╭─────────┬─────────────┬───────────┬───────────┬───────────────────────────────────────────────────────────────────────────────────┬───────────────╮
│ PACKAGE │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │ TIME ELAPSED │
├─────────┼─────────────┼───────────┼───────────┼───────────────────────────────────────────────────────────────────────────────────┼───────────────┤
│ cef │ log │ system │ default │ FAIL: one or more errors found in documents stored in logs-cef.log-ep data stream │ 30.934856434s │
╰─────────┴─────────────┴───────────┴───────────┴───────────────────────────────────────────────────────────────────────────────────┴───────────────╯
FAILURE DETAILS:
cef/log default:
[0] field "cef.extensions.Customer" is undefined
[1] field "cef.extensions.additionalReqHeaders" is undefined
[2] field "cef.extensions.additionalResHeaders" is undefined
[3] field "cef.extensions.ccode" is undefined
[4] field "cef.extensions.cicode" is undefined
[5] field "cef.extensions.cpt" is undefined
[6] field "cef.extensions.cs11" is undefined
[7] field "cef.extensions.cs11Label" is undefined
[8] field "cef.extensions.cs7" is undefined
[9] field "cef.extensions.cs7Label" is undefined
[10] field "cef.extensions.cs8" is undefined
[11] field "cef.extensions.cs8Label" is undefined
[12] field "cef.extensions.cs9" is undefined
[13] field "cef.extensions.cs9Label" is undefined
[14] field "cef.extensions.destinationProcessName" is undefined
[15] field "cef.extensions.deviceCustomString6" is undefined
[16] field "cef.extensions.deviceCustomString6Label" is undefined
[17] field "cef.extensions.endTime" is undefined
[18] field "cef.extensions.fileId" is undefined
[19] field "cef.extensions.filePermission" is undefined
[20] field "cef.extensions.fileType" is undefined
[21] field "cef.extensions.method" is undefined
[22] field "cef.extensions.qstr" is undefined
[23] field "cef.extensions.ref" is undefined
[24] field "cef.extensions.requestClientApplication" is undefined
[25] field "cef.extensions.siteid" is undefined
[26] field "cef.extensions.sourceUserId" is undefined
[27] field "cef.extensions.startTime" is undefined
[28] field "cef.extensions.tag" is undefined
[29] field "cef.extensions.ver" is undefined
[30] field "cef.extensions.xff" is undefined
[31] field "destination.process.name" is undefined
[32] field "file.group" is undefined
[33] field "file.inode" is undefined
[34] field "file.type" is undefined
[35] field "user_agent.original" is undefined
[36] found error.message in event: malformed value for act at pos 450
--- Test results for package: crowdstrike - START ---
╭─────────────┬─────────────┬───────────┬───────────┬──────────────────────────────────────────────────────────────────────────────────────────────┬───────────────╮
│ PACKAGE │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │ TIME ELAPSED │
├─────────────┼─────────────┼───────────┼───────────┼──────────────────────────────────────────────────────────────────────────────────────────────┼───────────────┤
│ crowdstrike │ falcon │ system │ default │ FAIL: one or more errors found in documents stored in logs-crowdstrike.falcon-ep data stream │ 30.813426666s │
╰─────────────┴─────────────┴───────────┴───────────┴──────────────────────────────────────────────────────────────────────────────────────────────┴───────────────╯
FAILURE DETAILS:
crowdstrike/falcon default:
[0] parsing field value failed: field "crowdstrike.event.LocalPort"'s Go type, string, does not match the expected field type: long (field value: 445)
[1] parsing field value failed: field "crowdstrike.event.PID"'s Go type, string, does not match the expected field type: long (field value: 206158879910)
[2] parsing field value failed: field "crowdstrike.event.ProcessEndTime"'s Go type, float64, does not match the expected field type: date (field value: 0)
[3] parsing field value failed: field "crowdstrike.event.RemotePort"'s Go type, string, does not match the expected field type: long (field value: 54952)
[4] parsing field value failed: field "destination.port"'s Go type, string, does not match the expected field type: long (field value: 445)
[5] parsing field value failed: field "process.pid"'s Go type, string, does not match the expected field type: long (field value: 206158879910)
[6] parsing field value failed: field "source.port"'s Go type, string, does not match the expected field type: long (field value: 54952)
--- Test results for package: crowdstrike - END ---
Done
Error: one or more test cases failed
╭─────────┬───────────────┬───────────┬───────────┬────────────────────────────────────────────────────────────────┬────────────────╮
│ PACKAGE │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │ TIME ELAPSED │
├─────────┼───────────────┼───────────┼───────────┼────────────────────────────────────────────────────────────────┼────────────────┤
│ nats │ connection │ system │ default │ PASS │ 1m2.813631747s │
│ nats │ connections │ system │ default │ PASS │ 18.417229473s │
│ nats │ log │ system │ default │ PASS │ 26.932125276s │
│ nats │ route │ system │ default │ FAIL: could not find hits in metrics-nats.route-ep data stream │ 2m20.71934469s │
│ nats │ stats │ system │ default │ PASS │ 18.361126482s │
│ nats │ subscriptions │ system │ default │ PASS │ 18.462041002s │
╰─────────┴───────────────┴───────────┴───────────┴────────────────────────────────────────────────────────────────┴────────────────╯
FAILURE DETAILS:
nats/route default:
--- Test results for package: nats - END ---
Done
Error: one or more test cases failed
As noted in #514, the following packages' system tests are currently failing and have been disabled:
cefpackage. Errors are found in the test. I believe this is caused by extra checks introduced by other changes inelastic-package. Logs:crowdstrikepackage. Same as above:nats/routedata_stream. This one fails because of the testing service sending a single UDP packet which may be sent before the elastic-agent is listening. This is probably triggered by this PR causing a larger delay between the service being up and elastic-agent being ready.