remove dead link from docs and more pipeline cleanup

elastic · Jun 7, 2024 · ead2592 · ead2592
1 parent 49d4080
commit ead2592
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 13 deletions.
diff --git a/packages/stormshield/_dev/build/docs/README.md b/packages/stormshield/_dev/build/docs/README.md
@@ -7,11 +7,11 @@ Use the Stormshield SNS integration to ingest log data into Elastic Security and
 
 ## Data streams
 
-The Stormshield SNS integration collects audit, traffic, and connection (including NAT) logs. Available log types are available here: https://documentation.stormshield.eu/SNS/v4/en/Content/Description_of_Audit_logs/Configure_logs.htm .
+The Stormshield SNS integration collects audit, traffic, and connection (including NAT) logs. Available log types are available [here](https://documentation.stormshield.eu/SNS/v4/en/Content/Description_of_Audit_logs/Configure_logs.htm) .
 
 
 **Logs** help you keep a record of events happening in your firewalls.
-The SNS integration handles activity logs and firewall (filter and NAT) logs. See more details in the [Logs](#logs-reference).
+The SNS integration handles activity logs and firewall (filter and NAT) logs. SNS can send realtime events and also periodic statistics audit logs. The dashboard is tailored to display results of the realtime events and not the statistics logs.
 
 ## Requirements
 

diff --git a/packages/stormshield/data_stream/log/agent/stream/tcp.yml.hbs b/packages/stormshield/data_stream/log/agent/stream/tcp.yml.hbs
@@ -20,9 +20,6 @@ processors:
 - syslog:
     field: message
     format: rfc5424
-{{#if tz_offset}}
-    timezone: "{{tz_offset}}"
-{{/if}}
 {{#if processors}}
 {{processors}}
 {{/if}}
diff --git a/packages/stormshield/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/stormshield/data_stream/log/elasticsearch/ingest_pipeline/default.yml
@@ -346,7 +346,6 @@ processors:
       description: Move the list of fields we don't want to drop.
       params:
         names:
-            - srcportname
             - Pvm
             - address
             - alarmid
@@ -421,10 +420,6 @@ processors:
       field: message
       ignore_failure: true
       ignore_missing: true
-  - remove:
-      field: stormshield.srcportname
-      ignore_failure: true
-      ignore_missing: true
 
 
 on_failure:

diff --git a/packages/stormshield/docs/README.md b/packages/stormshield/docs/README.md
@@ -7,11 +7,11 @@ Use the Stormshield SNS integration to ingest log data into Elastic Security and
 
 ## Data streams
 
-The Stormshield SNS integration collects audit, traffic, and connection (including NAT) logs. Available log types are available here: https://documentation.stormshield.eu/SNS/v4/en/Content/Description_of_Audit_logs/Configure_logs.htm .
+The Stormshield SNS integration collects audit, traffic, and connection (including NAT) logs. Available log types are available [here](https://documentation.stormshield.eu/SNS/v4/en/Content/Description_of_Audit_logs/Configure_logs.htm) .
 
 
 **Logs** help you keep a record of events happening in your firewalls.
-The SNS integration handles activity logs and firewall (filter and NAT) logs. See more details in the [Logs](#logs-reference).
+The SNS integration handles activity logs and firewall (filter and NAT) logs. SNS can send realtime events and also periodic statistics audit logs. The dashboard is tailored to display results of the realtime events and not the statistics logs.
 
 ## Requirements
 

diff --git a/packages/stormshield/manifest.yml b/packages/stormshield/manifest.yml
@@ -7,7 +7,9 @@ source:
 description: "Stormshield SNS integration."
 type: integration
 categories:
-  - custom
+  - network
+  - security
+  - firewall_security
 conditions:
   kibana:
     version: "^8.11.4"