Integration Name
AWS [aws]
Dataset Name
aws.securityhub_findings
Integration Version
2.37.0
Agent Version
8.16.0
Agent Output Type
elasticsearch
Elasticsearch Version
any
OS Version and Architecture
any
Software/API Version
No response
Error Message
No response
Event Original
No response
What did you do?
Setup the integration
What did you see?
Missing documents
What did you expect to see?
No missing documents
Anything else?
A recent update to the AWS security hub integration added event.kind as a constant keyword set to state. Unfortunately event.kind can have another value which is pipeline_error and when that happens the doc is dropped because the event.kind is a constant keyword.
Integration Name
AWS [aws]
Dataset Name
aws.securityhub_findings
Integration Version
2.37.0
Agent Version
8.16.0
Agent Output Type
elasticsearch
Elasticsearch Version
any
OS Version and Architecture
any
Software/API Version
No response
Error Message
No response
Event Original
No response
What did you do?
Setup the integration
What did you see?
Missing documents
What did you expect to see?
No missing documents
Anything else?
A recent update to the AWS security hub integration added event.kind as a constant keyword set to state. Unfortunately event.kind can have another value which is pipeline_error and when that happens the doc is dropped because the event.kind is a constant keyword.