Skip to content

[Cisco Umbrella] Expand tests coverage for log schema version v13 #15843

New issue
New issue
Open
Enhancement
Open
[Cisco Umbrella] Expand tests coverage for log schema version v13#15843
Enhancement
Assignees
navnit-elastic
Labels
Integration:cisco_umbrellaCisco UmbrellaTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]Team:Sit-CrestCrest developers on the Security Integrations team [elastic/sit-crest-contractors]enhancementNew feature or request
@navnit-elastic

Description

@navnit-elastic
navnit-elastic
opened on Nov 3, 2025

Support for log schema version v13 was added in in #15791.
The sample logs used in the pipeline tests are taken from the official Cisco Umbrella documentation:
https://docs.umbrella.com/umbrella-user-guide/docs/log-format-and-versioning

Some of these samples are missing certain field values. As a result those fields remain untested.
This issue serves as a reminder of this testing gap and to track the addition of more comprehensive tests once logs with complete field data become available from a live instance.

The following log types need to be added in the pipeline tests:

  • Cloud Firewall Logs
  • Intrusion Logs (IPS Logs)
  • DLP Logs

Metadata

Metadata

Assignees

Labels

Integration:cisco_umbrellaCisco UmbrellaTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]Team:Sit-CrestCrest developers on the Security Integrations team [elastic/sit-crest-contractors]enhancementNew feature or request

Type

Enhancement

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions