Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Filebeat] PANW Module - Pass-through other log types #16815

Closed
jvernon214 opened this issue Mar 4, 2020 · 2 comments · Fixed by #19375
Closed

[Filebeat] PANW Module - Pass-through other log types #16815

jvernon214 opened this issue Mar 4, 2020 · 2 comments · Fixed by #19375
Labels
enhancement Filebeat Filebeat

Comments

@jvernon214
Copy link

Describe the enhancement:
Currently the Filebeat PANW module discards events that are not of type Traffic or Threat. This module should minimally not discard the non threat/traffic logs as they're still useful.
@elasticmachine
Copy link
Collaborator

Pinging @elastic/siem (Team:SIEM)

@andrewkroh andrewkroh changed the title [Filebeat] PANW Module [Filebeat] PANW Module - Pass-through other log types Mar 5, 2020
@nanjum88
Copy link

@andrewkroh - I created a similar ticket on Jan 15h, 2020. #15603

CC: @mukeshelastic

@andrewkroh andrewkroh mentioned this issue Jun 24, 2020
Merged
6 tasks
andrewkroh added a commit to andrewkroh/beats that referenced this issue Jun 24, 2020
@andrewkroh
Pass-thru other panw.panos log types
09bf7a6 
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC.
This way we can retain the other log data but don't necessarily handle the parsing of it.

Closes elastic#16815
andrewkroh added a commit that referenced this issue Jun 26, 2020
@andrewkroh
Pass-thru other panw.panos log types (#19375)
53b32f9 
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC.
This way we can retain the other log data but don't necessarily handle the parsing of it.

Closes #16815
@zube zube bot added [zube]: Done and removed [zube]: Inbox labels Jun 26, 2020
@andrewkroh andrewkroh mentioned this issue Jun 26, 2020
Merged
6 tasks
andrewkroh added a commit to andrewkroh/beats that referenced this issue Jul 14, 2020
@andrewkroh
Pass-thru other panw.panos log types (elastic#19375)
f19ac0f 
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC.
This way we can retain the other log data but don't necessarily handle the parsing of it.

Closes elastic#16815

(cherry picked from commit 53b32f9)
andrewkroh added a commit that referenced this issue Jul 14, 2020
@andrewkroh
Pass-thru other panw.panos log types (#19375) (#19473)
b9e246e 
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC.
This way we can retain the other log data but don't necessarily handle the parsing of it.

Closes #16815

(cherry picked from commit 53b32f9)
@zube zube bot removed the [zube]: Done label Oct 13, 2020
melchiormoulin pushed a commit to melchiormoulin/beats that referenced this issue Oct 14, 2020
@andrewkroh @melchiormoulin
Pass-thru other panw.panos log types (elastic#19375)
03718c7 
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC.
This way we can retain the other log data but don't necessarily handle the parsing of it.

Closes elastic#16815
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Filebeat Filebeat
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Filebeat] Pass-thru other panw.panos log types andrewkroh/beats
5 participants
@andresrc @jvernon214 @andrewkroh @elasticmachine @nanjum88