Skip to content

Add Splunk httpjson input to winlog package#884

Merged
marc-gr merged 4 commits intoelastic:masterfrom
marc-gr:splunk_custom_winlog
Apr 12, 2021
Merged

Add Splunk httpjson input to winlog package#884
marc-gr merged 4 commits intoelastic:masterfrom
marc-gr:splunk_custom_winlog

Conversation

@marc-gr
Copy link
Copy Markdown
Contributor

@marc-gr marc-gr commented Apr 6, 2021
edited
Loading

What does this PR do?

Adds Splunk input to winlog custom events package.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.

Screenshots

image

@marc-gr marc-gr requested a review from leehinman April 6, 2021 08:16
@elasticmachine
Copy link
Copy Markdown

elasticmachine commented Apr 6, 2021
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Pull request #884 updated

  • Start Time: 2021-04-12T07:15:29.251+0000

  • Duration: 13 min 35 sec

  • Commit: 3d96a5a

Test stats 🧪

Test Results
Failed 0
Passed 1
Skipped 0
Total 1

Trends 🧪

Image of Build Times

Image of Tests

leehinman
leehinman reviewed Apr 6, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@leehinman leehinman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good. Couple of questions.

@marc-gr marc-gr force-pushed the splunk_custom_winlog branch from db30e14 to e5efa5b Compare April 7, 2021 10:11
@marc-gr marc-gr requested a review from leehinman April 7, 2021 10:11
@marc-gr
Copy link
Copy Markdown
Contributor Author

marc-gr commented Apr 7, 2021

I am not sure how to handle the custom bit here, since we already have processors that are required for parsing, and could be fairly easy to mess them up, any ideas?

leehinman
leehinman reviewed Apr 7, 2021
View reviewed changes
@leehinman
Copy link
Copy Markdown
Contributor

leehinman commented Apr 7, 2021

I am not sure how to handle the custom bit here, since we already have processors that are required for parsing, and could be fairly easy to mess them up, any ideas?

Do we need Custom for this? You could limit the records returned with the search string, and additional processing could happen in an ingest pipeline. What do you think?

leehinman
leehinman requested changes Apr 7, 2021
View reviewed changes
@leehinman leehinman mentioned this pull request Apr 7, 2021
Merged
3 tasks
@marc-gr marc-gr requested a review from leehinman April 8, 2021 07:41
@marc-gr marc-gr mentioned this pull request Apr 8, 2021
Merged
3 tasks
leehinman
leehinman approved these changes Apr 8, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@leehinman leehinman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great.

@marc-gr marc-gr force-pushed the splunk_custom_winlog branch from baf91c6 to 3d96a5a Compare April 12, 2021 07:15
@marc-gr marc-gr merged commit 0f04ee6 into elastic:master Apr 12, 2021
@marc-gr marc-gr deleted the splunk_custom_winlog branch April 12, 2021 07:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@leehinman leehinman leehinman approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@marc-gr @elasticmachine @leehinman