zoom update to ECS 1.11.0 #1430
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
leehinman
force-pushed
the
ecs_1.11.0_zoom
branch
from
5570a16
to
5b77310
Compare
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
Trends 🧪 |
andrewkroh
approved these changes
Jul 31, 2021
leehinman
added
enhancement
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
26 tasks
andrewkroh
reviewed
Aug 2, 2021
| @@ -22,7 +22,3 @@ processors: | |||
| fields: [message] | |||
There was a problem hiding this comment.
As part of #670 could you migrate the json decode step into the ingest node pipeline?
- change setting ecs.version to pipeline
leehinman
force-pushed
the
ecs_1.11.0_zoom
branch
from
5b77310
to
e4c8634
Compare
andrewkroh
reviewed
Aug 4, 2021
| @@ -18,11 +18,4 @@ tags: | |||
| publisher_pipeline.disable_host: true | |||
| {{/contains}} | |||
| processors: | |||
There was a problem hiding this comment.
Somewhere in here I think we want to this in order to get a raw copy of the JSON sent to the webhook.
{{#if preserve_original_event}}
preserve_original_event: true
{{/if}}
There was a problem hiding this comment.
For consistency with the other packages it should probably also set a tag with the preserve original event.
- remove extraneous filebeat json processor - update tests - change ecs field definitions to use external definitions Relates elastic#670
leehinman
force-pushed
the
ecs_1.11.0_zoom
branch
from
e4c8634
to
ccbfe0c
Compare
andrewkroh
approved these changes
Aug 4, 2021
leehinman
force-pushed
the
ecs_1.11.0_zoom
branch
from
45c7002
to
87399f4
Compare
eyalkraft
pushed a commit
to build-security/integrations
that referenced
this pull request
Mar 30, 2022
* Set ecs.version to 1.11.0 - change setting ecs.version to pipeline - remove extraneous filebeat json processor - update tests - change ecs field definitions to use external definitions - add preserve original event option and set tag Relates elastic#670
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
ecs.versionto 1.11.0Checklist
changelog.ymlfile.- [ ] If I'm introducing a new feature, I have modified the Kibana version constraint in my package'smanifest.ymlfile to point to the latest Elastic stack release (e.g.^7.13.0).Related issues