Skip to content

added see related events logexplorer filters#2320

Merged
AlexSanchez-bit merged 3 commits into
release/v12.0.0from
backlog/v12_seeevents_logexplorer
Jul 9, 2026
Merged

added see related events logexplorer filters#2320
AlexSanchez-bit merged 3 commits into
release/v12.0.0from
backlog/v12_seeevents_logexplorer

Conversation

@AlexSanchez-bit

Copy link
Copy Markdown
Contributor

No description provided.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown

🛑 AI review — Sensitive area, extra care recommended

This PR touches critical paths or introduces changes the model cannot judge with sufficient confidence. Review carefully before merging.

⚠️ architecture (gemini-3-flash-lite) — minor findings

Summary: Logic for index pattern normalization added to opensearch usecase; frontend deep-linking logic updated.

  • medium backend/modules/opensearch/usecase/index_pattern.go:52 — Business logic for index pattern normalization (prefixing/formatting) is placed in the usecase layer. Consider moving this to a domain-level helper or a dedicated validator to ensure consistency across all modules creating indices.

🛑 bugs (gemini-3-flash-lite) — high/critical — please review

Summary: Introduced a regression in log explorer deep-linking where the 'dataType' parameter is no longer explicitly handled, causing it to be treated as a generic filter field, breaking existing integration links.

  • high frontend/src/features/log-explorer/pages/LogExplorerPage.tsx:34 — The logic to specifically handle 'dataType' was removed in favor of generic query parameter parsing. Since the 'UserAuditorPage' relies on 'dataType' being passed to the log explorer, this change will cause the 'dataType' to be treated as a standard filter field rather than the intended index pattern identifier, likely resulting in empty search results or incorrect query construction.

🛑 security (gemini-3-flash-lite) — high/critical — please review

Summary: Potential OpenSearch index injection via unsanitized user input in index pattern creation.

  • high backend/modules/integrations/usecase/module.go:170 — The 'Pattern' field in OpenSearch index creation is populated directly from 'req.DataType' without validation or sanitization, potentially allowing an attacker to manipulate index patterns.
  • medium backend/modules/opensearch/usecase/index_pattern.go:53 — The index pattern normalization logic is insufficient to prevent injection. If 'req.Pattern' contains special characters or path traversal sequences, it could lead to unauthorized index access or creation.

🔴 go-deps — pending updates

🔍 Discovered 25 Go projects

📦 Dependencies with updates available:

  📁 ./agent/updater:
     - github.com/kardianos/service: v1.2.4 → v1.3.0

  📁 ./agent:
     - github.com/kardianos/service: v1.2.4 → v1.3.0
     - golang.org/x/sys: v0.46.0 → v0.47.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./collectors/as400:
     - github.com/kardianos/service: v1.2.4 → v1.3.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./collectors/utmstack:
     - github.com/kardianos/service: v1.2.4 → v1.3.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./collectors/forwarder:
     - github.com/kardianos/service: v1.2.4 → v1.3.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./installer:
     - github.com/cloudfoundry/gosigar: v1.3.122 → v1.3.123
     - github.com/kardianos/service: v1.2.4 → v1.3.0

  📁 ./backend:
     - cloud.google.com/go/pubsub: v1.50.2 → v1.50.4
     - github.com/aws/aws-sdk-go-v2/config: v1.32.25 → v1.32.29
     - github.com/aws/aws-sdk-go-v2/credentials: v1.19.24 → v1.19.28
     - github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs: v1.78.0 → v1.79.0
     - github.com/aws/aws-sdk-go-v2/service/sts: v1.43.3 → v1.44.0
     - golang.org/x/crypto: v0.53.0 → v0.54.0
     - google.golang.org/api: v0.286.0 → v0.287.1
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./plugins/inputs:
     - google.golang.org/grpc: v1.81.1 → v1.82.0

  📁 ./plugins/sophos:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/gcp:
     - cloud.google.com/go/pubsub: v1.50.2 → v1.50.4
     - golang.org/x/crypto: v0.53.0 → v0.54.0
     - google.golang.org/api: v0.286.0 → v0.287.1

  📁 ./plugins/crowdstrike:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/bitdefender:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/azure:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/aws:
     - github.com/aws/aws-sdk-go-v2: v1.42.0 → v1.42.1
     - github.com/aws/aws-sdk-go-v2/config: v1.32.25 → v1.32.29
     - github.com/aws/aws-sdk-go-v2/credentials: v1.19.24 → v1.19.28
     - github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs: v1.78.0 → v1.79.0
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/soc-ai:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./plugins/feeds:
     - golang.org/x/sync: v0.21.0 → v0.22.0

  📁 ./plugins/o365:
     - golang.org/x/crypto: v0.53.0 → v0.54.0

  📁 ./agent-manager:
     - golang.org/x/sync: v0.21.0 → v0.22.0
     - google.golang.org/grpc: v1.81.1 → v1.82.0

❌ Please update dependencies before merging.

@utmstackprapprover utmstackprapprover Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes requested — AI review found blocking issues (high/critical, or engineer review required). See above.

@utmstackprapprover utmstackprapprover Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes requested — AI review found blocking issues (high/critical, or engineer review required). See above.

@AlexSanchez-bit

Copy link
Copy Markdown
Contributor Author

no injection danger backend opensearch connectyor alredy validate queries, change add more expressive filters to use in other views redirections

@AlexSanchez-bit AlexSanchez-bit merged commit 46d18d9 into release/v12.0.0 Jul 9, 2026
1 check passed
@AlexSanchez-bit AlexSanchez-bit deleted the backlog/v12_seeevents_logexplorer branch July 9, 2026 16:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant