Skip to content

[claroty_xdome] Remove the recommendations field from vulnerabilities requests#17907

Merged
chrisberkhout merged 3 commits intoelastic:mainfrom
chrisberkhout:claroty_xdome-remove-recommendations-field
Mar 23, 2026
Merged

[claroty_xdome] Remove the recommendations field from vulnerabilities requests#17907
chrisberkhout merged 3 commits intoelastic:mainfrom
chrisberkhout:claroty_xdome-remove-recommendations-field

Conversation

@chrisberkhout
Copy link
Contributor

@chrisberkhout chrisberkhout commented Mar 19, 2026
edited
Loading

Proposed commit message

Remove the recommendations field from vulnerabilities requests.

The recommendations field is no longer available. The API responds
with 422 Unprocessable Content and this body:

    {
      "detail": [
        {
          "type": "enum",
          "loc": [
            "body",
            "fields",
            15
          ],
          "msg": "Input should be id, name, vulnerability_type, cve_ids, cvss_v2_score, cvss_v2_exploitability_subscore, cvss_v2_vector_string, cvss_v3_score, cvss_v3_exploitability_subscore, cvss_v3_vector_string, sources, source_name, source_url, description, affected_products, is_known_exploited, affected_devices_count, affected_medical_devices_count, affected_iot_devices_count, affected_it_devices_count, affected_ot_devices_count, published_date, affected_fixed_devices_count, affected_confirmed_devices_count, affected_potentially_relevant_devices_count, affected_irrelevant_devices_count, adjusted_vulnerability_score, adjusted_vulnerability_score_level, exploits_count, vulnerability_labels, vulnerability_assignees, vulnerability_note, vulnerability_priority_group, epss_score or alert_id",
          "input": "recommendations",
          "ctx": {
            "expected": "id, name, vulnerability_type, cve_ids, cvss_v2_score, cvss_v2_exploitability_subscore, cvss_v2_vector_string, cvss_v3_score, cvss_v3_exploitability_subscore, cvss_v3_vector_string, sources, source_name, source_url, description, affected_products, is_known_exploited, affected_devices_count, affected_medical_devices_count, affected_iot_devices_count, affected_it_devices_count, affected_ot_devices_count, published_date, affected_fixed_devices_count, affected_confirmed_devices_count, affected_potentially_relevant_devices_count, affected_irrelevant_devices_count, adjusted_vulnerability_score, adjusted_vulnerability_score_level, exploits_count, vulnerability_labels, vulnerability_assignees, vulnerability_note, vulnerability_priority_group, epss_score or alert_id"
          }
        }
      ]
    }

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

@chrisberkhout chrisberkhout self-assigned this Mar 19, 2026
@chrisberkhout chrisberkhout requested a review from a team as a code owner March 19, 2026 15:56
@chrisberkhout chrisberkhout added the Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] label Mar 19, 2026
@elasticmachine
Copy link

elasticmachine commented Mar 19, 2026

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@github-actions
Copy link
Contributor

github-actions bot commented Mar 19, 2026
edited
Loading

Vale Linting Results

Summary: 4 warnings found

⚠️ Warnings (4)
File Line Rule Message
packages/claroty_xdome/docs/README.md 1432 Elastic.QuotesPunctuation Place punctuation inside closing quotation marks.
packages/claroty_xdome/docs/README.md 1432 Elastic.QuotesPunctuation Place punctuation inside closing quotation marks.
packages/claroty_xdome/docs/README.md 1432 Elastic.QuotesPunctuation Place punctuation inside closing quotation marks.
packages/claroty_xdome/docs/README.md 1433 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'.

The Vale linter checks documentation changes against the Elastic Docs style guide.

To use Vale locally or report issues, refer to Elastic style guide for Vale.

@andrewkroh andrewkroh added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. Integration:claroty_xdome Claroty xDome labels Mar 19, 2026
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Mar 20, 2026

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@chrisberkhout chrisberkhout force-pushed the claroty_xdome-remove-recommendations-field branch from bdf6224 to d221f11 Compare March 20, 2026 11:48
@elasticmachine
Copy link

elasticmachine commented Mar 20, 2026

💚 Build Succeeded

History

cc @chrisberkhout

@chrisberkhout chrisberkhout merged commit 92f597c into elastic:main Mar 23, 2026
9 checks passed
@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Mar 23, 2026

Package claroty_xdome - 1.0.2 containing this change is available at https://epr.elastic.co/package/claroty_xdome/1.0.2/

srilumpa pushed a commit to srilumpa/elastic-integrations that referenced this pull request Mar 23, 2026
@chrisberkhout @srilumpa
[claroty_xdome] Remove the recommendations field from vulnerabilities…
3991cc9 
… requests (elastic#17907)

The recommendations field is no longer available. The API responds
with 422 Unprocessable Content and this body:

    {
      "detail": [
        {
          "type": "enum",
          "loc": [
            "body",
            "fields",
            15
          ],
          "msg": "Input should be id, name, vulnerability_type, cve_ids, cvss_v2_score, cvss_v2_exploitability_subscore, cvss_v2_vector_string, cvss_v3_score, cvss_v3_exploitability_subscore, cvss_v3_vector_string, sources, source_name, source_url, description, affected_products, is_known_exploited, affected_devices_count, affected_medical_devices_count, affected_iot_devices_count, affected_it_devices_count, affected_ot_devices_count, published_date, affected_fixed_devices_count, affected_confirmed_devices_count, affected_potentially_relevant_devices_count, affected_irrelevant_devices_count, adjusted_vulnerability_score, adjusted_vulnerability_score_level, exploits_count, vulnerability_labels, vulnerability_assignees, vulnerability_note, vulnerability_priority_group, epss_score or alert_id",
          "input": "recommendations",
          "ctx": {
            "expected": "id, name, vulnerability_type, cve_ids, cvss_v2_score, cvss_v2_exploitability_subscore, cvss_v2_vector_string, cvss_v3_score, cvss_v3_exploitability_subscore, cvss_v3_vector_string, sources, source_name, source_url, description, affected_products, is_known_exploited, affected_devices_count, affected_medical_devices_count, affected_iot_devices_count, affected_it_devices_count, affected_ot_devices_count, published_date, affected_fixed_devices_count, affected_confirmed_devices_count, affected_potentially_relevant_devices_count, affected_irrelevant_devices_count, adjusted_vulnerability_score, adjusted_vulnerability_score_level, exploits_count, vulnerability_labels, vulnerability_assignees, vulnerability_note, vulnerability_priority_group, epss_score or alert_id"
          }
        }
      ]
    }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@efd6 efd6 efd6 approved these changes

Assignees

@chrisberkhout chrisberkhout

Labels

documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. Integration:claroty_xdome Claroty xDome Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@chrisberkhout @elasticmachine @efd6 @andrewkroh