 or higher

1.2.0

Enhancement (View pull request)
Update package to ECS 8.3.0.

7.16.0 or higher
8.0.0 or higher

1.1.0

Enhancement (View pull request)
Update ECS to 8.2

7.16.0 or higher
8.0.0 or higher

1.0.1

Enhancement (View pull request)
Update readme

7.16.0 or higher
8.0.0 or higher

1.0.0

Enhancement (View pull request)
Initial Release

« Hashicorp Vault IBM MQ integration »