[filebeat][decode_cef] getting error while parsing empty ip/integer fields. #40236

muskan-agarwal26 · 2024-07-15T09:49:24Z

When using the decode_cef processor to parse a CEF log, it fails to disregard empty fields of type IP or integer, resulting in the following error.

"error":{"message":["error in field 'cn1': strconv.ParseInt: parsing \"\": invalid syntax","error in field 'sourceTranslatedAddress': value is not a valid IP address","error in field 'dst': value is not a valid IP address","error in field 'destinationTranslatedAddress': value is not a valid IP address"]}

Sample CEF Log:

2536 <14>1 2024-07-04T09:16:35.992Z logfwd20-251f92c6-abd9-4da9-a32f-ea60baed66ca-taskmanager-wx85p logforwarder - panwlogs - CEF:0|Palo Alto Networks|LF|2.0|TRAFFIC|end|3|dtz=UTC rt=Jul 04 2024 09:03:48 deviceExternalId=no-serial PanOSConfigVersion=10.2 start=Jul 04 2024 09:03:39 src=8.211.42.91 dst= sourceTranslatedAddress= destinationTranslatedAddress= cs1=intrazone-default cs1Label=Rule suser= duser= app=unknown-udp cs3=vsys1 cs3Label=VirtualLocation cs4=untrust cs4Label=FromZone cs5=untrust cs5Label=ToZone deviceInboundInterface=ethernet1/1 deviceOutboundInterface=ethernet1/1 cs6=Cortex Data Lake cs6Label=LogSetting cn1= cn1Label=SessionID cnt=1 spt=13442 dpt=500 sourceTranslatedPort=0 destinationTranslatedPort=0 proto=udp act=allow PanOSBytes=82 out=82 in=0 cn2=1 cn2Label=PacketsTotal PanOSSessionStartTime=Jul 04 2024 09:03:05 cn3=0 cn3Label=SessionDuration cs2=any cs2Label=URLCategory externalId=7361339208201408573 PanOSSourceLocation=DE PanOSDestinationLocation=US PanOSPacketsSent=1 PanOSPacketsReceived=0 reason=aged-out PanOSDGHierarchyLevel1=65544 PanOSDGHierarchyLevel2=65545 PanOSDGHierarchyLevel3=65546 PanOSDGHierarchyLevel4=65550 PanOSVirtualSystemName= dvchost=GP cloud service cat=from-policy PanOSSourceUUID= PanOSDestinationUUID= PanOSIMSI=0 PanOSIMEI= PanOSParentSessionID=0 PanOSParentStarttime=Jan 01 1970 00:00:00 PanOSTunnel=N/A PanOSEndpointAssociationID=0 PanOSChunksTotal=0 PanOSChunksSent=0 PanOSChunksReceived=0 PanOSRuleUUID=40b8842f-eec3-4e04-b760-6a2ce4698fde PanOSHTTP2Connection=0 PanOSLinkChangeCount=0 PanOSSDWANPolicyName= PanOSLinkSwitches= PanOSSDWANCluster= PanOSSDWANDeviceType= PanOSSDWANClusterType= PanOSSDWANSite= PanOSDynamicUserGroupName= PanOSX-Forwarded-ForIP= PanOSSourceDeviceCategory= PanOSSourceDeviceProfile= PanOSSourceDeviceModel= PanOSSourceDeviceVendor= PanOSSourceDeviceOSFamily= PanOSSourceDeviceOSVersion= PanOSSourceDeviceHost= PanOSSourceDeviceMac= PanOSDestinationDeviceCategory= PanOSDestinationDeviceProfile= PanOSDestinationDeviceModel= PanOSDestinationDeviceVendor= PanOSDestinationDeviceOSFamily= PanOSDestinationDeviceOSVersion= PanOSDestinationDeviceHost= PanOSDestinationDeviceMac= PanOSContainerID= PanOSContainerNameSpace= PanOSContainerName= PanOSSourceEDL= PanOSDestinationEDL= PanOSGPHostID= PanOSEndpointSerialNumber= PanOSSourceDynamicAddressGroup= PanOSDestinationDynamicAddressGroup= PanOSHASessionOwner= PanOSTimeGeneratedHighResolution=Jul 04 2024 09:03:39 PanOSNSSAINetworkSliceType= PanOSNSSAINetworkSliceDifferentiator=

Filebeat configuration:

filebeat.inputs:
- type: tcp
  host: "127.0.0.1:9528"
  processors:
  - copy_fields:
      fields:
        - from: message
          to: event.original
      fail_on_error: true
      ignore_missing: false
  - replace:
      fields:
        - field: "message"
          pattern: "PanOSX-Forwarded-ForIP="
          replacement: "PanOSXForwardedForIP="
        - field: "message"
          pattern: "PanOSX-Forwarded-For="
          replacement: "PanOSXForwardedFor="
        - field: "message"
          pattern: "PanOSSplit-tunnelconfiguration="
          replacement: "PanOSSplitTunnelconfiguration="
      ignore_missing: false
      fail_on_error: true
  - decode_cef:
      field: message
      ecs: false
  - drop_fields:
      fields: ["message"]
      ignore_missing: false

The text was updated successfully, but these errors were encountered:

botelastic · 2024-07-15T09:50:00Z

This issue doesn't have a Team:<team> label.

commit 8940f7d Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 21:02:27 2024 +0530 fix: update notice commit 58bc2ff Merge: 9433065 dd671a6 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Tue Jul 23 20:59:16 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 9433065 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 20:57:58 2024 +0530 chore: update tests commit c1d4aba Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 20:55:45 2024 +0530 fix: add specifc version metric-system commit dd671a6 Author: Vinit Chauhan <chauhanvinit23@gmail.com> Date: Tue Jul 23 10:20:37 2024 -0400 filebeat/decode_cef - Add option to ignore empty values (elastic#40268) Added option to ignore empty values in the decode_cef processor. In the decode_cef processor, when there are empty values in the extensions section, we get errors during log parsing. This change provides a flag in decode_cef config to override this default behavior and ignore the fields with empty value. Some example errors that this helps handle are: error in field 'cn1': strconv.ParseInt: parsing "": invalid syntax error in field 'destinationTranslatedAddress': value is not a valid IP address Closes elastic#40236 commit add7a45 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 19:13:54 2024 +0530 fix: unit test commit 0293645 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:31:49 2024 +0530 fix: remove ioutil commit e842010 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:14:01 2024 +0530 fix: update notice commit 246d730 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:13:15 2024 +0530 fix: add license, remove uuid5 commit ac01831 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 15:03:08 2024 +0530 update: go.mod commit 42101c8 Merge: 091fff8 7263696 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Tue Jul 23 15:02:20 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 091fff8 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 14:58:51 2024 +0530 fix: test commit fd6d312 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 14:57:13 2024 +0530 fix: update go.mod, update uuid and metrics version commit 7263696 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jul 22 19:32:38 2024 +0000 build(deps): bump github.com/elastic/elastic-agent-libs from 0.9.13 to 0.9.15 (elastic#40300) * build(deps): bump github.com/elastic/elastic-agent-libs Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.9.13 to 0.9.15. - [Release notes](https://github.com/elastic/elastic-agent-libs/releases) - [Commits](elastic/elastic-agent-libs@v0.9.13...v0.9.15) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-libs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit e3d8f3b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jul 22 13:44:51 2024 -0400 build(deps): bump github.com/elastic/elastic-agent-client/v7 from 7.14.0 to 7.15.0 (elastic#40304) * build(deps): bump github.com/elastic/elastic-agent-client/v7 Bumps [github.com/elastic/elastic-agent-client/v7](https://github.com/elastic/elastic-agent-client) from 7.14.0 to 7.15.0. - [Release notes](https://github.com/elastic/elastic-agent-client/releases) - [Commits](elastic/elastic-agent-client@v7.14.0...v7.15.0) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-client/v7 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 3e95d53 Author: Maurizio Branca <maurizio.branca@elastic.co> Date: Mon Jul 22 18:24:59 2024 +0200 Add CSP SDKs to the `allow` list (elastic#40150) commit f3f772f Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Fri Jul 19 17:52:19 2024 +0530 [filebeat][log] Enable status reporter for log input (elastic#40075) * chore: initial commit, without tests * chore: tests * chore: add test cases * fix: add null check * fix: remove println * fix: lint * goimports * remove println * fix: changelog * update test for windows * fix: fix some comments * chore: add starting state in NewInput * fix: add sample output to verify the status * fix: remove println * fix: add integration tag * Update CHANGELOG.next.asciidoc Co-authored-by: Denis <denis@rdner.de> * fix: remove redundant bool * fix: add degraded --------- Co-authored-by: Pierre HILBERT <pierre.hilbert@elastic.co> Co-authored-by: Denis <denis@rdner.de> commit 463bbb4 Author: Dan Kortschak <dan.kortschak@elastic.co> Date: Fri Jul 19 06:32:29 2024 +0930 x-pack/filebeat/input/websocket: do minor clean-up in main loop (elastic#40145) * remove unneeded goroutine * fix logging: The body was previously not being logged since an io.ReadCloser is not a JSON-serialisable type. commit 908553d Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 19:04:52 2024 +0530 chore: rename function commit 51a7854 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 18:42:00 2024 +0530 chore: update process summary commit 21b102b Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 16:44:19 2024 +0530 chore: add degradable error commit 942f8c7 Author: Alejandro Fernández Haro <alejandro.haro@elastic.co> Date: Wed Jul 17 20:52:14 2024 +0200 [Metricbeat/kibana/status] Add support for v8format (elastic#40275) commit 1bfcecb Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 17 23:31:10 2024 +0530 fix: multierror support

commit 18d38af Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:23:54 2024 +0530 fix: add comments commit 806cda4 Merge: 2e0bd28 b5b67a1 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Wed Jul 24 01:20:38 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 2e0bd28 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:20:14 2024 +0530 fix: typo commit 82dc103 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:19:35 2024 +0530 fix: typo commit b5b67a1 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Jul 23 18:13:16 2024 +0000 build(deps): bump the azure-sdks group with 2 updates (elastic#40310) * build(deps): bump the azure-sdks group with 2 updates Bumps the azure-sdks group with 2 updates: [github.com/Azure/go-autorest/autorest](https://github.com/Azure/go-autorest) and [github.com/Azure/go-autorest/autorest/adal](https://github.com/Azure/go-autorest). Updates `github.com/Azure/go-autorest/autorest` from 0.11.28 to 0.11.29 - [Release notes](https://github.com/Azure/go-autorest/releases) - [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md) - [Commits](Azure/go-autorest@autorest/v0.11.28...autorest/v0.11.29) Updates `github.com/Azure/go-autorest/autorest/adal` from 0.9.21 to 0.9.22 - [Release notes](https://github.com/Azure/go-autorest/releases) - [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md) - [Commits](Azure/go-autorest@autorest/adal/v0.9.21...autorest/adal/v0.9.22) --- updated-dependencies: - dependency-name: github.com/Azure/go-autorest/autorest dependency-type: direct:production update-type: version-update:semver-patch dependency-group: azure-sdks - dependency-name: github.com/Azure/go-autorest/autorest/adal dependency-type: direct:production update-type: version-update:semver-patch dependency-group: azure-sdks ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 197396f Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Jul 23 13:32:02 2024 -0400 build(deps): bump the gcp-sdks group with 9 updates (elastic#40311) * build(deps): bump the gcp-sdks group with 9 updates Bumps the gcp-sdks group with 9 updates: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) | `1.55.0` | `1.62.0` | | [cloud.google.com/go/monitoring](https://github.com/googleapis/google-cloud-go) | `1.16.0` | `1.20.1` | | [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go) | `1.33.0` | `1.40.0` | | [cloud.google.com/go/compute](https://github.com/googleapis/google-cloud-go) | `1.23.0` | `1.27.2` | | [cloud.google.com/go/redis](https://github.com/googleapis/google-cloud-go) | `1.13.1` | `1.16.2` | | [cloud.google.com/go/compute/metadata](https://github.com/googleapis/google-cloud-go) | `0.2.3` | `0.4.0` | | [cloud.google.com/go/iam](https://github.com/googleapis/google-cloud-go) | `1.1.2` | `1.1.10` | | [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go) | `0.5.1` | `0.5.9` | | [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.30.1` | `1.42.0` | Updates `cloud.google.com/go/bigquery` from 1.55.0 to 1.62.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@spanner/v1.55.0...spanner/v1.62.0) Updates `cloud.google.com/go/monitoring` from 1.16.0 to 1.20.1 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.16.0...video/v1.20.1) Updates `cloud.google.com/go/pubsub` from 1.33.0 to 1.40.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.33.0...pubsub/v1.40.0) Updates `cloud.google.com/go/compute` from 1.23.0 to 1.27.2 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.23.0...compute/v1.27.2) Updates `cloud.google.com/go/redis` from 1.13.1 to 1.16.2 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@asset/v1.13.1...redis/v1.16.2) Updates `cloud.google.com/go/compute/metadata` from 0.2.3 to 0.4.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@netapp/v0.2.3...v0.4.0) Updates `cloud.google.com/go/iam` from 1.1.2 to 1.1.10 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@iam/v1.1.2...iam/v1.1.10) Updates `cloud.google.com/go/longrunning` from 0.5.1 to 0.5.9 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@auth/v0.5.1...longrunning/v0.5.9) Updates `cloud.google.com/go/storage` from 1.30.1 to 1.42.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.30.1...spanner/v1.42.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/bigquery dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/monitoring dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/pubsub dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/compute dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/redis dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/compute/metadata dependency-type: indirect update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/iam dependency-type: indirect update-type: version-update:semver-patch dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/longrunning dependency-type: indirect update-type: version-update:semver-patch dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/storage dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 8940f7d Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 21:02:27 2024 +0530 fix: update notice commit 58bc2ff Merge: 9433065 dd671a6 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Tue Jul 23 20:59:16 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 9433065 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 20:57:58 2024 +0530 chore: update tests commit c1d4aba Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 20:55:45 2024 +0530 fix: add specifc version metric-system commit dd671a6 Author: Vinit Chauhan <chauhanvinit23@gmail.com> Date: Tue Jul 23 10:20:37 2024 -0400 filebeat/decode_cef - Add option to ignore empty values (elastic#40268) Added option to ignore empty values in the decode_cef processor. In the decode_cef processor, when there are empty values in the extensions section, we get errors during log parsing. This change provides a flag in decode_cef config to override this default behavior and ignore the fields with empty value. Some example errors that this helps handle are: error in field 'cn1': strconv.ParseInt: parsing "": invalid syntax error in field 'destinationTranslatedAddress': value is not a valid IP address Closes elastic#40236 commit add7a45 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 19:13:54 2024 +0530 fix: unit test commit 0293645 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:31:49 2024 +0530 fix: remove ioutil commit e842010 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:14:01 2024 +0530 fix: update notice commit 246d730 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:13:15 2024 +0530 fix: add license, remove uuid5 commit ac01831 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 15:03:08 2024 +0530 update: go.mod commit 42101c8 Merge: 091fff8 7263696 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Tue Jul 23 15:02:20 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 091fff8 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 14:58:51 2024 +0530 fix: test commit fd6d312 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 14:57:13 2024 +0530 fix: update go.mod, update uuid and metrics version commit 7263696 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jul 22 19:32:38 2024 +0000 build(deps): bump github.com/elastic/elastic-agent-libs from 0.9.13 to 0.9.15 (elastic#40300) * build(deps): bump github.com/elastic/elastic-agent-libs Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.9.13 to 0.9.15. - [Release notes](https://github.com/elastic/elastic-agent-libs/releases) - [Commits](elastic/elastic-agent-libs@v0.9.13...v0.9.15) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-libs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit e3d8f3b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jul 22 13:44:51 2024 -0400 build(deps): bump github.com/elastic/elastic-agent-client/v7 from 7.14.0 to 7.15.0 (elastic#40304) * build(deps): bump github.com/elastic/elastic-agent-client/v7 Bumps [github.com/elastic/elastic-agent-client/v7](https://github.com/elastic/elastic-agent-client) from 7.14.0 to 7.15.0. - [Release notes](https://github.com/elastic/elastic-agent-client/releases) - [Commits](elastic/elastic-agent-client@v7.14.0...v7.15.0) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-client/v7 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 3e95d53 Author: Maurizio Branca <maurizio.branca@elastic.co> Date: Mon Jul 22 18:24:59 2024 +0200 Add CSP SDKs to the `allow` list (elastic#40150) commit f3f772f Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Fri Jul 19 17:52:19 2024 +0530 [filebeat][log] Enable status reporter for log input (elastic#40075) * chore: initial commit, without tests * chore: tests * chore: add test cases * fix: add null check * fix: remove println * fix: lint * goimports * remove println * fix: changelog * update test for windows * fix: fix some comments * chore: add starting state in NewInput * fix: add sample output to verify the status * fix: remove println * fix: add integration tag * Update CHANGELOG.next.asciidoc Co-authored-by: Denis <denis@rdner.de> * fix: remove redundant bool * fix: add degraded --------- Co-authored-by: Pierre HILBERT <pierre.hilbert@elastic.co> Co-authored-by: Denis <denis@rdner.de> commit 463bbb4 Author: Dan Kortschak <dan.kortschak@elastic.co> Date: Fri Jul 19 06:32:29 2024 +0930 x-pack/filebeat/input/websocket: do minor clean-up in main loop (elastic#40145) * remove unneeded goroutine * fix logging: The body was previously not being logged since an io.ReadCloser is not a JSON-serialisable type. commit 908553d Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 19:04:52 2024 +0530 chore: rename function commit 51a7854 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 18:42:00 2024 +0530 chore: update process summary commit 21b102b Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 16:44:19 2024 +0530 chore: add degradable error commit 942f8c7 Author: Alejandro Fernández Haro <alejandro.haro@elastic.co> Date: Wed Jul 17 20:52:14 2024 +0200 [Metricbeat/kibana/status] Add support for v8format (elastic#40275) commit 1bfcecb Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 17 23:31:10 2024 +0530 fix: multierror support

#40400) * fix: initial commit * tests: add integration test cases * fix: expand testing scenarios * fix: add comments * fix: move integration tests to system/process * cleanup * fix: ci * fix: ci and typos * chore: update changelog * fix: add helper * fix: remove extra space * fix: ci * fix: move integration tests to x-pack * fix: add null check * fix: ci * fix: remove unused code * fix: lint * fix: lint and imports * fix: ci windows * inting for windows * fix lint linux * fix: go imports * fix: switch to the generic way * chore: make error descriptive * fix: move status report after fetch * fix: typo * fix: remove nolint * Squashed commit of the following: commit 18d38af Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:23:54 2024 +0530 fix: add comments commit 806cda4 Merge: 2e0bd28 b5b67a1 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Wed Jul 24 01:20:38 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 2e0bd28 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:20:14 2024 +0530 fix: typo commit 82dc103 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:19:35 2024 +0530 fix: typo commit b5b67a1 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Jul 23 18:13:16 2024 +0000 build(deps): bump the azure-sdks group with 2 updates (#40310) * build(deps): bump the azure-sdks group with 2 updates Bumps the azure-sdks group with 2 updates: [github.com/Azure/go-autorest/autorest](https://github.com/Azure/go-autorest) and [github.com/Azure/go-autorest/autorest/adal](https://github.com/Azure/go-autorest). Updates `github.com/Azure/go-autorest/autorest` from 0.11.28 to 0.11.29 - [Release notes](https://github.com/Azure/go-autorest/releases) - [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md) - [Commits](Azure/go-autorest@autorest/v0.11.28...autorest/v0.11.29) Updates `github.com/Azure/go-autorest/autorest/adal` from 0.9.21 to 0.9.22 - [Release notes](https://github.com/Azure/go-autorest/releases) - [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md) - [Commits](Azure/go-autorest@autorest/adal/v0.9.21...autorest/adal/v0.9.22) --- updated-dependencies: - dependency-name: github.com/Azure/go-autorest/autorest dependency-type: direct:production update-type: version-update:semver-patch dependency-group: azure-sdks - dependency-name: github.com/Azure/go-autorest/autorest/adal dependency-type: direct:production update-type: version-update:semver-patch dependency-group: azure-sdks ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 197396f Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Jul 23 13:32:02 2024 -0400 build(deps): bump the gcp-sdks group with 9 updates (#40311) * build(deps): bump the gcp-sdks group with 9 updates Bumps the gcp-sdks group with 9 updates: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) | `1.55.0` | `1.62.0` | | [cloud.google.com/go/monitoring](https://github.com/googleapis/google-cloud-go) | `1.16.0` | `1.20.1` | | [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go) | `1.33.0` | `1.40.0` | | [cloud.google.com/go/compute](https://github.com/googleapis/google-cloud-go) | `1.23.0` | `1.27.2` | | [cloud.google.com/go/redis](https://github.com/googleapis/google-cloud-go) | `1.13.1` | `1.16.2` | | [cloud.google.com/go/compute/metadata](https://github.com/googleapis/google-cloud-go) | `0.2.3` | `0.4.0` | | [cloud.google.com/go/iam](https://github.com/googleapis/google-cloud-go) | `1.1.2` | `1.1.10` | | [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go) | `0.5.1` | `0.5.9` | | [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.30.1` | `1.42.0` | Updates `cloud.google.com/go/bigquery` from 1.55.0 to 1.62.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@spanner/v1.55.0...spanner/v1.62.0) Updates `cloud.google.com/go/monitoring` from 1.16.0 to 1.20.1 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.16.0...video/v1.20.1) Updates `cloud.google.com/go/pubsub` from 1.33.0 to 1.40.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.33.0...pubsub/v1.40.0) Updates `cloud.google.com/go/compute` from 1.23.0 to 1.27.2 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.23.0...compute/v1.27.2) Updates `cloud.google.com/go/redis` from 1.13.1 to 1.16.2 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@asset/v1.13.1...redis/v1.16.2) Updates `cloud.google.com/go/compute/metadata` from 0.2.3 to 0.4.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@netapp/v0.2.3...v0.4.0) Updates `cloud.google.com/go/iam` from 1.1.2 to 1.1.10 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@iam/v1.1.2...iam/v1.1.10) Updates `cloud.google.com/go/longrunning` from 0.5.1 to 0.5.9 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@auth/v0.5.1...longrunning/v0.5.9) Updates `cloud.google.com/go/storage` from 1.30.1 to 1.42.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.30.1...spanner/v1.42.