-
Notifications
You must be signed in to change notification settings - Fork 515
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add source.nat.ip
#7444
Add source.nat.ip
#7444
Conversation
model.Source no longer equals model.Client, so you can't directly convert between them.
Are there other places where I need to apply the request's metadata to the |
Looking at https://github.com/elastic/ecs/blob/main/schemas/source.yml#L148 and #7029 (comment):
My understanding from that is
I believe you summarized (and implemented) this the other way around. Please take another look at Andrew's comment and let me know if my understanding makes sense to you. |
@simitt thank you for the clarification! |
how do i run |
First run the systemtests and then run |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! (apart from the failing system tests)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please update doc comments & PR description (for commit message) before merging. Otherwise, also with the caveat of failing system test, LGTM. Thanks :)
beater/interceptors/metadata.go
Outdated
@@ -79,11 +81,15 @@ type ClientMetadataValues struct { | |||
// SourceAddr holds the address of the (source) network peer, if known. | |||
SourceAddr net.Addr | |||
|
|||
// ClientIP holds the IP address of the originating gRPC client, if known, | |||
// SourceNATIP holds the IP address of the originating gRPC client, if known, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
doc comments are still reversed
@axw I'm running them from within the systemtest folder, but keep getting the error about not finding the apm package
any ideas what I should check? |
@stuartnelson3 sorry, I just totally misread your error message before. I think you might need to run |
the systemtests are getting killed after 11min on my machine, i'll take another look into this tomorrow (or try running it on an aws vm) |
💚 CLA has been signed |
3f5205f
to
ae9f04e
Compare
This pull request is now in conflicts. Could you fix it @stuartnelson3? 🙏
|
wasn't part of the original spec, and the ephemeral port was messing with systemtest approvals
💔 Build Failed
Expand to view the summary
Build stats
Pipeline error
This error is likely related to the pipeline itself. Please go to the traditional console output here" You will see the error (either a wrong syntax or configuration) |
…ging * upstream/main: ci: -SNAPSHOT suffix is required (elastic#7585) Add `source.nat.ip` (elastic#7444)
Verified with 8.2.0-BC1:
|
This pull request does not have a backport label. Could you fix it @stuartnelson3? 🙏
NOTE: |
Motivation/summary
as per the ECS team's recommendation, store the address provided in proxy headers
forwarded
,x-real-ip
,x-forwarded-for
undersource.{ip,port}
andclient.{ip,port}
; store the source ip addr insource.nat.ip
Checklist
apmpackage
have been made)How to test these changes
X-Forwarded-For
headersource.nat.ip
fieldsRelated issues
closes #7029