Skip to content

[iptables] Upgrade ECS to 8.0.0#2414

Merged
r00tu53r merged 4 commits intoelastic:mainfrom
r00tu53r:feat/ecs-8-0-iptables
Feb 7, 2022
Merged

[iptables] Upgrade ECS to 8.0.0#2414
r00tu53r merged 4 commits intoelastic:mainfrom
r00tu53r:feat/ecs-8-0-iptables

Conversation

@r00tu53r
Copy link
Copy Markdown
Contributor

@r00tu53r r00tu53r commented Jan 1, 2022

Automated PR.

Upgrades ECS to 8.0.0.

@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Jan 1, 2022

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@r00tu53r r00tu53r force-pushed the feat/ecs-8-0-iptables branch from d30f475 to bb9fa97 Compare January 1, 2022 21:49
@r00tu53r r00tu53r mentioned this pull request Jan 1, 2022
Closed
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Jan 1, 2022
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Reason: null

  • Start Time: 2022-02-03T15:41:59.086+0000

  • Duration: 20 min 29 sec

  • Commit: f03c6ac

Test stats 🧪

Test Results
Failed 0
Passed 27
Skipped 1
Total 28

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@r00tu53r r00tu53r requested review from P1llus, andrewkroh and marc-gr and removed request for andrewkroh and marc-gr January 13, 2022 03:34
efd6
efd6 reviewed Jan 17, 2022
View reviewed changes
@r00tu53r r00tu53r requested review from andrewkroh and efd6 February 2, 2022 00:18
efd6
efd6 reviewed Feb 2, 2022
View reviewed changes
packages/iptables/data_stream/log/sample_event.json
"dataset": "iptables.log",
"ingested": "2022-01-01T21:48:16Z",
"kind": "event",
"original": "\u003c6\u003e2021-03-12T14:10:18Z Hostname kernel: [wan-lan-default-D]IN=eth0 OUT= MAC=90:10:20:76:8d:20:90:10:65:29:b6:2a:08:00 SRC=158.109.0.1 DST=10.4.0.5 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=TCP SPT=38842 DPT=443 WINDOW=2853 RES=0x00 ACK URGP=0",
Copy link
Copy Markdown
Contributor

@efd6 efd6 Feb 2, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why has event.original gone?

Copy link
Copy Markdown
Contributor Author

@r00tu53r r00tu53r Feb 2, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Because the setting that preserves original event is off by default ? I see it in pipeline tests which aren't affected by the setting. This seems to be only applicable for the system test generated event. ?

I'll double check. As it was there earlier.

@r00tu53r r00tu53r requested a review from efd6 February 2, 2022 01:25
@r00tu53r r00tu53r merged commit 609a588 into elastic:main Feb 7, 2022
@andrewkroh andrewkroh mentioned this pull request Feb 9, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

@marc-gr marc-gr Awaiting requested review from marc-gr

@P1llus P1llus Awaiting requested review from P1llus

@efd6 efd6 Awaiting requested review from efd6

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@r00tu53r @elasticmachine @andrewkroh @efd6