[juniper_netscreen]: include log.file.device_id and log.file.inode in…

… base-fields (#9658) * fix(juniper_netscreen): include log.file.device_id and log.file.inode in base-fields.yml * fix(juniper_netscreen): update README.md
elastic · Apr 24, 2024 · c563bb3 · c563bb3
1 parent f187d0d
commit c563bb3
Show file tree

Hide file tree

Showing 4 changed files with 14 additions and 1 deletion.
diff --git a/packages/juniper_netscreen/changelog.yml b/packages/juniper_netscreen/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "0.10.2"
+  changes:
+    - description: Define missing fields
+      type: bugfix
+      link: https://github.com/elastic/integrations/pulls/9658
 - version: "0.10.1"
   changes:
     - description: Changed owners

diff --git a/packages/juniper_netscreen/data_stream/log/fields/base-fields.yml b/packages/juniper_netscreen/data_stream/log/fields/base-fields.yml
@@ -27,6 +27,12 @@
   example: /var/log/fun-times.log
   ignore_above: 1024
   type: keyword
+- name: log.file.device_id
+  description: Device Id of the log file this event came from.
+  type: keyword
+- name: log.file.inode
+  type: keyword
+  description: Inode of the log file this event came from.
 - name: log.source.address
   description: Source address from which the log event was read / sent from.
   type: keyword

diff --git a/packages/juniper_netscreen/docs/README.md b/packages/juniper_netscreen/docs/README.md
@@ -164,6 +164,8 @@ An example event for `log` looks as following:
 | http.request.method | HTTP request method. The value should retain its casing from the original event. For example, `GET`, `get`, and `GeT` are all considered valid values for this field. | keyword |
 | http.request.referrer | Referrer for this HTTP request. | keyword |
 | input.type | Type of Filebeat input. | keyword |
+| log.file.device_id | Device Id of the log file this event came from. | keyword |
+| log.file.inode | Inode of the log file this event came from. | keyword |
 | log.file.path | Full path to the log file this event came from. | keyword |
 | log.flags | Flags for the log file. | keyword |
 | log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword |

diff --git a/packages/juniper_netscreen/manifest.yml b/packages/juniper_netscreen/manifest.yml
@@ -1,7 +1,7 @@
 format_version: 1.0.0
 name: juniper_netscreen
 title: Juniper NetScreen (Deprecated)
-version: "0.10.1"
+version: "0.10.2"
 description: Deprecated. Juniper NetScreen is no longer supported.
 categories: ["network", "security", "firewall_security"]
 release: experimental