From f187d0d667d0c9c20f57cdc72b47e8a944e640a6 Mon Sep 17 00:00:00 2001 From: Panos Koutsovasilis Date: Wed, 24 Apr 2024 19:11:28 +0300 Subject: [PATCH] [juniper_junos]: include log.file.device_id and log.file.inode in base-fields (#9657) * fix(juniper_junos): include log.file.device_id and log.file.inode in base-fields.yml * fix(juniper_junos): update README.md --- packages/juniper_junos/changelog.yml | 5 +++++ .../juniper_junos/data_stream/log/fields/base-fields.yml | 6 ++++++ packages/juniper_junos/docs/README.md | 2 ++ packages/juniper_junos/manifest.yml | 2 +- 4 files changed, 14 insertions(+), 1 deletion(-) diff --git a/packages/juniper_junos/changelog.yml b/packages/juniper_junos/changelog.yml index 87f4fc8eaf2d..aae7b3be1826 100644 --- a/packages/juniper_junos/changelog.yml +++ b/packages/juniper_junos/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.10.2" + changes: + - description: Define missing fields + type: bugfix + link: https://github.com/elastic/integrations/pulls/9657 - version: "0.10.1" changes: - description: Changed owners diff --git a/packages/juniper_junos/data_stream/log/fields/base-fields.yml b/packages/juniper_junos/data_stream/log/fields/base-fields.yml index 9def860af3a9..c88ea3ffe77a 100644 --- a/packages/juniper_junos/data_stream/log/fields/base-fields.yml +++ b/packages/juniper_junos/data_stream/log/fields/base-fields.yml @@ -27,6 +27,12 @@ example: /var/log/fun-times.log ignore_above: 1024 type: keyword +- name: log.file.device_id + description: Device Id of the log file this event came from. + type: keyword +- name: log.file.inode + type: keyword + description: Inode of the log file this event came from. - name: log.source.address description: Source address from which the log event was read / sent from. type: keyword diff --git a/packages/juniper_junos/docs/README.md b/packages/juniper_junos/docs/README.md index febc27607a82..899e0a9055a9 100644 --- a/packages/juniper_junos/docs/README.md +++ b/packages/juniper_junos/docs/README.md @@ -177,6 +177,8 @@ An example event for `log` looks as following: | http.request.method | HTTP request method. The value should retain its casing from the original event. For example, `GET`, `get`, and `GeT` are all considered valid values for this field. | keyword | | http.request.referrer | Referrer for this HTTP request. | keyword | | input.type | Type of Filebeat input. | keyword | +| log.file.device_id | Device Id of the log file this event came from. | keyword | +| log.file.inode | Inode of the log file this event came from. | keyword | | log.file.path | Full path to the log file this event came from. | keyword | | log.flags | Flags for the log file. | keyword | | log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | diff --git a/packages/juniper_junos/manifest.yml b/packages/juniper_junos/manifest.yml index 2fdc01018dc5..f3b6adfe7f32 100644 --- a/packages/juniper_junos/manifest.yml +++ b/packages/juniper_junos/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: juniper_junos title: Juniper JunOS (Deprecated) -version: "0.10.1" +version: "0.10.2" description: Deprecated. Use the Juniper SRX package instead. categories: ["network", "security"] release: experimental