Skip to content

[Enhancement] Initial public release of Ubiquiti UniFi integration #14566

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

[Enhancement] Initial public release of Ubiquiti UniFi integration #14566

wants to merge 5 commits into from
+10,045 −0

Conversation

colin-stubbs
Copy link
Contributor

@colin-stubbs colin-stubbs commented Jul 16, 2025
edited
Loading

Proposed commit message

Adds support for Ubiquiti UniFi Activity and Traffic Logging, aka. SIEM integration via syslog/UDP, as well as webhook based event delivery from UniFi systems to an Elastic Agent http_endpoint listener.

Checklist

Author's Checklist

Please ensure close review of the agent stream templates for the logs data stream.

Significant hackery has had to occur via javascript scripting and if there's a better way of doing this stuff I'd love to hear suggestions.

How to test this PR locally

Sufficient pipeline and system test logs have been provided, review the content and run the tests should suffice.

Related issues

Screenshots

@colin-stubbs colin-stubbs requested a review from a team as a code owner July 16, 2025 10:34
@andrewkroh andrewkroh added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. New Integration Issue or pull request for creating a new integration package. dashboard Relates to a Kibana dashboard bug, enhancement, or modification. labels Jul 16, 2025
@colin-stubbs
update PR link, improve cleanup of ECS mapped CEF fields
c756f3d 
add extraction for some non-CEF/non-iptables logs
dougburks
dougburks reviewed Jul 17, 2025
View reviewed changes
@jamiehynds jamiehynds added the Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices] label Jul 18, 2025
@elasticmachine
Copy link

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

@qcorporation
Copy link
Contributor

@colin-stubbs thank you for your contribution - I would suggestion that you tag @elastic/sec-deployment-and-devices as reviewers. I would also suggest that you label the github ownership to that team and mark it as community contributed.
Here's an example of that within the arista_ngfw integration

integrations/packages/arista_ngfw/manifest.yml

Line 33 in 31d0898

github: elastic/sec-deployment-and-devices

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dougburks dougburks dougburks left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dashboard Relates to a Kibana dashboard bug, enhancement, or modification. documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. New Integration Issue or pull request for creating a new integration package. Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add integration for Ubiquiti Networks UniFi equipment
6 participants
@colin-stubbs @elasticmachine @qcorporation @dougburks @andrewkroh @jamiehynds