Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Filebeat] system/syslog fileset sets event.type to illegal value #20365

Closed
leehinman opened this issue Jul 30, 2020 · 1 comment · Fixed by #20390
Closed

[Filebeat] system/syslog fileset sets event.type to illegal value #20365

leehinman opened this issue Jul 30, 2020 · 1 comment · Fixed by #20390
Labels
bug Filebeat Filebeat

Comments

@leehinman
Copy link
Contributor

event.type is being set to "event"

should be event.kind being set to "event"
@leehinman leehinman added bug needs_backport PR is waiting to be backported to other branches. Team:SIEM labels Jul 30, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/siem (Team:SIEM)

@leehinman leehinman added the Filebeat Filebeat label Jul 30, 2020
@leehinman leehinman mentioned this issue Jul 31, 2020
Merged
3 tasks
leehinman added a commit to leehinman/beats that referenced this issue Jul 31, 2020
@leehinman
fix event.type have incorrect value in system/syslog
e5749ba 
event.type was being set to event.  event is not one of the allowed
values for event.type in ECS.  Changing field to event.kind, where
event is an allowed value.

Closes elastic#20365
leehinman added a commit that referenced this issue Aug 10, 2020
@leehinman
fix event.type have incorrect value in system/syslog (#20390)
6843c55 
event.type was being set to event.  event is not one of the allowed
values for event.type in ECS.  Changing field to event.kind, where
event is an allowed value.

Closes #20365
@leehinman leehinman mentioned this issue Aug 10, 2020
Merged
3 tasks
leehinman added a commit to leehinman/beats that referenced this issue Aug 10, 2020
@leehinman
fix event.type have incorrect value in system/syslog (elastic#20390)
9e53066 
event.type was being set to event.  event is not one of the allowed
values for event.type in ECS.  Changing field to event.kind, where
event is an allowed value.

Closes elastic#20365

(cherry picked from commit 6843c55)
leehinman added a commit that referenced this issue Aug 11, 2020
@leehinman
fix event.type have incorrect value in system/syslog (#20390) (#20518)
3035154 
event.type was being set to event.  event is not one of the allowed
values for event.type in ECS.  Changing field to event.kind, where
event is an allowed value.

Closes #20365

(cherry picked from commit 6843c55)
melchiormoulin pushed a commit to melchiormoulin/beats that referenced this issue Oct 14, 2020
@leehinman @melchiormoulin
fix event.type have incorrect value in system/syslog (elastic#20390)
d255d05 
event.type was being set to event.  event is not one of the allowed
values for event.type in ECS.  Changing field to event.kind, where
event is an allowed value.

Closes elastic#20365
@andrewkroh andrewkroh removed the needs_backport PR is waiting to be backported to other branches. label Dec 15, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Filebeat Filebeat
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Filebeat] fix event.type have incorrect value in system/syslog leehinman/beats
3 participants
@andrewkroh @elasticmachine @leehinman