Skip to content

Commit 6810c9d

Browse files
mtojekmtojek
mtojek
authored and
mtojek
committed
Merge branch '7.x' into backport_23973_7.x
2 parents a6e6ce4 + 8758310 commit 6810c9d

27 files changed

Lines changed: 338 additions & 182 deletions

CHANGELOG.asciidoc

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,21 @@
33
:issue: https://github.com/elastic/beats/issues/
44
:pull: https://github.com/elastic/beats/pull/
55

6+
[[release-notes-7.11.1]]
7+
=== Beats version 7.11.1
8+
https://github.com/elastic/beats/compare/v7.11.0...v7.11.1[View commits]
9+
10+
==== Bugfixes
11+
12+
*Filebeat*
13+
14+
- Fix goroutines leak with some inputs in autodiscover. {pull}23722[23722]
15+
- Fix various processing errors in the Suricata module. {pull}23236[23236]
16+
17+
*Elastic Logging Plugin*
18+
19+
- Fix out of date CLI flags on docs. {pull}23628[23628]
20+
621
[[release-notes-7.11.0]]
722
=== Beats version 7.11.0
823
https://github.com/elastic/beats/compare/v7.10.2...v7.11.0[View commits]

CHANGELOG.next.asciidoc

Lines changed: 4 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -18,10 +18,10 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
1818
- Remove `AddDockerMetadata` and `AddKubernetesMetadata` processors from the `script` processor. They can still be used as normal processors in the configuration. {issue}16349[16349] {pull}16514[16514]
1919
- Introduce APM libbeat instrumentation, active when running the beat with ELASTIC_APM_ACTIVE=true. {pull}17938[17938]
2020
- Make error message about locked data path actionable. {pull}18667[18667]
21+
- Fix panic with inline SSL when the certificate or key were small than 256 bytes. {pull}23820[23820]
2122

2223
*Auditbeat*
2324

24-
2525
*Filebeat*
2626

2727
- Fix parsing of Elasticsearch node name by `elasticsearch/slowlog` fileset. {pull}14547[14547]
@@ -153,7 +153,6 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
153153
*Filebeat*
154154

155155
- Update `filestream` reader offset when a line is skipped. {pull}23417[23417]
156-
- Fix goroutines leak with some inputs in autodiscover. {pull}23722[23722]
157156
- cisco/asa fileset: Fix parsing of 302021 message code. {pull}14519[14519]
158157
- Fix filebeat azure dashboards, event category should be `Alert`. {pull}14668[14668]
159158
- Fixed dashboard for Cisco ASA Firewall. {issue}15420[15420] {pull}15553[15553]
@@ -223,15 +222,12 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
223222
- Simplify regex for organization custom prefix in AWS/CloudTrail fileset. {issue}23203[23203] {pull}23204[23204]
224223
- Fix syslog header parsing in infoblox module. {issue}23272[23272] {pull}23273[23273]
225224
- Fix CredentialsJSON unpacking for `gcp-pubsub` and `httpjson` inputs. {pull}23277[23277]
226-
- Fix various processing errors in the Suricata module. {pull}23236[23236]
227225
- Fix concurrent modification exception in Suricata ingest node pipeline. {pull}23534[23534]
228226
- Change the `event.created` in Netflow events to be the time the event was created by Filebeat
229227
to be consistent with ECS. {pull}23094[23094]
230228
- Fix Zoom module parameters for basic auth and url path. {pull}23779[23779]
231229
- Fix handling of ModifiedProperties field in Office 365. {pull}23777[23777]
232230
- Use rfc6587 framing for fortinet firewall and clientendpoint filesets when transferring over tcp. {pull}23837[23837]
233-
- Fix goroutines leak with some inputs in autodiscover. {pull}23722[23722]
234-
- Fix various processing errors in the Suricata module. {pull}23236[23236]
235231

236232
*Heartbeat*
237233

@@ -317,7 +313,6 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
317313
*Functionbeat*
318314

319315
*Elastic Logging Plugin*
320-
- Fix out of date CLI flags on docs. {pull}23628[23628]
321316

322317

323318
==== Added
@@ -670,3 +665,6 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
670665