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/bigquery dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/monitoring dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/pubsub dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/compute dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/redis dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/compute/metadata dependency-type: indirect update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/iam dependency-type: indirect update-type: version-update:semver-patch dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/longrunning dependency-type: indirect update-type: version-update:semver-patch dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/storage dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 8940f7d Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 21:02:27 2024 +0530 fix: update notice commit 58bc2ff Merge: 9433065 dd671a6 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Tue Jul 23 20:59:16 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 9433065 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 20:57:58 2024 +0530 chore: update tests commit c1d4aba Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 20:55:45 2024 +0530 fix: add specifc version metric-system commit dd671a6 Author: Vinit Chauhan <chauhanvinit23@gmail.com> Date: Tue Jul 23 10:20:37 2024 -0400 filebeat/decode_cef - Add option to ignore empty values (#40268) Added option to ignore empty values in the decode_cef processor. In the decode_cef processor, when there are empty values in the extensions section, we get errors during log parsing. This change provides a flag in decode_cef config to override this default behavior and ignore the fields with empty value. Some example errors that this helps handle are: error in field 'cn1': strconv.ParseInt: parsing "": invalid syntax error in field 'destinationTranslatedAddress': value is not a valid IP address Closes #40236 commit add7a45 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 19:13:54 2024 +0530 fix: unit test commit 0293645 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:31:49 2024 +0530 fix: remove ioutil commit e842010 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:14:01 2024 +0530 fix: update notice commit 246d730 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:13:15 2024 +0530 fix: add license, remove uuid5 commit ac01831 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 15:03:08 2024 +0530 update: go.mod commit 42101c8 Merge: 091fff8 7263696 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Tue Jul 23 15:02:20 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 091fff8 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 14:58:51 2024 +0530 fix: test commit fd6d312 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 14:57:13 2024 +0530 fix: update go.mod, update uuid and metrics version commit 7263696 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jul 22 19:32:38 2024 +0000 build(deps): bump github.com/elastic/elastic-agent-libs from 0.9.13 to 0.9.15 (#40300) * build(deps): bump github.com/elastic/elastic-agent-libs Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.9.13 to 0.9.15. - [Release notes](https://github.com/elastic/elastic-agent-libs/releases) - [Commits](elastic/elastic-agent-libs@v0.9.13...v0.9.15) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-libs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit e3d8f3b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jul 22 13:44:51 2024 -0400 build(deps): bump github.com/elastic/elastic-agent-client/v7 from 7.14.0 to 7.15.0 (#40304) * build(deps): bump github.com/elastic/elastic-agent-client/v7 Bumps [github.com/elastic/elastic-agent-client/v7](https://github.com/elastic/elastic-agent-client) from 7.14.0 to 7.15.0. - [Release notes](https://github.com/elastic/elastic-agent-client/releases) - [Commits](elastic/elastic-agent-client@v7.14.0...v7.15.0) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-client/v7 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 3e95d53 Author: Maurizio Branca <maurizio.branca@elastic.co> Date: Mon Jul 22 18:24:59 2024 +0200 Add CSP SDKs to the `allow` list (#40150) commit f3f772f Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Fri Jul 19 17:52:19 2024 +0530 [filebeat][log] Enable status reporter for log input (#40075) * chore: initial commit, without tests * chore: tests * chore: add test cases * fix: add null check * fix: remove println * fix: lint * goimports * remove println * fix: changelog * update test for windows * fix: fix some comments * chore: add starting state in NewInput * fix: add sample output to verify the status * fix: remove println * fix: add integration tag * Update CHANGELOG.next.asciidoc Co-authored-by: Denis <denis@rdner.de> * fix: remove redundant bool * fix: add degraded --------- Co-authored-by: Pierre HILBERT <pierre.hilbert@elastic.co> Co-authored-by: Denis <denis@rdner.de> commit 463bbb4 Author: Dan Kortschak <dan.kortschak@elastic.co> Date: Fri Jul 19 06:32:29 2024 +0930 x-pack/filebeat/input/websocket: do minor clean-up in main loop (#40145) * remove unneeded goroutine * fix logging: The body was previously not being logged since an io.ReadCloser is not a JSON-serialisable type. commit 908553d Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 19:04:52 2024 +0530 chore: rename function commit 51a7854 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 18:42:00 2024 +0530 chore: update process summary commit 21b102b Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 16:44:19 2024 +0530 chore: add degradable error commit 942f8c7 Author: Alejandro Fernández Haro <alejandro.haro@elastic.co> Date: Wed Jul 17 20:52:14 2024 +0200 [Metricbeat/kibana/status] Add support for v8format (#40275) commit 1bfcecb Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 17 23:31:10 2024 +0530 fix: multierror support * fix: nits and comments * fix: fix notice, and test * fix notice * fix notice * fix: lint * fix: nits * fix: update notice, go.mod * fix: update notice, go.mod to v0.11.0 * temp * fix: use ErrorIs * fix: use ErrorIsf --------- Co-authored-by: Pierre HILBERT <pierre.hilbert@elastic.co>

#40400) * fix: initial commit * tests: add integration test cases * fix: expand testing scenarios * fix: add comments * fix: move integration tests to system/process * cleanup * fix: ci * fix: ci and typos * chore: update changelog * fix: add helper * fix: remove extra space * fix: ci * fix: move integration tests to x-pack * fix: add null check * fix: ci * fix: remove unused code * fix: lint * fix: lint and imports * fix: ci windows * inting for windows * fix lint linux * fix: go imports * fix: switch to the generic way * chore: make error descriptive * fix: move status report after fetch * fix: typo * fix: remove nolint * Squashed commit of the following: commit 18d38af Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:23:54 2024 +0530 fix: add comments commit 806cda4 Merge: 2e0bd28 b5b67a1 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Wed Jul 24 01:20:38 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 2e0bd28 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:20:14 2024 +0530 fix: typo commit 82dc103 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 24 01:19:35 2024 +0530 fix: typo commit b5b67a1 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Jul 23 18:13:16 2024 +0000 build(deps): bump the azure-sdks group with 2 updates (#40310) * build(deps): bump the azure-sdks group with 2 updates Bumps the azure-sdks group with 2 updates: [github.com/Azure/go-autorest/autorest](https://github.com/Azure/go-autorest) and [github.com/Azure/go-autorest/autorest/adal](https://github.com/Azure/go-autorest). Updates `github.com/Azure/go-autorest/autorest` from 0.11.28 to 0.11.29 - [Release notes](https://github.com/Azure/go-autorest/releases) - [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md) - [Commits](Azure/go-autorest@autorest/v0.11.28...autorest/v0.11.29) Updates `github.com/Azure/go-autorest/autorest/adal` from 0.9.21 to 0.9.22 - [Release notes](https://github.com/Azure/go-autorest/releases) - [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md) - [Commits](Azure/go-autorest@autorest/adal/v0.9.21...autorest/adal/v0.9.22) --- updated-dependencies: - dependency-name: github.com/Azure/go-autorest/autorest dependency-type: direct:production update-type: version-update:semver-patch dependency-group: azure-sdks - dependency-name: github.com/Azure/go-autorest/autorest/adal dependency-type: direct:production update-type: version-update:semver-patch dependency-group: azure-sdks ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 197396f Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue Jul 23 13:32:02 2024 -0400 build(deps): bump the gcp-sdks group with 9 updates (#40311) * build(deps): bump the gcp-sdks group with 9 updates Bumps the gcp-sdks group with 9 updates: | Package | From | To | | --- | --- | --- | | [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) | `1.55.0` | `1.62.0` | | [cloud.google.com/go/monitoring](https://github.com/googleapis/google-cloud-go) | `1.16.0` | `1.20.1` | | [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go) | `1.33.0` | `1.40.0` | | [cloud.google.com/go/compute](https://github.com/googleapis/google-cloud-go) | `1.23.0` | `1.27.2` | | [cloud.google.com/go/redis](https://github.com/googleapis/google-cloud-go) | `1.13.1` | `1.16.2` | | [cloud.google.com/go/compute/metadata](https://github.com/googleapis/google-cloud-go) | `0.2.3` | `0.4.0` | | [cloud.google.com/go/iam](https://github.com/googleapis/google-cloud-go) | `1.1.2` | `1.1.10` | | [cloud.google.com/go/longrunning](https://github.com/googleapis/google-cloud-go) | `0.5.1` | `0.5.9` | | [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.30.1` | `1.42.0` | Updates `cloud.google.com/go/bigquery` from 1.55.0 to 1.62.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@spanner/v1.55.0...spanner/v1.62.0) Updates `cloud.google.com/go/monitoring` from 1.16.0 to 1.20.1 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@kms/v1.16.0...video/v1.20.1) Updates `cloud.google.com/go/pubsub` from 1.33.0 to 1.40.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.33.0...pubsub/v1.40.0) Updates `cloud.google.com/go/compute` from 1.23.0 to 1.27.2 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.23.0...compute/v1.27.2) Updates `cloud.google.com/go/redis` from 1.13.1 to 1.16.2 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@asset/v1.13.1...redis/v1.16.2) Updates `cloud.google.com/go/compute/metadata` from 0.2.3 to 0.4.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@netapp/v0.2.3...v0.4.0) Updates `cloud.google.com/go/iam` from 1.1.2 to 1.1.10 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@iam/v1.1.2...iam/v1.1.10) Updates `cloud.google.com/go/longrunning` from 0.5.1 to 0.5.9 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@auth/v0.5.1...longrunning/v0.5.9) Updates `cloud.google.com/go/storage` from 1.30.1 to 1.42.0 - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/documentai/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.30.1...spanner/v1.42.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/bigquery dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/monitoring dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/pubsub dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/compute dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/redis dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/compute/metadata dependency-type: indirect update-type: version-update:semver-minor dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/iam dependency-type: indirect update-type: version-update:semver-patch dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/longrunning dependency-type: indirect update-type: version-update:semver-patch dependency-group: gcp-sdks - dependency-name: cloud.google.com/go/storage dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gcp-sdks ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 8940f7d Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 21:02:27 2024 +0530 fix: update notice commit 58bc2ff Merge: 9433065 dd671a6 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Tue Jul 23 20:59:16 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 9433065 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 20:57:58 2024 +0530 chore: update tests commit c1d4aba Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 20:55:45 2024 +0530 fix: add specifc version metric-system commit dd671a6 Author: Vinit Chauhan <chauhanvinit23@gmail.com> Date: Tue Jul 23 10:20:37 2024 -0400 filebeat/decode_cef - Add option to ignore empty values (#40268) Added option to ignore empty values in the decode_cef processor. In the decode_cef processor, when there are empty values in the extensions section, we get errors during log parsing. This change provides a flag in decode_cef config to override this default behavior and ignore the fields with empty value. Some example errors that this helps handle are: error in field 'cn1': strconv.ParseInt: parsing "": invalid syntax error in field 'destinationTranslatedAddress': value is not a valid IP address Closes #40236 commit add7a45 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 19:13:54 2024 +0530 fix: unit test commit 0293645 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:31:49 2024 +0530 fix: remove ioutil commit e842010 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:14:01 2024 +0530 fix: update notice commit 246d730 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 16:13:15 2024 +0530 fix: add license, remove uuid5 commit ac01831 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 15:03:08 2024 +0530 update: go.mod commit 42101c8 Merge: 091fff8 7263696 Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Tue Jul 23 15:02:20 2024 +0530 Merge branch 'main' into metricbeat-process-multierr commit 091fff8 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 14:58:51 2024 +0530 fix: test commit fd6d312 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Tue Jul 23 14:57:13 2024 +0530 fix: update go.mod, update uuid and metrics version commit 7263696 Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jul 22 19:32:38 2024 +0000 build(deps): bump github.com/elastic/elastic-agent-libs from 0.9.13 to 0.9.15 (#40300) * build(deps): bump github.com/elastic/elastic-agent-libs Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.9.13 to 0.9.15. - [Release notes](https://github.com/elastic/elastic-agent-libs/releases) - [Commits](elastic/elastic-agent-libs@v0.9.13...v0.9.15) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-libs dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit e3d8f3b Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon Jul 22 13:44:51 2024 -0400 build(deps): bump github.com/elastic/elastic-agent-client/v7 from 7.14.0 to 7.15.0 (#40304) * build(deps): bump github.com/elastic/elastic-agent-client/v7 Bumps [github.com/elastic/elastic-agent-client/v7](https://github.com/elastic/elastic-agent-client) from 7.14.0 to 7.15.0. - [Release notes](https://github.com/elastic/elastic-agent-client/releases) - [Commits](elastic/elastic-agent-client@v7.14.0...v7.15.0) --- updated-dependencies: - dependency-name: github.com/elastic/elastic-agent-client/v7 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update NOTICE.txt --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> commit 3e95d53 Author: Maurizio Branca <maurizio.branca@elastic.co> Date: Mon Jul 22 18:24:59 2024 +0200 Add CSP SDKs to the `allow` list (#40150) commit f3f772f Author: VihasMakwana <121151420+VihasMakwana@users.noreply.github.com> Date: Fri Jul 19 17:52:19 2024 +0530 [filebeat][log] Enable status reporter for log input (#40075) * chore: initial commit, without tests * chore: tests * chore: add test cases * fix: add null check * fix: remove println * fix: lint * goimports * remove println * fix: changelog * update test for windows * fix: fix some comments * chore: add starting state in NewInput * fix: add sample output to verify the status * fix: remove println * fix: add integration tag * Update CHANGELOG.next.asciidoc Co-authored-by: Denis <denis@rdner.de> * fix: remove redundant bool * fix: add degraded --------- Co-authored-by: Pierre HILBERT <pierre.hilbert@elastic.co> Co-authored-by: Denis <denis@rdner.de> commit 463bbb4 Author: Dan Kortschak <dan.kortschak@elastic.co> Date: Fri Jul 19 06:32:29 2024 +0930 x-pack/filebeat/input/websocket: do minor clean-up in main loop (#40145) * remove unneeded goroutine * fix logging: The body was previously not being logged since an io.ReadCloser is not a JSON-serialisable type. commit 908553d Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 19:04:52 2024 +0530 chore: rename function commit 51a7854 Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 18:42:00 2024 +0530 chore: update process summary commit 21b102b Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Thu Jul 18 16:44:19 2024 +0530 chore: add degradable error commit 942f8c7 Author: Alejandro Fernández Haro <alejandro.haro@elastic.co> Date: Wed Jul 17 20:52:14 2024 +0200 [Metricbeat/kibana/status] Add support for v8format (#40275) commit 1bfcecb Author: Vihas Makwana <vihas.makwana@elastic.co> Date: Wed Jul 17 23:31:10 2024 +0530 fix: multierror support * fix: nits and comments * fix: fix notice, and test * fix notice * fix notice * fix: lint * fix: nits * fix: update notice, go.mod * fix: update notice, go.mod to v0.11.0 * temp * fix: use ErrorIs * fix: use ErrorIsf --------- Co-authored-by: Pierre HILBERT <pierre.hilbert@elastic.co> (cherry picked from commit 2060383) # Conflicts: # NOTICE.txt # go.mod # go.sum

