Skip to content

[AWS][WAF] System test failing for WAF with 8.14.0 #10400

Closed
#10401
Closed
[AWS][WAF] System test failing for WAF with 8.14.0#10400
#10401
Assignees
agithomas
Labels
Integration:awsAWSTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]
@agithomas

Description

@agithomas
agithomas
opened on Jul 6, 2024

Steps to Recreate the issue

  1. Update manifest.yml as
  kibana:
    version: "^8.14.0"
  1. elastic-package test system -d waf -v

Output

Error: error running package system tests: could not complete test run: found ignored fields in data stream logs-aws.waf-ep: [aws.waf.terminating_rule_match_details.location aws.waf.non_terminating_matching_rules.ruleMatchDetails.location aws.waf.rule_group_list.nonTerminatingMatchingRules.ruleMatchDetails.location]. Affected documents: [
  {
    "_id": "996f88ec15-000000000000",
    "@timestamp": "2019-12-13T23:40:12.771Z",
    "ignored_field_values": null
  },
  {
    "_id": "996f88ec15-000000000826",
    "@timestamp": "2020-06-17T01:26:32.516Z",
    "ignored_field_values": null
  },
  {
    "_id": "996f88ec15-000000001695",
    "@timestamp": "2020-06-17T02:43:30.888Z",
    "ignored_field_values": null
  },
  {
    "_id": "996f88ec15-000000002947",
    "@timestamp": "2019-12-13T23:40:12.771Z",
    "ignored_field_values": null
  }
]

Initial Assumption / Observation

I guess this may be related to the recently added feature in elastic-package
- System tests fail on presence of ignored fields. cc @jsoriano

Impacted PRs

Metadata

Metadata

Assignees

Labels

Integration:awsAWSTeam:Security-Service IntegrationsSecurity Service Integrations team [elastic/security-service-integrations]

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions