Skip to content

Commit

Permalink
[hi]*: ensure event.kind is correctly set for pipeline errors (#6616)
Browse files Browse the repository at this point in the history 
hashicorp_vault, hid_bravura_monitor, imperva, infoblox_bloxone_ddi,
and infoblox_nios
  • Loading branch information
@efd6
efd6 committed Jun 21, 2023
1 parent bff969e commit 92684ed
Show file tree
Hide file tree
Showing 24 changed files with 105 additions and 29 deletions.
5 changes: 5 additions & 0 deletions packages/hashicorp_vault/changelog.yml
View file
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "1.12.0"
changes:
- description: Ensure event.kind is correctly set for pipeline errors.
type: enhancement
link: https://github.com/elastic/integrations/pull/6616
- version: "1.11.0"
changes:
- description: Update package to ECS 8.8.0.
Expand Down
9 changes: 6 additions & 3 deletions packages/hashicorp_vault/data_stream/audit/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -181,6 +181,9 @@ processors:
ignore_failure: true
ignore_missing: true
on_failure:
- set:
field: error.message
value: '{{ _ingest.on_failure_message }}'
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
9 changes: 6 additions & 3 deletions packages/hashicorp_vault/data_stream/log/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -37,6 +37,9 @@ processors:
ignore_failure: true
ignore_missing: true
on_failure:
- set:
field: error.message
value: '{{ _ingest.on_failure_message }}'
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
9 changes: 6 additions & 3 deletions packages/hashicorp_vault/data_stream/log/elasticsearch/ingest_pipeline/json.yml
View file
Expand Up @@ -51,6 +51,9 @@ processors:
copy_from: hashicorp_vault.log.file_path
ignore_failure: true
on_failure:
- set:
field: error.message
value: '{{ _ingest.on_failure_message }}'
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
9 changes: 6 additions & 3 deletions packages/hashicorp_vault/data_stream/metrics/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -31,6 +31,9 @@ processors:
target_field: hashicorp_vault.metrics
ignore_missing: true
on_failure:
- set:
field: error.message
value: '{{ _ingest.on_failure_message }}'
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
2 changes: 1 addition & 1 deletion packages/hashicorp_vault/manifest.yml
View file
@@ -1,7 +1,7 @@
format_version: 1.0.0
name: hashicorp_vault
title: Hashicorp Vault
version: "1.11.0"
version: "1.12.0"
license: basic
description: Collect logs and metrics from Hashicorp Vault with Elastic Agent.
type: integration
Expand Down
5 changes: 5 additions & 0 deletions packages/hid_bravura_monitor/changelog.yml
View file
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "1.8.0"
changes:
- description: Ensure event.kind is correctly set for pipeline errors.
type: enhancement
link: https://github.com/elastic/integrations/pull/6616
- version: "1.7.0"
changes:
- description: Update package to ECS 8.8.0.
Expand Down
5 changes: 4 additions & 1 deletion packages/hid_bravura_monitor/data_stream/log/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -192,5 +192,8 @@ processors:
ignore_missing: true
on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{ _ingest.on_failure_message }}'
value: '{{{ _ingest.on_failure_message }}}'
3 changes: 3 additions & 0 deletions packages/hid_bravura_monitor/data_stream/winlog/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -392,6 +392,9 @@ processors:

on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: |-
Processor "{{ _ingest.on_failure_processor_type }}" with tag "{{ _ingest.on_failure_processor_tag }}" in pipeline "{{ _ingest.on_failure_pipeline }}" failed with message "{{ _ingest.on_failure_message }}"
2 changes: 1 addition & 1 deletion packages/hid_bravura_monitor/manifest.yml
View file
@@ -1,6 +1,6 @@
name: hid_bravura_monitor
title: Bravura Monitor
version: "1.7.0"
version: "1.8.0"
categories: ["security", "iam"]
release: ga
description: Collect logs from Bravura Security Fabric with Elastic Agent.
Expand Down
5 changes: 5 additions & 0 deletions packages/imperva/changelog.yml
View file
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "0.16.0"
changes:
- description: Ensure event.kind is correctly set for pipeline errors.
type: enhancement
link: https://github.com/elastic/integrations/pull/6616
- version: "0.15.0"
changes:
- description: Update package to ECS 8.8.0.
Expand Down
7 changes: 5 additions & 2 deletions packages/imperva/data_stream/securesphere/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -63,6 +63,9 @@ processors:
ignore_failure: true
ignore_missing: true
on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: "{{ _ingest.on_failure_message }}"
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
2 changes: 1 addition & 1 deletion packages/imperva/manifest.yml
View file
@@ -1,7 +1,7 @@
format_version: 2.7.0
name: imperva
title: Imperva SecureSphere Logs
version: "0.15.0"
version: "0.16.0"
description: Collect SecureSphere logs from Imperva devices with Elastic Agent.
categories: ["network", "security"]
type: integration
Expand Down
5 changes: 5 additions & 0 deletions packages/infoblox_bloxone_ddi/changelog.yml
View file
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "1.5.0"
changes:
- description: Ensure event.kind is correctly set for pipeline errors.
type: enhancement
link: https://github.com/elastic/integrations/pull/6616
- version: "1.4.0"
changes:
- description: Update package to ECS 8.8.0.
Expand Down
5 changes: 4 additions & 1 deletion ...ges/infoblox_bloxone_ddi/data_stream/dhcp_lease/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -239,6 +239,9 @@ processors:
}
dropEmptyFields(ctx);
on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{ _ingest.on_failure_message }}'
value: '{{{ _ingest.on_failure_message }}}'
5 changes: 4 additions & 1 deletion ...ges/infoblox_bloxone_ddi/data_stream/dns_config/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -1988,6 +1988,9 @@ processors:
}
dropEmptyFields(ctx);
on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{ _ingest.on_failure_message }}'
value: '{{{ _ingest.on_failure_message }}}'
5 changes: 4 additions & 1 deletion packages/infoblox_bloxone_ddi/data_stream/dns_data/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -428,6 +428,9 @@ processors:
}
dropEmptyFields(ctx);
on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{ _ingest.on_failure_message }}'
value: '{{{ _ingest.on_failure_message }}}'
2 changes: 1 addition & 1 deletion packages/infoblox_bloxone_ddi/manifest.yml
View file
@@ -1,7 +1,7 @@
format_version: 2.7.0
name: infoblox_bloxone_ddi
title: Infoblox BloxOne DDI
version: "1.4.0"
version: "1.5.0"
description: Collect logs from Infoblox BloxOne DDI with Elastic Agent.
type: integration
categories:
Expand Down
5 changes: 5 additions & 0 deletions packages/infoblox_nios/changelog.yml
View file
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "1.9.0"
changes:
- description: Ensure event.kind is correctly set for pipeline errors.
type: enhancement
link: https://github.com/elastic/integrations/pull/6616
- version: "1.8.0"
changes:
- description: Update package to ECS 8.8.0.
Expand Down
12 changes: 6 additions & 6 deletions packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/default.yml
View file
Expand Up @@ -139,9 +139,9 @@ processors:
ignore_failure: true
ignore_missing: true
on_failure:
- append:
field: error.message
value: '{{{_ingest.on_failure_message}}}'
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{{_ingest.on_failure_message}}}'
- set:
field: event.kind
value: pipeline_error
7 changes: 7 additions & 0 deletions packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/pipeline_audit.yml
View file
Expand Up @@ -137,3 +137,10 @@ processors:
if: ctx.user?.name != null
allow_duplicates: false
ignore_failure: true
on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
7 changes: 7 additions & 0 deletions packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/pipeline_dhcp.yml
View file
Expand Up @@ -257,3 +257,10 @@ processors:
if: ctx.infoblox_nios?.log?.dhcp?.client_hostname != null
allow_duplicates: false
ignore_failure: true
on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
7 changes: 7 additions & 0 deletions packages/infoblox_nios/data_stream/log/elasticsearch/ingest_pipeline/pipeline_dns.yml
View file
Expand Up @@ -245,3 +245,10 @@ processors:
- timestamp
- repeat_message
ignore_missing: true
on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
2 changes: 1 addition & 1 deletion packages/infoblox_nios/manifest.yml
View file
@@ -1,7 +1,7 @@
format_version: 1.0.0
name: infoblox_nios
title: Infoblox NIOS
version: "1.8.0"
version: "1.9.0"
license: basic
description: Collect logs from Infoblox NIOS with Elastic Agent.
type: integration
Expand Down

0 comments on commit 92684ed

Please sign in to comment.