New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Removing duplicate system/syslog ingest pipeline #725
Removing duplicate system/syslog ingest pipeline #725
Conversation
Hi @jen-huang, thanks for finding and reporting the duplicate pipeline. What would be the easiest way to test this fix? |
09b2ab3
to
7c305f8
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the quick fix! I have a PR that adds some additional guards on the Kibana side elastic/kibana#91778. The 404 errors weren't breaking either way. I think this is a pretty safe change so I'm happy to test it once this gets deployed out somewhere. Otherwise, there are some testing instructions in my PR.
Thanks @jen-huang. I'm good with testing this change once this package is published to the snapshot registry then. WDYT @fearful-symmetry? |
Pinging @elastic/integrations (Team:Integrations) |
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
Trends 🧪 |
@ycombinator I don't know enough how how ingest pipelines are installed to say for sure, but I'm overall fine with it. I'm mostly curious how this has flown under the radar. I don't think we've touched |
Both pipelines for the I think what might help is adding pipeline tests for this data stream. Looks like we have some test files that could be ported over from the corresponding Filebeat fileset. @jen-huang what happens in Kibana if it detects a |
Just to clarify, I'm adding these to this PR. |
Yep, both get installed and the second overwrites the first one. We don't do any sort of logic around the order, just whatever the order happens to be in the package manifest. Looking at system-0.10.9, the .json always seems to appear before .yml, so the .yml version would be the one that is "actually" installed. Edit: Looking closer at the code, we actually send the ES requests in parallel, so it's possible that either format gets installed. |
@fearful-symmetry @mtojek do you have any tips on how to debug the tests failures in this PR: https://beats-ci.elastic.co/blue/organizations/jenkins/Ingest-manager%2Fintegrations/detail/PR-725/8/tests/? Initially I'm focussing on getting the pipeline test for |
I think you need to write the config to mark new lines for pipeline tests and probably timezone (as the pipeline doesn't accept lack of it). Something like this:
|
Thanks for the tip, @mtojek. I had already added the |
@mtojek I finally gave up and ran Take a look at the |
@mtojek ignore my previous comment 😄. I had to tweak the |
@fearful-symmetry I added test case files for the |
9eb4fad
to
a9213c8
Compare
* Removing duplicate system/syslog ingest pipeline * Adding changelog entry * Adding pipeline test files * Re-formatting * Renaming files * Adding expected root key * Adding test config * Adding event timezone field * Updating first line pattern * Fixing up fields * Adding more test configs * Formatting one event as a test * Using --generate * Adding tz config * Trying a different regex * Fixing regexp
What does this PR do?
This PR removes the duplicate ingest pipeline in the
system/syslog
data stream.Checklist
changelog.yml
file.How to test this PR locally
See testing instructions in elastic/kibana#91778.