Skip to content

crowdstrike: add support for http proxy configuration #15880

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Nov 12, 2025
Merged

crowdstrike: add support for http proxy configuration #15880

merged 6 commits into from
Nov 12, 2025
+43 −1

Conversation

@navnit-elastic
Copy link
Contributor

@navnit-elastic navnit-elastic commented Nov 6, 2025
edited
Loading

Proposed commit message

crowdstrike: add support for http proxy configuration

add support for HTTP proxy configuration for Event Streams.
add support for proxy header configuration for REST APIs.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

image

@navnit-elastic navnit-elastic self-assigned this Nov 6, 2025
@navnit-elastic navnit-elastic added enhancement New feature or request Integration:crowdstrike CrowdStrike Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors] labels Nov 6, 2025
@navnit-elastic navnit-elastic force-pushed the crowdstrike-event-streams-proxy branch from 65f968e to c07fd81 Compare November 6, 2025 06:48
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Nov 6, 2025
edited
Loading

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@navnit-elastic navnit-elastic marked this pull request as ready for review November 6, 2025 08:27
@navnit-elastic navnit-elastic requested a review from a team as a code owner November 6, 2025 08:27
@elasticmachine
Copy link

elasticmachine commented Nov 6, 2025

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

kcreddy
kcreddy reviewed Nov 7, 2025
View reviewed changes
packages/crowdstrike/manifest.yml
title: Collect CrowdStrike Falcon Logs via Event Stream
description: Collecting CrowdStrike Falcon Logs via Event Stream.
vars:
- name: proxy_url
Copy link
Contributor

@kcreddy kcreddy Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you also add proxy_headers

Copy link
Contributor Author

@navnit-elastic navnit-elastic Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was referring to the recent PRs and was wondering why we don't add headers configuration along with the URL.

Copy link
Member

@andrewkroh andrewkroh Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do the other input types used throughout the Crowdstrike package also support proxy_headers (aws-s3, cel)? If so, then the other data streams' *.yml.hbs files should be updated to use proxy_headers.

Copy link
Contributor Author

@navnit-elastic navnit-elastic Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@andrewkroh - added proxy_headers option for CEL in d23c43a.
The aws-s3 input doesn't mention support for it.

Copy link
Contributor

@kcreddy kcreddy Nov 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@navnit-elastic, please update PR title and changelog accordingly.

@navnit-elastic navnit-elastic changed the title crowdstrike: add support for http proxy configuration for Event Streams API crowdstrike: add support for http proxy configuration Nov 10, 2025
@navnit-elastic navnit-elastic force-pushed the crowdstrike-event-streams-proxy branch from 34cfbfe to 44daf89 Compare November 11, 2025 13:13
@navnit-elastic navnit-elastic requested review from a team as code owners November 11, 2025 13:13
@navnit-elastic navnit-elastic force-pushed the crowdstrike-event-streams-proxy branch from 44daf89 to 941ec56 Compare November 11, 2025 13:18
@navnit-elastic navnit-elastic marked this pull request as draft November 11, 2025 13:18
@navnit-elastic
Merge branch 'main' into crowdstrike-event-streams-proxy
1d0c46a 
Conflicts:
	packages/crowdstrike/changelog.yml
@elasticmachine
Copy link

elasticmachine commented Nov 11, 2025

💚 Build Succeeded

History

cc @navnit-elastic

@navnit-elastic navnit-elastic marked this pull request as ready for review November 11, 2025 14:07
@navnit-elastic
Copy link
Contributor Author

navnit-elastic commented Nov 12, 2025
edited
Loading

@kcreddy, Could you please take a look at this once again? as there were some issues while resolving merge conflicts from my side. now its good to merge.

kcreddy
kcreddy approved these changes Nov 12, 2025
View reviewed changes
Copy link
Contributor

@kcreddy kcreddy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still LGTM. Thanks @navnit-elastic

@navnit-elastic navnit-elastic merged commit 43e1a4d into elastic:main Nov 12, 2025
7 checks passed
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Nov 12, 2025

Package crowdstrike - 2.8.0 containing this change is available at https://epr.elastic.co/package/crowdstrike/2.8.0/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

@kcreddy kcreddy kcreddy approved these changes

Assignees

@navnit-elastic navnit-elastic

Labels

enhancement New feature or request Integration:crowdstrike CrowdStrike Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Sit-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@navnit-elastic @elasticmachine @andrewkroh @kcreddy