Skip to content

[Filebeat] Fix IPtables pipeline#24928

Merged
leehinman merged 6 commits intoelastic:masterfrom
legoguy1000:24878-fix-ubiquity-dashboard
Apr 12, 2021
Merged

[Filebeat] Fix IPtables pipeline#24928
leehinman merged 6 commits intoelastic:masterfrom
legoguy1000:24878-fix-ubiquity-dashboard

Conversation

@legoguy1000
Copy link
Copy Markdown
Contributor

@legoguy1000 legoguy1000 commented Apr 5, 2021
edited
Loading

What does this PR do?

Fixes the Ubiquiti dashboard as part of the IPtables module and updates the grok patterns to better parse the sample data.

Why is it important?

Ubiquiti dashboard was never updated when pipeline was modified so fields don't match.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Author's Checklist

  • [ ]

How to test this PR locally

GENERATE=true TESTING_FILEBEAT_MODULES=iptables TESTING_FILEBEAT_FILESETS=log mage -v pythonIntegTest

Related issues

Use cases

Screenshots

Logs

@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Apr 5, 2021
@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Apr 5, 2021
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: leehinman commented: /test

  • Start Time: 2021-04-12T14:19:07.768+0000

  • Duration: 73 min 8 sec

  • Commit: c926391

Test stats 🧪

Test Results
Failed 0
Passed 6910
Skipped 1185
Total 8095

Trends 🧪

Image of Build Times

Image of Tests

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 6910
Skipped 1185
Total 8095

PrplHaz4
PrplHaz4 reviewed Apr 5, 2021
View reviewed changes
@legoguy1000 legoguy1000 marked this pull request as ready for review April 5, 2021 15:42
@legoguy1000
Copy link
Copy Markdown
Contributor Author

legoguy1000 commented Apr 5, 2021

Should be good to review.

@legoguy1000 legoguy1000 force-pushed the 24878-fix-ubiquity-dashboard branch from e8d3438 to dda2b8a Compare April 6, 2021 12:42
@legoguy1000
Copy link
Copy Markdown
Contributor Author

legoguy1000 commented Apr 6, 2021

@leehinman You were the last one to make major changes to this module. Can you take a look?

leehinman
leehinman requested changes Apr 7, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@leehinman leehinman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank You. Changes look good, just one question on the community_id processor.

leehinman
leehinman reviewed Apr 8, 2021
View reviewed changes
@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Apr 9, 2021

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b 24878-fix-ubiquity-dashboard upstream/24878-fix-ubiquity-dashboard
git merge upstream/master
git push upstream 24878-fix-ubiquity-dashboard

@legoguy1000 legoguy1000 force-pushed the 24878-fix-ubiquity-dashboard branch 2 times, most recently from 9c2aeab to 8f4db5e Compare April 11, 2021 21:26
@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Apr 12, 2021

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b 24878-fix-ubiquity-dashboard upstream/24878-fix-ubiquity-dashboard
git merge upstream/master
git push upstream 24878-fix-ubiquity-dashboard

@legoguy1000 legoguy1000 force-pushed the 24878-fix-ubiquity-dashboard branch from 8f4db5e to 82fda5a Compare April 12, 2021 09:06
@legoguy1000 legoguy1000 force-pushed the 24878-fix-ubiquity-dashboard branch from 82fda5a to c926391 Compare April 12, 2021 09:09
@leehinman
Copy link
Copy Markdown
Contributor

leehinman commented Apr 12, 2021

/test

@elasticmachine
Copy link
Copy Markdown
Contributor

elasticmachine commented Apr 12, 2021

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Apr 12, 2021
@leehinman leehinman added enhancement needs_team Indicates that the issue/PR needs a Team:* label labels Apr 12, 2021
@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Apr 12, 2021
@botelastic
Copy link
Copy Markdown

botelastic bot commented Apr 12, 2021

This pull request doesn't have a Team:<team> label.

@leehinman leehinman added Filebeat Filebeat backport-v7.13.0 Automated backport with mergify needs_integration_sync Changes in this PR need synced to elastic/integrations. labels Apr 12, 2021
@leehinman leehinman merged commit ddcf8f1 into elastic:master Apr 12, 2021
mergify bot pushed a commit that referenced this pull request Apr 12, 2021
@legoguy1000
[Filebeat] Fix IPtables pipeline (#24928)
59918e1 
* #24878: Fix IPtables pipeline
  - fix dashboards
  - populate additional event.actions
  - move community_id processor to ingest node
  - set observer.name

(cherry picked from commit ddcf8f1)
@mergify mergify bot mentioned this pull request Apr 12, 2021
Merged
leehinman pushed a commit that referenced this pull request Apr 13, 2021
@mergify @legoguy1000
[Filebeat] Fix IPtables pipeline (#24928) (#25029)
3f772bd 
* #24878: Fix IPtables pipeline
  - fix dashboards
  - populate additional event.actions
  - move community_id processor to ingest node
  - set observer.name

(cherry picked from commit ddcf8f1)

Co-authored-by: Alex Resnick <adr8292@gmail.com>
v1v added a commit to v1v/beats that referenced this pull request Apr 14, 2021
@v1v
Merge remote-tracking branch 'upstream/master' into feature/use-debian-9
1de2782 
* upstream/master: (308 commits)
  [winlogbeat] Add support for sysmon v13 events 24 and 25 (elastic#24945)
  mergify: add backport label (elastic#25050)
  Add pod.ip in k8s metadata (elastic#25037)
  [elastic-agent] Use fleet.url for container cmd (elastic#25026)
  disable TestXPackEnabled flaky test in logstash metricbeat module (elastic#25034)
  Leverege leader election in agent  k8s manifests (elastic#25016)
  libbeat/publisher/pipeline: expand monitoring (elastic#24700)
  libbeat: fix decode_json_fields config validation (elastic#24862)
  Remove make docs-preview instructions (elastic#25001)
  [Filebeat] Fix IPtables pipeline (elastic#24928)
  [DOCS] cd into correct directory before invoking mage. (elastic#17679)
  Add -buildmode=pie for supported platform (elastic#24964)
  Add agent's direcotry in k8s manifest generator (elastic#24987)
  [mergify] assign the original author (elastic#25007)
  Fix AWS module flaky tests (elastic#24852)
  [filebeat] Use fail_on_template_error on google_workspace and okta pagination (elastic#24967)
  Updated config to match defaults (elastic#25004)
  [Filebeat] Fix hardcoded amazonaws.com endpoint (elastic#24861)
  Add cloud.service.name to add_cloud_metadata (elastic#24993)
  [Ingest Manager] Expose processes and their metrics (elastic#24788)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@leehinman leehinman leehinman approved these changes

+1 more reviewer

@PrplHaz4 PrplHaz4 PrplHaz4 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

backport-v7.13.0 Automated backport with mergify enhancement Filebeat Filebeat needs_integration_sync Changes in this PR need synced to elastic/integrations.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[filebeat iptables] Ubiquiti Firewall field [raw_date] not present as part of path [iptables.raw_date]

4 participants

@legoguy1000 @elasticmachine @leehinman @PrplHaz4