integrations-core
integrations-core copied to clipboard
DataDog
[INTPLAT-216] [SIEMINT-87] DDS: Cisco Secure Email Threat Defense v1.0.0
What does this PR do?
This is a initial release PR of Cisco Secure Email Threat Defense integration including all the required assets.
Additional Notes
- Crawler code for this integration has been committed in its respective repo
- Pipeline and Facet group created for this integration are available in our sandbox and would be shared separately with the required teams.
- Samples for the pipeline review would also be shared separately with the required teams.
- OOTB detection rules JSON would be shared separately with the required teams as a part of separate repository. Since during the standard attribute remapping we are not preserving the source attributes as per suggested best practices, it would result in filters using these standard attributes populating the values of other integrations as well as per current Datadog behaviour.
Review checklist (to be filled by reviewers)
- [ ] Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
- [ ] Changelog entries must be created for modifications to shipped code
- [ ] Add the
qa/skip-qalabel if the PR doesn't need to be tested during QA. - [ ] If you need to backport this PR to another branch, you can add the
backport/<branch-name>label to the PR and it will automatically open a backport PR once this one is merged
Thanks for the comments, @neko-dd. We are currently looking into this and will provide an update once it is ready.
Thanks for the comments, @neko-dd. We are currently looking into this and will provide an update once it is ready.
@neko-dd we have address all the comments.
We have updated README file to reflect IntegerField changes for verdict delay parameter.
We have updated readme as per new revised standards for configuration steps.