« Tanium Teleport Audit Events Integration »
Elastic Docs Elastic integrations

Custom TCP Log integration

edit

Custom TCP Log integration

edit

Version

1.19.1 (View all)

Compatible Kibana version(s)

8.2.1 or higher

Supported Serverless project types
What’s this?

Security
Observability

Subscription level
What’s this?

Basic

Level of support
What’s this?

Elastic

The custom TCP Log package intializes a listening TCP socket that collects any TCP traffic received and sends each line as a document to Elasticsearch. Custom ingest pipelines may be added by adding the name to the pipeline configuration option, creating custom ingest pipelines can be done either through the API or the Ingest Node Pipeline UI (use the global search field to search for "ingest pipelines").

Changelog

edit
Changelog
Version Details Kibana version(s)

1.19.1

Enhancement (View pull request)
Introduce option to preserve original event

8.2.1 or higher

1.19.0

Enhancement (View pull request)
Update package-spec to 3.0.3.

8.2.1 or higher

1.18.1

Enhancement (View pull request)
Changed owners

8.2.1 or higher

1.18.0

Bug fix (View pull request)
Added log.syslog.msgid and log.syslog.structured_data to ECS mapping.

8.2.1 or higher

1.17.0

Enhancement (View pull request)
ECS version updated to 8.11.0.

8.2.1 or higher

1.16.0

Enhancement (View pull request)
Update ES permissions to support reroute processors

8.2.1 or higher

1.15.0

Enhancement (View pull request)
ECS version updated to 8.10.0.

8.2.1 or higher

1.14.0

Enhancement (View pull request)
The format_version in the package manifest changed from 2.11.0 to 3.0.0. Removed dotted YAML keys from package manifest. Added owner.type: elastic to package manifest.

8.2.1 or higher

1.13.0

Enhancement (View pull request)
Add tags.yml file so that integration’s dashboards and saved searches are tagged with "Security Solution" and displayed in the Security Solution UI.

8.2.1 or higher

1.12.0

Enhancement (View pull request)
Update package to ECS 8.9.0.

8.2.1 or higher

1.11.0

Enhancement (View pull request)
Document duration units.

8.2.1 or higher

1.10.0

Enhancement (View pull request)
Update package to ECS 8.8.0.

8.2.1 or higher

1.9.0

Enhancement (View pull request)
Update package-spec version to 2.7.0.

8.2.1 or higher

1.8.0

Enhancement (View pull request)
Update package to ECS 8.7.0.

8.2.1 or higher

1.7.1

Enhancement (View pull request)
Added categories and/or subcategories.

8.2.1 or higher

1.7.0

Enhancement (View pull request)
Allow YAML custom configuration.

8.2.1 or higher

1.6.0

Enhancement (View pull request)
Update package to ECS 8.6.0.

8.2.1 or higher

1.5.0

Enhancement (View pull request)
Update package to ECS 8.5.0.

8.2.1 or higher

1.4.1

Bug fix (View pull request)
Fix indentation of syslog processor in agent handlebars file.

8.2.1 or higher

1.4.0

Enhancement (View pull request)
Update package to ECS 8.4.0

8.2.1 or higher

1.3.1

Enhancement (View pull request)
Improve syslog parsing description

8.2.1 or higher

1.3.0

Enhancement (View pull request)
Add syslog parsing option

8.2.1 or higher

1.2.0

Enhancement (View pull request)
Update package to ECS 8.3.0.

7.16.0 or higher
8.0.0 or higher

1.1.0

Enhancement (View pull request)
Update to ECS 8.2

7.16.0 or higher
8.0.0 or higher

1.0.0

Enhancement (View pull request)
Initial Release

7.16.0 or higher
8.0.0 or higher
« Tanium Teleport Audit Events Integration »