Sync changes to CheckPoint Firewall

Change type of event.severity. elastic/integrations#409
andrewkroh · Jan 11, 2021 · c422289 · c422289
1 parent 09128b5
commit c422289
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/x-pack/filebeat/module/checkpoint/firewall/ingest/pipeline.yml b/x-pack/filebeat/module/checkpoint/firewall/ingest/pipeline.yml
@@ -309,9 +309,11 @@ processors:
     type: long
     ignore_failure: true
     ignore_missing: true
-- rename:
+- convert:
     field: checkpoint.severity
     target_field: event.severity
+    type: long
+    ignore_failure: true
     ignore_missing: true
 - rename:
     field: checkpoint.action
@@ -859,6 +861,7 @@ processors:
     - checkpoint.xlatedst
     - checkpoint.uid
     - checkpoint.time
+    - checkpoint.severity
     - syslog5424_ts
     - _temp_
     ignore_missing: true