Skip to content

[ti_threatconnect] Add agentless deployment#19642

Open
moxarth-rathod wants to merge 1 commit into
elastic:mainfrom
moxarth-rathod:ti_threatconnect_agentless
Open

[ti_threatconnect] Add agentless deployment#19642
moxarth-rathod wants to merge 1 commit into
elastic:mainfrom
moxarth-rathod:ti_threatconnect_agentless

Conversation

@moxarth-rathod

@moxarth-rathod moxarth-rathod commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

Proposed commit message

ti_threatconnect: add agentless support and update kibana version constraint

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

  • Clone integrations repo.
  • Install the elastic package locally.
  • Start the elastic stack using the elastic package.
  • Move to integrations/packages/ti_threatconnect directory.
  • Run the following command to run tests.

elastic-package test -v

Related issues

@moxarth-rathod moxarth-rathod self-assigned this Jun 19, 2026
@moxarth-rathod moxarth-rathod requested review from a team as code owners June 19, 2026 05:04
@moxarth-rathod moxarth-rathod added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Integration:ti_threatconnect ThreatConnect (Partner supported) Team:SDE-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors] labels Jun 19, 2026
@infra-vault-gh-plugin-prod

infra-vault-gh-plugin-prod Bot commented Jun 19, 2026

Copy link
Copy Markdown

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@github-actions

github-actions Bot commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

✅ Elastic Docs Style Checker (Vale)

No issues found on modified lines!

The Vale linter checks documentation changes against the Elastic Docs style guide. To use Vale locally or report issues, refer to Elastic style guide for Vale.

@elastic-vault-github-plugin-prod

elastic-vault-github-plugin-prod Bot commented Jun 19, 2026

Copy link
Copy Markdown

Changelog link mismatch — expected https://github.com/elastic/integrations/pull/19642 in the following file(s):

  • packages/ti_threatconnect/changelog.yml

Tip

If expected, add the changelog-link-check:skip label to skip this check. Or, if an issue link was intended, use .../issues/<n> instead.

View Buildkite build
@moxarth-rathod

@elasticmachine

elasticmachine commented Jun 19, 2026
edited
Loading

Copy link
Copy Markdown

💔 Build Failed

Failed CI Steps

History

cc @moxarth-rathod

@elastic-vault-github-plugin-prod

elastic-vault-github-plugin-prod Bot commented Jun 19, 2026

Copy link
Copy Markdown

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@vera-review-bot

vera-review-bot Bot commented Jun 19, 2026

Copy link
Copy Markdown

👀 I have started reviewing the PR

vera-review-bot[bot]
vera-review-bot Bot reviewed Jun 19, 2026
View reviewed changes
Comment thread packages/ti_threatconnect/changelog.yml
changes:
- description: Enable Agentless deployment.
type: enhancement
link: https://github.com/elastic/integrations/pull/1

@vera-review-bot vera-review-bot Bot Jun 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟡 MEDIUM changelog.yml:6

Changelog entry links to placeholder PR

The new 2.2.0 changelog entry sets link: https://github.com/elastic/integrations/pull/1, which points to an unrelated placeholder PR rather than this change. This PR is #​19642 (per the PR metadata). A wrong changelog link breaks the changelog-to-PR traceability that the entry is meant to provide.

Recommendation:

Point the link at the PR that introduces this change:

- version: "2.2.0"
  changes:
    - description: Enable Agentless deployment.
      type: enhancement
      link: https://github.com/elastic/integrations/pull/19642

🤖 AI-Generated Review | Vera Review Bot | 📚 Knowledge base: integration-skills

⚠️ Automated review — verify suggestions before applying.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@vera-review-bot vera-review-bot[bot] vera-review-bot[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@moxarth-rathod moxarth-rathod

Labels

documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Integration:ti_threatconnect ThreatConnect (Partner supported) Team:SDE-Crest Crest developers on the Security Integrations team [elastic/sit-crest-contractors] Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[ti_threatconnect] Add Agentless Deployment Support

2 participants

@moxarth-rathod @elasticmachine