Make network_direction, registered_domain and convert processors compatible with ES older than 7.13.0#26676
Merged
adriansr merged 4 commits intoelastic:masterfrom Jul 2, 2021
Conversation
Contributor
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
Member
|
Would you mind adding a dropProcessor case for |
Contributor
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
Trends 🧪💚 Flaky test reportTests succeeded. Expand to view the summary
Test stats 🧪
|
mergify bot
pushed a commit
that referenced
this pull request
Jul 2, 2021
…atible with ES older than 7.13.0 (#26676) Adds three new Filebeat fileset compatibility tweaks to support Elasticsearch versions before 7.13.0: - Replaces usages of convert processor using type: ip with an equivalent grok expression. Convert to ip type is used to make a conditional field copy if the source field is a valid IP address. - Removes the network_direction processor. - Removes the registered_domain processor. (cherry picked from commit 65d2193)
mergify bot
pushed a commit
that referenced
this pull request
Jul 2, 2021
…atible with ES older than 7.13.0 (#26676) Adds three new Filebeat fileset compatibility tweaks to support Elasticsearch versions before 7.13.0: - Replaces usages of convert processor using type: ip with an equivalent grok expression. Convert to ip type is used to make a conditional field copy if the source field is a valid IP address. - Removes the network_direction processor. - Removes the registered_domain processor. (cherry picked from commit 65d2193)
mergify bot
pushed a commit
that referenced
this pull request
Jul 2, 2021
…atible with ES older than 7.13.0 (#26676) Adds three new Filebeat fileset compatibility tweaks to support Elasticsearch versions before 7.13.0: - Replaces usages of convert processor using type: ip with an equivalent grok expression. Convert to ip type is used to make a conditional field copy if the source field is a valid IP address. - Removes the network_direction processor. - Removes the registered_domain processor. (cherry picked from commit 65d2193)
adriansr
added a commit
that referenced
this pull request
Jul 2, 2021
…atible with ES older than 7.13.0 (#26676) (#26693) Adds three new Filebeat fileset compatibility tweaks to support Elasticsearch versions before 7.13.0: - Replaces usages of convert processor using type: ip with an equivalent grok expression. Convert to ip type is used to make a conditional field copy if the source field is a valid IP address. - Removes the network_direction processor. - Removes the registered_domain processor. (cherry picked from commit 65d2193) Co-authored-by: Adrian Serrano <adrisr83@gmail.com>
adriansr
added a commit
that referenced
this pull request
Jul 2, 2021
…atible with ES older than 7.13.0 (#26676) (#26691) Adds three new Filebeat fileset compatibility tweaks to support Elasticsearch versions before 7.13.0: - Replaces usages of convert processor using type: ip with an equivalent grok expression. Convert to ip type is used to make a conditional field copy if the source field is a valid IP address. - Removes the network_direction processor. - Removes the registered_domain processor. (cherry picked from commit 65d2193) Co-authored-by: Adrian Serrano <adrisr83@gmail.com>
adriansr
added a commit
that referenced
this pull request
Jul 5, 2021
… convert processors compatible with ES older than 7.13.0 (#26692) Adds three new Filebeat fileset compatibility tweaks to support Elasticsearch versions before 7.13.0: - Replaces usages of convert processor using type: ip with an equivalent grok expression. Convert to ip type is used to make a conditional field copy if the source field is a valid IP address. - Removes the network_direction processor. - Removes the registered_domain processor. (cherry picked from commit 65d2193) * Fix changelog Co-authored-by: Adrian Serrano <adrisr83@gmail.com>
v1v
added a commit
to v1v/beats
that referenced
this pull request
Jul 5, 2021
…stage-failed-within-same-build * upstream/master: (36 commits) Revert "[CI] fight the flakiness with some retry option in the CI only for the Pull Requests (elastic#26617)" (elastic#26704) Packaging: linux/armv7 is not supported (elastic#26706) Cyberarkpas: Link to official docs on how to setup TLS (elastic#26614) Make network_direction, registered_domain and convert processors compatible with ES older than 7.13.0 (elastic#26676) Disable armv7 packaging (elastic#26679) [Heartbeat] use --params flag for synthetics (elastic#26674) Update dependent package to avoid downloading a suspicious file (elastic#26406) [mergify] set title and allow bp in any direction (elastic#26648) Fix memory leak in SQL helper when database is not available (elastic#26607) [CI] fight the flakiness with some retry option in the CI only for the Pull Requests (elastic#26617) [mergify] automate PRs that change the backport rules (elastic#26641) [Metricbeat] Add Airflow module in xpack (elastic#26220) chore: add-backport-next (elastic#26620) [metricbeat] Add state_job metricset (elastic#26479) CI: jenkins labels are less time consuming now (elastic#26613) [MetricBeat] [AWS] Fix aws metric tags with resourcegroupstaggingapi paginator (elastic#26385) (elastic#26443) Move openmetrics module to oss (elastic#26561) Skip flaky test TestFilestreamMetadataUpdatedOnRename (elastic#26609) [filebeat][fortinet] Use default add_locale for fortinet.firewall (elastic#26524) Enroll proxy settings (elastic#26514) ...
3 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Adds three new Filebeat fileset compatibility tweaks to support Elasticsearch versions before 7.13.0:
convertprocessor usingtype: ipwith an equivalentgrokexpression. Convert to ip type is used to make a conditional field copy if the source field is a valid IP address.network_directionprocessor.registered_domainprocessor.Why is it important?
To ensure modules work with versions older than 7.13.0.
Checklist
My code follows the style guidelines of this project
I have commented my code, particularly in hard-to-understand areas
[ ] I have made corresponding changes to the documentation[ ] I have made corresponding change to the default configuration filesI have added tests that prove my fix is effective or that my feature works
I have added an entry in
CHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.Relates [Filebeat] Module incompatibility with older ES/Kibana versions #26629
Relates [Filebeat] Replace copy_from with templated value #26631