[Digital Guardian] Initial Release of Digital Guardian

[kcreddy]

Proposed commit message

Initial Release of Digital Guardian.

New integration to pull events and alerts from the 
Digital Guardian Analytics & Reporting Cloud (ARC) API.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

cd packages/digital_guardian && eval "$(elastic-package stack shellinit)" && elastic-package test system --generate -v --defer-cleanup 30m

--- Test results for package: digital_guardian - START ---
╭──────────────────┬─────────────┬───────────┬───────────┬────────┬───────────────╮
│ PACKAGE          │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │  TIME ELAPSED │
├──────────────────┼─────────────┼───────────┼───────────┼────────┼───────────────┤
│ digital_guardian │ arc         │ system    │ default   │ PASS   │ 40.953647792s │
╰──────────────────┴─────────────┴───────────┴───────────┴────────┴───────────────╯
--- Test results for package: digital_guardian - END   ---
Done

cd packages/digital_guardian && eval "$(elastic-package stack shellinit)" && elastic-package test pipeline --generate -v

--- Test results for package: digital_guardian - START ---
╭──────────────────┬─────────────┬───────────┬────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE          │ DATA STREAM │ TEST TYPE │ TEST NAME                                  │ RESULT │ TIME ELAPSED │
├──────────────────┼─────────────┼───────────┼────────────────────────────────────────────┼────────┼──────────────┤
│ digital_guardian │ arc         │ pipeline  │ (ingest pipeline warnings test-dg-arc.log) │ PASS   │     477.58ms │
│ digital_guardian │ arc         │ pipeline  │ test-dg-arc.log                            │ PASS   │  48.267458ms │
╰──────────────────┴─────────────┴───────────┴────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: digital_guardian - END   ---
Done

Related issues

• Closes [New Integration] Digital Guardian ARC API #8545

Screenshots

[elasticmachine]

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

[kcreddy]

@jamiehynds, @andrewkroh I created Digital Guardian integration with ARC as one of the datastreams instead of Digital Guardian ARC integration. With this approach, we can add events from other DG products underneath same integration instead of creating new integrations, one for each product.

Let me know if you think the other way works better.

[elasticmachine]

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

[efd6]

🐦

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 7aee0ec

History

• 💚 Build #14175 succeeded 66a7c64
• 💚 Build #14148 succeeded 21054aa
• 💔 Build #14147 failed d7b29cf
• 💔 Build #14146 failed c5246ca
• 💔 Build #14050 failed ffe4569

cc @kcreddy

[elastic-sonarqube]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
95.6% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

[elasticmachine]

Package digital_guardian - 0.1.0 containing this change is available at https://epr.elastic.co/search?package=digital_guardian