671666
*Journalbeat*
672667

668+
669+
670+

Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -197,6 +197,7 @@ snapshot:
197197
## release : Builds a release.
198198
.PHONY: release
199199
release: beats-dashboards
200+
@mage dumpVariables
200201
@$(foreach var,$(BEATS) $(PROJECTS_XPACK_PKG),$(MAKE) -C $(var) release || exit 1;)
201202
@$(foreach var,$(BEATS) $(PROJECTS_XPACK_PKG), \
202203
test -d $(var)/build/distributions && test -n "$$(ls $(var)/build/distributions)" || exit 0; \

dev-tools/packaging/packages.yml

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -118,6 +118,18 @@ shared:
118118
source: '{{.AgentDropPath}}/fleet-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc'
119119
mode: 0644
120120
skip_on_missing: true
121+
/var/lib/{{.BeatName}}/data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz:
122+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz'
123+
mode: 0644
124+
skip_on_missing: true
125+
/var/lib/{{.BeatName}}/data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.sha512:
126+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.sha512'
127+
mode: 0644
128+
skip_on_missing: true
129+
/var/lib/{{.BeatName}}/data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc:
130+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc'
131+
mode: 0644
132+
skip_on_missing: true
121133

122134

123135

@@ -222,6 +234,19 @@ shared:
222234
source: '{{.AgentDropPath}}/fleet-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc'
223235
mode: 0644
224236
skip_on_missing: true
237+
/etc/{{.BeatName}}/data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz:
238+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz'
239+
mode: 0644
240+
skip_on_missing: true
241+
/etc/{{.BeatName}}/data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.sha512:
242+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.sha512'
243+
mode: 0644
244+
skip_on_missing: true
245+
/etc/{{.BeatName}}/data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc:
246+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc'
247+
mode: 0644
248+
skip_on_missing: true
249+
225250

226251
- &agent_binary_files
227252
'{{.BeatName}}{{.BinaryExt}}':
@@ -314,6 +339,19 @@ shared:
314339
source: '{{.AgentDropPath}}/fleet-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc'
315340
mode: 0644
316341
skip_on_missing: true
342+
'data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz':
343+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz'
344+
mode: 0644
345+
skip_on_missing: true
346+
'data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.sha512':
347+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.sha512'
348+
mode: 0644
349+
skip_on_missing: true
350+
'data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc':
351+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.tar.gz.asc'
352+
mode: 0644
353+
skip_on_missing: true
354+
317355

318356
# Binary package spec (zip for windows) for community beats.
319357
- &agent_windows_binary_spec
@@ -374,6 +412,18 @@ shared:
374412
source: '{{.AgentDropPath}}/fleet-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.zip.asc'
375413
mode: 0644
376414
skip_on_missing: true
415+
'data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.zip':
416+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.zip'
417+
mode: 0644
418+
skip_on_missing: true
419+
'data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.zip.sha512':
420+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.zip.sha512'
421+
mode: 0644
422+
skip_on_missing: true
423+
'data/{{.BeatName}}-{{ commit_short }}/downloads/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.zip.asc':
424+
source: '{{.AgentDropPath}}/apm-server-{{ beat_version }}{{if .Snapshot}}-SNAPSHOT{{end}}-{{.GOOS}}-{{.AgentArchName}}.zip.asc'
425+
mode: 0644
426+
skip_on_missing: true
377427

378428
- &agent_docker_spec
379429
<<: *agent_binary_spec

libbeat/common/transport/tlscommon/tls.go

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -214,9 +214,7 @@ type PEMReader struct {
214214
// NewPEMReader returns a new PEMReader.
215215
func NewPEMReader(certificate string) (*PEMReader, error) {
216216
if IsPEMString(certificate) {
217-
// Take a substring of the certificate so we do not leak the whole certificate or private key in the log.
218-
debugStr := certificate[0:256] + "..."
219-
return &PEMReader{reader: ioutil.NopCloser(strings.NewReader(certificate)), debugStr: debugStr}, nil
217+
return &PEMReader{reader: ioutil.NopCloser(strings.NewReader(certificate)), debugStr: "inline"}, nil
220218
}
221219

222220
r, err := os.Open(certificate)

libbeat/common/transport/tlscommon/tls_test.go

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -546,6 +546,7 @@ NHy+PwkYsHhbrPl4dgStTNXLenJLIJ+Ke0Pcld4ZPfYdSyu/Tv4rNswZBNpNsW9K
546546
nygO9KTJuUiBrLr0AHEnqko=
547547
-----END PRIVATE KEY-----
548548
`
549+
549550
t.Run("embed", func(t *testing.T) {
550551
// Create a dummy configuration and append the CA after.
551552
cfg, err := load(`
@@ -568,6 +569,48 @@ supported_protocols: null
568569
assert.NotNil(t, tlsC)
569570
})
570571

