Skip to content

Commit bf9ba87

Browse files
adriansradriansr
committed
Set ecs.version in pipeline
1 parent 3ab5446 commit bf9ba87

File tree

4 files changed

+6
-16
lines changed

4 files changed

+6
-16
lines changed

packages/cyberarkpas/data_stream/audit/agent/stream/log.yml.hbs

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,3 @@ publisher_pipeline.disable_host: true
1515
{{/contains}}
1616
processors:
1717
- add_locale: ~
18-
- add_fields:
19-
target: ''
20-
fields:
21-
ecs.version: 1.9.0

packages/cyberarkpas/data_stream/audit/agent/stream/tcp.yml.hbs

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,3 @@ ssl: {{ssl}}
1515
{{/if}}
1616
processors:
1717
- add_locale: ~
18-
- add_fields:
19-
target: ''
20-
fields:
21-
ecs.version: 1.9.0

packages/cyberarkpas/data_stream/audit/agent/stream/udp.yml.hbs

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,5 @@ tags:
1010
{{#contains tags "forwarded"}}
1111
publisher_pipeline.disable_host: true
1212
{{/contains}}
13-
1413
processors:
1514
- add_locale: ~
16-
- add_fields:
17-
target: ''
18-
fields:
19-
ecs.version: 1.9.0

packages/cyberarkpas/data_stream/audit/elasticsearch/ingest_pipeline/default.yml

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,14 @@ description: Pipeline for CyberArk PAS
33

44
processors:
55
#
6-
# Set ECS event.ingested
6+
# Set ECS version and event.ingested
77
#
88
- set:
9-
field: event.ingested
10-
value: '{{{_ingest.timestamp}}}'
9+
field: event.ingested
10+
value: '{{{_ingest.timestamp}}}'
11+
- set:
12+
field: ecs.version
13+
value: 1.9.0
1114

1215
#
1316
# Set event.original from message, unless reindexing.

0 commit comments

Comments
 (0)