Skip to content

Commit f890071

Browse files
lucian-ioanlucian-ioan
authored
Merge branch 'main' into aws_health_disable_linked_accounts
2 parents f971e7d + 474664e commit f890071

File tree

22 files changed

+573
-352
lines changed

22 files changed

+573
-352
lines changed

packages/cisco_nexus/_dev/deploy/docker/sample_logs/test-nexus.log

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,3 +70,4 @@
7070
<187>Jun 14 11:34:35 ac45ce-sr1 AEST: %SFF8472-3-THRESHOLD_VIOLATION: Te2/0/17: Rx power high warning; Operating value: -0.8 dBm, Threshold value: -1.0 dBm.
7171
<189>Jun 14 12:00:59 ac2109-sr2 AEST: %SEC_LOGIN-SW2-5-LOGIN_SUCCESS: Login Success [user: srvc_a005a7_000] [Source: 10.218.144.16] [localport: 22] at 12:00:59 AEST Wed Jun 14 2023
7272
<190>Jun 14 12:04:05 ac500a-sr1 AEST: %SYS-SW1-6-LOGOUT_C6K: User srvc_a005a7_0001_prd has exited tty session 2(10.218.144.32)
73+
<187>: 2025 Jun 25 12:41:12 MST: %DAEMON-3-SYSTEM_MSG: error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[8480]

packages/cisco_nexus/changelog.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,9 @@
11
# newer versions go on top
2+
- version: "1.4.1"
3+
changes:
4+
- description: Fix bug that did not recognize timestamps to use tz_map override.
5+
type: bugfix
6+
link: https://github.com/elastic/integrations/pull/14504
27
- version: "1.4.0"
38
changes:
49
- description: Support stack version 9.0.

packages/cisco_nexus/data_stream/log/_dev/test/pipeline/test-common-config.yml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,3 +6,9 @@ fields:
66
tags:
77
- preserve_original_event
88
- preserve_duplicate_custom_fields
9+
_conf:
10+
tz_map:
11+
- tz_short: MST
12+
tz_long: "America/Phoenix"
13+
- tz_short: AEST
14+
tz_long: "Australia/Sydney"

packages/cisco_nexus/data_stream/log/_dev/test/pipeline/test-nexus-tz-mapping.log

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
<187>: 2025 Jun 25 11:36:10 MST: %DAEMON-3-SYSTEM_MSG: error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[23986]
2+
<187>: 2025 Jun 25 12:41:12 MST: %DAEMON-3-SYSTEM_MSG: error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[8480]

packages/cisco_nexus/data_stream/log/_dev/test/pipeline/test-nexus-tz-mapping.log-expected.json

Lines changed: 108 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,108 @@
1+
{
2+
"expected": [
3+
{
4+
"@timestamp": "2025-06-25T11:36:10.000-07:00",
5+
"cisco_nexus": {
6+
"log": {
7+
"description": "error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[23986]",
8+
"facility": "DAEMON",
9+
"priority_number": 187,
10+
"severity": 3,
11+
"time": "2025-06-25T11:36:10.000-07:00",
12+
"timezone": "America/Phoenix",
13+
"type": "SYSTEM_MSG"
14+
}
15+
},
16+
"ecs": {
17+
"version": "8.17.0"
18+
},
19+
"event": {
20+
"category": [
21+
"network"
22+
],
23+
"code": "SYSTEM_MSG",
24+
"kind": "event",
25+
"original": "<187>: 2025 Jun 25 11:36:10 MST: %DAEMON-3-SYSTEM_MSG: error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[23986]",
26+
"severity": 3,
27+
"timezone": "America/Phoenix",
28+
"type": [
29+
"connection"
30+
]
31+
},
32+
"log": {
33+
"level": "error",
34+
"syslog": {
35+
"facility": {
36+
"code": 23
37+
},
38+
"priority": 187,
39+
"severity": {
40+
"code": 3
41+
}
42+
}
43+
},
44+
"message": "error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[23986]",
45+
"observer": {
46+
"product": "Nexus",
47+
"type": "switches",
48+
"vendor": "Cisco"
49+
},
50+
"tags": [
51+
"preserve_original_event",
52+
"preserve_duplicate_custom_fields"
53+
]
54+
},
55+
{
56+
"@timestamp": "2025-06-25T12:41:12.000-07:00",
57+
"cisco_nexus": {
58+
"log": {
59+
"description": "error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[8480]",
60+
"facility": "DAEMON",
61+
"priority_number": 187,
62+
"severity": 3,
63+
"time": "2025-06-25T12:41:12.000-07:00",
64+
"timezone": "America/Phoenix",
65+
"type": "SYSTEM_MSG"
66+
}
67+
},
68+
"ecs": {
69+
"version": "8.17.0"
70+
},
71+
"event": {
72+
"category": [
73+
"network"
74+
],
75+
"code": "SYSTEM_MSG",
76+
"kind": "event",
77+
"original": "<187>: 2025 Jun 25 12:41:12 MST: %DAEMON-3-SYSTEM_MSG: error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[8480]",
78+
"severity": 3,
79+
"timezone": "America/Phoenix",
80+
"type": [
81+
"connection"
82+
]
83+
},
84+
"log": {
85+
"level": "error",
86+
"syslog": {
87+
"facility": {
88+
"code": 23
89+
},
90+
"priority": 187,
91+
"severity": {
92+
"code": 3
93+
}
94+
}
95+
},
96+
"message": "error: kex_exchange_identification: Connection closed by remote host - dcos_sshd[8480]",
97+
"observer": {
98+
"product": "Nexus",
99+
"type": "switches",
100+
"vendor": "Cisco"
101+
},
102+
"tags": [
103+
"preserve_original_event",
104+
"preserve_duplicate_custom_fields"
105+
]
106+
}
107+
]
108+
}

0 commit comments

Comments
 (0)