572+
t.Run("embed small key", func(t *testing.T) {
573+
// Create a dummy configuration and append the CA after.
574+
cfg, err := load(`
575+
enabled: true
576+
verification_mode: null
577+
certificate: null
578+
key: null
579+
key_passphrase: null
580+
certificate_authorities:
581+
cipher_suites: null
582+
curve_types: null
583+
supported_protocols: null
584+
`)
585+
certificate := `
586+
-----BEGIN CERTIFICATE-----
587+
MIIBmzCCAUCgAwIBAgIRAOQpDyaFimzmueynALHkFEcwCgYIKoZIzj0EAwIwJjEk
588+
MCIGA1UEChMbVEVTVCAtIEVsYXN0aWMgSW50ZWdyYXRpb25zMB4XDTIxMDIwMjE1
589+
NTkxMFoXDTQxMDEyODE1NTkxMFowJjEkMCIGA1UEChMbVEVTVCAtIEVsYXN0aWMg
590+
SW50ZWdyYXRpb25zMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBc7UEvBd+5SG
591+
Z6QQfgBaPh/VAlf7ovpa/wfSmbHfBhee+dTvdAO1p90lannCkZmc7OfWAlQ1eTgJ
592+
QW668CJwE6NPME0wDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMB
593+
MAwGA1UdEwEB/wQCMAAwGAYDVR0RBBEwD4INZWxhc3RpYy1hZ2VudDAKBggqhkjO
594+
PQQDAgNJADBGAiEAhpGWL4lxsdb3+hHv0y4ppw6B7IJJLCeCwHLyHt2Dkx4CIQD6
595+
OEU+yuHzbWa18JVkHafxwnpwQmxwZA3VNitM/AyGTQ==
596+
-----END CERTIFICATE-----
597+
`
598+
key := `
599+
-----BEGIN PRIVATE KEY-----
600+
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgFDQJ1CPLXrUbUFqj
601+
ED8dqsGuVQdcPK7CHpsCeTtAgQqhRANCAAQFztQS8F37lIZnpBB+AFo+H9UCV/ui
602+
+lr/B9KZsd8GF5751O90A7Wn3SVqecKRmZzs59YCVDV5OAlBbrrwInAT
603+
-----END PRIVATE KEY-----
604+
`
605+
cfg.Certificate.Certificate = certificate
606+
cfg.Certificate.Key = key
607+
608+
tlsC, err := LoadTLSConfig(cfg)
609+
assert.NoError(t, err)
610+
611+
assert.NotNil(t, tlsC)
612+
})
613+
571614
t.Run("From disk", func(t *testing.T) {
572615
k, err := ioutil.TempFile("", "certificate.key")
573616
k.WriteString(key)

libbeat/docs/release.asciidoc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ This section summarizes the changes in each release. Also read
88
<<breaking-changes>> for more detail about changes that affect
99
upgrade.
1010

11+
* <<release-notes-7.11.1>>
1112
* <<release-notes-7.11.0>>
1213
* <<release-notes-7.10.2>>
1314
* <<release-notes-7.10.1>>

x-pack/elastic-agent/CHANGELOG.asciidoc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@
3333
- Fixed reenroll scenario {pull}23686[23686]
3434
- Fixed make status readable in the log. {pull}23849[23849]
3535
- Fixed Monitoring filebeat and metricbeat not connecting to Agent over GRPC {pull}23843[23843]
36+
- Windows agent doesn't uninstall with a lowercase `c:` drive in the path {pull}23998[23998]
3637

3738
==== New features
3839

x-pack/elastic-agent/CHANGELOG.next.asciidoc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@
3737
- Fix issue of missing log messages from filebeat monitor {pull}23514[23514]
3838
- Increase checkin grace period to 30 seconds {pull}23568[23568]
3939
- Fix libbeat from reporting back degraded on config update {pull}23537[23537]
40+
- Fix issues with dynamic inputs and conditions {pull}23886[23886]
4041
- Select default agent policy if no enrollment token provided. {pull}23973[23973]
4142

4243
==== New features

x-pack/elastic-agent/pkg/agent/application/application.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ func New(log *logger.Logger, pathConfigFile string, reexec reexecManager, uc upg
3535
// Load configuration from disk to understand in which mode of operation
3636
// we must start the elastic-agent, the mode of operation cannot be changed without restarting the
3737
// elastic-agent.
38-
rawConfig, err := LoadConfigFromFile(pathConfigFile)
38+
rawConfig, err := config.LoadFile(pathConfigFile)
3939
if err != nil {
4040
return nil, err
4141
}

0 commit comments

Comments
 (0)