Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Cases] Opt in for file hashing. #171162

Merged
merged 3 commits into from
Nov 15, 2023
Merged

[Cases] Opt in for file hashing. #171162

merged 3 commits into from
Nov 15, 2023

Conversation

adcoelho
Copy link
Contributor

@adcoelho adcoelho commented Nov 14, 2023
edited by cnasikas
Loading

Fixes #171071

Summary

In this PR we opt in for md5, sha1, and sha256 hashes that will be computed and stored automatically on .upload() calls to the files API.

At the moment we don't do anything else with the hashes but we can confirm they are being generate in the Files Tab in the Cases Detail View. The Files Client list API now returns hashes.

See here. Screenshot 2023-11-14 at 10 47 07

@adcoelho adcoelho added release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) Feature:Cases Cases feature v8.12.0 labels Nov 14, 2023
@adcoelho adcoelho self-assigned this Nov 14, 2023
@adcoelho adcoelho requested a review from a team as a code owner November 14, 2023 09:54
@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops (Team:ResponseOps)

@elasticmachine
Copy link
Contributor

Pinging @elastic/response-ops-cases (Feature:Cases)

cnasikas
cnasikas approved these changes Nov 14, 2023
View reviewed changes
Copy link
Member

@cnasikas cnasikas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Let's ask the InfoSec team (@daniel-gallagher @kayapuskarov @philrose66) if the hash algorithms make sense for them.

@adcoelho adcoelho mentioned this pull request Nov 14, 2023
Closed
@adcoelho
Copy link
Contributor Author

Added sha1 too after discussing the PR with @daniel-gallagher

@kibana-ci
Copy link
Collaborator

💛 Build succeeded, but was flaky

Failed CI Steps

Test Failures

  • [job] [logs] FTR Configs #74 / Entity Analytics - Risk Engine @ess @serverless Risk Scoring Task Execution with auditbeat data with some alerts containing hosts and others containing users @skipInQA calculates and persists risk scores for both types of entities

Metrics [docs]

✅ unchanged

History

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @adcoelho

@adcoelho adcoelho merged commit 0f27f17 into elastic:main Nov 15, 2023
@kibanamachine kibanamachine added the backport:skip This commit does not require backporting label Nov 15, 2023
@logeekal logeekal mentioned this pull request Nov 16, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cnasikas cnasikas cnasikas approved these changes

Assignees

@adcoelho adcoelho

Labels
backport:skip This commit does not require backporting Feature:Cases Cases feature release_note:skip Skip the PR/issue when compiling release notes Team:ResponseOps Label for the ResponseOps team (formerly the Cases and Alerting teams) v8.12.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Cases] Store file hashes when uploading a file to a case
5 participants
@adcoelho @elasticmachine @kibana-ci @cnasikas @kibanamachine