Added option to ignore empty values in the decode_cef processor. In the decode_cef processor, when there are empty values in the extensions section, we get errors during log parsing. This change provides a flag in decode_cef config to override this default behavior and ignore the fields with empty value. Some example errors that this helps handle are: error in field 'cn1': strconv.ParseInt: parsing "": invalid syntax error in field 'destinationTranslatedAddress': value is not a valid IP address Closes #40236 (cherry picked from commit dd671a6)

) Added option to ignore empty values in the decode_cef processor. In the decode_cef processor, when there are empty values in the extensions section, we get errors during log parsing. This change provides a flag in decode_cef config to override this default behavior and ignore the fields with empty value. Some example errors that this helps handle are: error in field 'cn1': strconv.ParseInt: parsing "": invalid syntax error in field 'destinationTranslatedAddress': value is not a valid IP address Closes #40236 (cherry picked from commit dd671a6) Co-authored-by: Vinit Chauhan <chauhanvinit23@gmail.com>

botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Jul 15, 2024

vinit-chauhan mentioned this issue Jul 16, 2024

[enhancement][filebeat/decode_cef] Add option to ignore missing values #40268

Merged

6 tasks

andrewkroh closed this as completed in #40268 Jul 23, 2024

andrewkroh closed this as completed in dd671a6 Jul 23, 2024

muskan-agarwal26 mentioned this issue Jul 24, 2024

[prisma_access] Initial release of the Prisma Access elastic/integrations#10399

Merged

4 tasks

kcreddy mentioned this issue Jul 25, 2024

[filebeat][decode_cef] Unable to parse fields containing hyphen - #40348

Closed

andrewkroh added enhancement Filebeat Filebeat labels Aug 15, 2024

mergify bot mentioned this issue Aug 15, 2024

[enhancement][filebeat/decode_cef] Add option to ignore missing values (backport #40268) #40535

Merged

6 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[filebeat][decode_cef] getting error while parsing empty ip/integer fields. #40236

[filebeat][decode_cef] getting error while parsing empty ip/integer fields. #40236

muskan-agarwal26 commented Jul 15, 2024

botelastic bot commented Jul 15, 2024

[filebeat][decode_cef] getting error while parsing empty ip/integer fields. #40236

[filebeat][decode_cef] getting error while parsing empty ip/integer fields. #40236

Comments

muskan-agarwal26 commented Jul 15, 2024

botelastic bot commented Jul 15, 2024