Specify an ECS version in Auditbeat/Packetbeat/Winlogbeat#19159
Merged
andrewkroh merged 2 commits intoelastic:masterfrom Jul 13, 2020
Merged
Specify an ECS version in Auditbeat/Packetbeat/Winlogbeat#19159andrewkroh merged 2 commits intoelastic:masterfrom
andrewkroh merged 2 commits intoelastic:masterfrom
Conversation
Contributor
💔 Build Failed
Expand to view the summary
Build stats
Test stats 🧪
Steps errorsExpand to view the steps failures
Log outputExpand to view the last 100 lines of log output
|
Member
Author
|
run tests |
Contributor
|
Pinging @elastic/siem (Team:SIEM) |
Member
Author
|
run tests |
1 similar comment
Member
Author
|
run tests |
Contributor
|
Thanks for getting this started! I agree ideally a whole Beat should upgrade ECS versions all at once whenever possible. This is an improvement over setting it once in libbeat for all Beats, for a given stack release. Given that these 3 Beats have much fewer datasets than Metricbeat and Filebeat, I think this is an acceptable tradeoff. 👍 |
Member
Author
|
run tests |
f02adf6 to
593c6cf
Compare
Member
Author
|
run tests |
Member
Author
|
Run tests |
593c6cf to
a135e25
Compare
When we update the Beat (include all of its modules) we will then bump the ECS version that it includes in events. I went for a less granular approach than what is being used in Filebeat because I think it's desirable to move a whole beat to a new ECS version "at once" and more realistic to do so with these Beats that have fewer updates. By "at once" I mean we won't release a version that is partially updated. This implies that if we will be making multiple commits that we should use a feature branch to ensure the update is atomic. Closes elastic#17688
a135e25 to
12fb849
Compare
andrewstucki
approved these changes
Jul 13, 2020
Member
Author
|
The kibana container is failing to launch for the integration tests due to elastic/kibana#71343, but the unit tests are all passing so I'm going to merge. |
andrewkroh
added a commit
to andrewkroh/beats
that referenced
this pull request
Jul 13, 2020
) When we update the Beat (include all of its modules) we will then bump the ECS version that it includes in events. I went for a less granular approach than what is being used in Filebeat because I think it's desirable to move a whole beat to a new ECS version "at once" and more realistic to do so with these Beats that have fewer updates. By "at once" I mean we won't release a version that is partially updated. This implies that if we will be making multiple commits that we should use a feature branch to ensure the update is atomic. Closes elastic#17688 (cherry picked from commit 256b50d)
v1v
added a commit
to v1v/beats
that referenced
this pull request
Jul 14, 2020
* upstream/master: (25 commits) [Elastic Agent] Send checkin payload to Fleet (elastic#19857) [Ingest Manager] Fixed tests across agent elastic#19877 [Ingest Manager] Fix serialization test elastic#19876 Fix service start type mapping in windows/service metricset (elastic#19551) ci: Change comment trigger detection method (elastic#19827) Add 21 autogenerated filesets from rsa2elk devices (elastic#19713) [Ingest Manager] Agent config cleanup (elastic#19848) libbeat/publisher/pipeline: fix data races (elastic#19821) Update monitoring-internal-collection.asciidoc (elastic#19422) (elastic#19697) [Elastic Agent] Trust exchange endpoint must bind to 127.0.0.1 (elastic#19861) Specify an ECS version in Auditbeat/Packetbeat/Winlogbeat (elastic#19159) Add azure billing metricset (elastic#19207) Add support for appinsights in the metricbeat azure module (elastic#18940) Add MySQL query metricset with lightweight module and SQL helper (elastic#18955) [Ingest Manager] Refuse invalid stream values in configuration (elastic#19587) Do not use vendor during integration tests (elastic#19839) LIBBEAT: Enhancement Convert dissected values from String to other basic data types and IP (elastic#18683) [Elastic Agent] Remove support for "logs" and only support logfile (elastic#19761) [CI] support windows-2012 (elastic#19773) Do not update go.mod during packaging and testing (elastic#19823) ...
andrewkroh
added a commit
that referenced
this pull request
Jul 14, 2020
…19862) When we update the Beat (include all of its modules) we will then bump the ECS version that it includes in events. I went for a less granular approach than what is being used in Filebeat because I think it's desirable to move a whole beat to a new ECS version "at once" and more realistic to do so with these Beats that have fewer updates. By "at once" I mean we won't release a version that is partially updated. This implies that if we will be making multiple commits that we should use a feature branch to ensure the update is atomic. Closes #17688 (cherry picked from commit 256b50d)
melchiormoulin
pushed a commit
to melchiormoulin/beats
that referenced
this pull request
Oct 14, 2020
) When we update the Beat (include all of its modules) we will then bump the ECS version that it includes in events. I went for a less granular approach than what is being used in Filebeat because I think it's desirable to move a whole beat to a new ECS version "at once" and more realistic to do so with these Beats that have fewer updates. By "at once" I mean we won't release a version that is partially updated. This implies that if we will be making multiple commits that we should use a feature branch to ensure the update is atomic. Closes elastic#17688
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
When we update the Beat (include all of its modules) we will then bump the ECS
version that it includes in events.
I went for a less granular approach than what is being used in Filebeat because
I think it's desirable to move a whole beat to a new ECS version "at once" and
more realistic to do so with these Beats that have fewer updates. By "at once" I
mean we won't release a version that is partially updated. This implies that if
we will be making multiple commits that we should use a feature branch to
ensure the update is atomic.
Why is it important?
We want the
ecs.versionto accurately represent the schema that is implemented.Related issues