junipersrx-module initial release #20017
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually? |
1 similar comment
|
Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually? |
botelastic
bot
added
the
needs_team
|
Pinging @elastic/siem (Team:SIEM) |
botelastic
bot
removed
the
needs_team
|
This is an initial community review that Stefan has shared that I will be helping out with |
💚 Build Succeeded
Expand to view the summary
Build stats
Test stats 🧪
|
P1llus
approved these changes
Sep 3, 2020
|
Jenkins test this please |
1 similar comment
|
Jenkins test this please |
|
I've removed some fields under juniper.srx that were unused because the pipeline will rename them into ECS fields. Now it's below the 1MB index-pattern limit (just a few bytes left though) |
adriansr
force-pushed
the
junipersrx-module
branch
from
7ea534b
to
42fc8fd
Compare
marc-gr
reviewed
Oct 2, 2020
marc-gr
approved these changes
Oct 2, 2020
|
Jenkins test this please |
adriansr
force-pushed
the
junipersrx-module
branch
from
84f0856
to
d643ea3
Compare
6 tasks
marc-gr
pushed a commit
to marc-gr/beats
that referenced
this pull request
Oct 6, 2020
* junipersrx-module initial release * stashing changes for later * Initial MVP release ready for review * updating a comment in pipeline.yml * updating filebeat.reference.yml * Small fix for docs * Fix parsing of juniper.srx.timestamp * Fix bad samples * Remove some fields to make the index-pattern smaller * Missing update * Fix var.tags and disable_host when forwarded * Add related fields * Add changelog entry * Remove unused file Co-authored-by: StefanSa <StefanSa@users.noreply.github.com> Co-authored-by: P1llus <pillus@chasenet.org> Co-authored-by: Adrian Serrano <adrisr83@gmail.com> Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com> (cherry picked from commit 6c0a786)
marc-gr
added a commit
that referenced
this pull request
Oct 6, 2020
* junipersrx-module initial release * stashing changes for later * Initial MVP release ready for review * updating a comment in pipeline.yml * updating filebeat.reference.yml * Small fix for docs * Fix parsing of juniper.srx.timestamp * Fix bad samples * Remove some fields to make the index-pattern smaller * Missing update * Fix var.tags and disable_host when forwarded * Add related fields * Add changelog entry * Remove unused file Co-authored-by: StefanSa <StefanSa@users.noreply.github.com> Co-authored-by: P1llus <pillus@chasenet.org> Co-authored-by: Adrian Serrano <adrisr83@gmail.com> Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com> (cherry picked from commit 6c0a786) Co-authored-by: StefanSa <6105075+StefanSa@users.noreply.github.com>
v1v
added a commit
to v1v/beats
that referenced
this pull request
Oct 6, 2020
* upstream/master: [CI] Setup git config globally (elastic#21562) docs: update generate_fields_docs.py (elastic#21359) Add support for additional fields from V2 ALB logs (elastic#21540) Move Prometheus query & remote_write to GA (elastic#21507) feat: add a new step to run the e2e tests for certain parts of Beats (elastic#21100) [Elastic Agent] Add elastic agent ID and version to events from filebeat and metricbeat. (elastic#21543) Release cloudfoundry input and processor as GA (elastic#21525) [Packetbeat] New SIP protocol (elastic#21221) [Filebeat][New Module] Add support for Microsoft MTP / 365 Defender (elastic#21446) [Beats][pytest] Asserting if filebeat logs include errors (elastic#20999) junipersrx-module initial release (elastic#20017) Add a persistent cache for cloudfoundry metadata based on badger (elastic#20775) Add missing changelog entry for cisco umbrella (elastic#21550) [Elastic Agent] Add upgrade CLI to initiate upgrade of Agent locally (elastic#21425) Enable filestream input (elastic#21533) Add filestream input reader (elastic#21481) [CI] fix 'no matches found within 10000' (elastic#21466) Fix billing.go aws.GetStartTimeEndTime (elastic#21531)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
This PR Introduces the JuniperSRX filebeat module. Focusing currently on JuniperSRX Firewall, but should include other Juniper products as separate PR's later on.
Why is it important?
Adding more supported products to the filebeat portfolio.
Checklist
CHANGELOG.next.asciidocorCHANGELOG-developer.next.asciidoc.How to test this PR locally
INTEGRATION_TESTS=1 BEAT_STRICT_PERMS=false TESTING_FILEBEAT_MODULES=junipersrx nosetests -v -s tests/system/test_xpack_modules.py