Skip to content

[Iptables] update documentation #17350

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
haetamoudi wants to merge 3 commits into
base: main
Choose a base branch
from
Open

[Iptables] update documentation #17350

haetamoudi wants to merge 3 commits into from

Conversation

@haetamoudi
Copy link
Contributor

@haetamoudi haetamoudi commented Feb 10, 2026

Proposed commit message

[iptables] Documentation Update

generated new knowledge base file
generated new documentation

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

@haetamoudi haetamoudi requested a review from a team as a code owner February 10, 2026 16:17
@haetamoudi haetamoudi added enhancement New feature or request Integration:iptables Iptables labels Feb 10, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 10, 2026
edited
Loading

Vale Linting Results

Summary: 19 warnings, 17 suggestions found

⚠️ Warnings (19)
File Line Rule Message
packages/iptables/_dev/build/docs/README.md 32 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/_dev/build/docs/README.md 70 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/_dev/build/docs/README.md 99 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/docs/README.md 32 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/docs/README.md 70 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/docs/README.md 99 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/docs/README.md 214 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/docs/README.md 226 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/docs/README.md 241 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'using' instead of 'via'.
packages/iptables/docs/README.md 301 Elastic.DontUse Don't use 'Note that'.
packages/iptables/docs/README.md 301 Elastic.DontUse Don't use 'note that'.
packages/iptables/docs/README.md 301 Elastic.DontUse Don't use 'note that'.
packages/iptables/docs/README.md 361 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'.
packages/iptables/docs/README.md 362 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'.
packages/iptables/docs/README.md 363 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'for example' instead of 'e.g'.
packages/iptables/docs/README.md 363 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'.
packages/iptables/docs/README.md 364 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'for example' instead of 'e.g'.
packages/iptables/docs/README.md 364 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'.
packages/iptables/docs/knowledge_base/service_info.md 50 Elastic.Latinisms Latin terms and abbreviations are a common source of confusion. Use 'and so on' instead of 'etc'.
💡 Suggestions (17)
File Line Rule Message
packages/iptables/_dev/build/docs/README.md 18 Elastic.Versions Use 'or later' instead of 'or higher' when referring to versions.
packages/iptables/_dev/build/docs/README.md 119 Elastic.HeadingColons Capitalize ': u'.
packages/iptables/_dev/build/docs/README.md 130 Elastic.HeadingColons Capitalize ': l'.
packages/iptables/_dev/build/docs/README.md 139 Elastic.HeadingColons Capitalize ': j'.
packages/iptables/docs/README.md 18 Elastic.Versions Use 'or later' instead of 'or higher' when referring to versions.
packages/iptables/docs/README.md 119 Elastic.HeadingColons Capitalize ': u'.
packages/iptables/docs/README.md 130 Elastic.HeadingColons Capitalize ': l'.
packages/iptables/docs/README.md 139 Elastic.HeadingColons Capitalize ': j'.
packages/iptables/docs/README.md 296 Elastic.WordChoice Consider using 'can, might' instead of 'may', unless the term is in the UI.
packages/iptables/docs/README.md 301 Elastic.WordChoice Consider using 'efficiently' instead of 'simply', unless the term is in the UI.
packages/iptables/docs/README.md 301 Elastic.WordChoice Consider using 'can, might' instead of 'may', unless the term is in the UI.
packages/iptables/docs/README.md 349 Elastic.WordChoice Consider using 'start, run' instead of 'boot', unless the term is in the UI.
packages/iptables/docs/README.md 349 Elastic.WordChoice Consider using 'start, run' instead of 'boot', unless the term is in the UI.
packages/iptables/docs/README.md 368 Elastic.Wordiness Consider using 'all' instead of 'All of '.
packages/iptables/docs/knowledge_base/service_info.md 80 Elastic.HeadingColons Capitalize ': u'.
packages/iptables/docs/knowledge_base/service_info.md 92 Elastic.HeadingColons Capitalize ': l'.
packages/iptables/docs/knowledge_base/service_info.md 101 Elastic.HeadingColons Capitalize ': j'.

The Vale linter checks documentation changes against the Elastic Docs style guide.

To use Vale locally or report issues, refer to Elastic style guide for Vale.

@haetamoudi haetamoudi added documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. Team:Integration-Experience Security Integrations Integration Experience [elastic/integration-experience] labels Feb 10, 2026
@elasticmachine
Copy link

elasticmachine commented Feb 10, 2026

Pinging @elastic/integration-experience (Team:Integration-Experience)

@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Feb 11, 2026

🚀 Benchmarks report

Package iptables 👍(0) 💚(0) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
log 8620.69 6666.67 -1954.02 (-22.67%) 💔

To see the full report comment with /test benchmark fullreport

@elasticmachine
Copy link

elasticmachine commented Feb 11, 2026

💚 Build Succeeded

History

mjwolf
mjwolf reviewed Feb 11, 2026
View reviewed changes
packages/iptables/changelog.yml
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "1.22.1"
Copy link
Contributor

@mjwolf mjwolf Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're going to use minor version increase for the documentation updates

Suggested change
- version: "1.22.1"
- version: "1.23.0"

packages/iptables/_dev/build/docs/README.md

The module is by default configured to run with the `udp` input on port `9001`.
However, it can also be configured to read from a file path or journald.
This integration facilitates:
Copy link
Contributor

@mjwolf mjwolf Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These use cases can be removed. They are duplicated in the "Supported Use cases" section

packages/iptables/_dev/build/docs/README.md

Before you install the integration, ensure your environment is configured correctly:
- Root or sudo permissions are required on the Linux host to modify `iptables` rules and `rsyslog` configurations.
- Port `9001` (UDP) must be accessible on the Elastic Agent host to receive syslog traffic.
Copy link
Contributor

@mjwolf mjwolf Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you can remove this line, having the port open on the agent host isn't really a vendor prerequisite.
It also makes it sound like port 9001 must be used, when it's actually configurable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mjwolf mjwolf mjwolf left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

documentation Improvements or additions to documentation. Applied to PRs that modify *.md files. enhancement New feature or request Integration:iptables Iptables Team:Integration-Experience Security Integrations Integration Experience [elastic/integration-experience]

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@haetamoudi @elasticmachine @mjwolf