Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Packetbeat] add "network" to event.category #20392

Merged
merged 2 commits into from
Aug 11, 2020
Merged

[Packetbeat] add "network" to event.category #20392

merged 2 commits into from
Aug 11, 2020

Conversation

leehinman
Copy link
Contributor

What does this PR do?

adds "network" to event.category for flows

Why is it important?

adds ECS allowed value to event.category

Checklist

  • My code follows the style guidelines of this project
    - [ ] I have commented my code, particularly in hard-to-understand areas
    - [ ] I have made corresponding changes to the documentation
    - [ ] I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

How to test this PR locally

mage test

Related issues

@leehinman leehinman added bug Packetbeat needs_backport PR is waiting to be backported to other branches. Team:SIEM labels Jul 31, 2020
@elasticmachine
Copy link
Collaborator

Pinging @elastic/siem (Team:SIEM)

@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Jul 31, 2020
@elasticmachine
Copy link
Collaborator

💚 Build Succeeded

Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: [Pull request #20392 opened]

  • Start Time: 2020-07-31T21:37:14.758+0000

  • Duration: 59 min 57 sec

Test stats 🧪

Test Results
Failed 0
Passed 1589
Skipped 18
Total 1607

andrewkroh
andrewkroh approved these changes Aug 3, 2020
View reviewed changes
Copy link
Member

@andrewkroh andrewkroh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. We can go ahead and drop the network_traffic category from master now (and not backport it).

packetbeat/_meta/sample_outputs/flow.json Outdated Show resolved Hide resolved
@andrewkroh andrewkroh merged commit 7b47f1f into elastic:master Aug 11, 2020
andrewkroh pushed a commit to andrewkroh/beats that referenced this pull request Aug 11, 2020
@leehinman @andrewkroh
[Packetbeat] Add "network" to event.category (elastic#20392)
b96d376 
Add "network" to event.category value.

Closes elastic#20364


(cherry picked from commit 7b47f1f)
@andrewkroh andrewkroh mentioned this pull request Aug 11, 2020
Merged
3 tasks
@andrewkroh andrewkroh added v7.10.0 and removed needs_backport PR is waiting to be backported to other branches. labels Aug 11, 2020
@andrewkroh
Copy link
Member

I created #20556 to remove the old network_traffic category value.

v1v added a commit to v1v/beats that referenced this pull request Aug 12, 2020
@v1v
Merge remote-tracking branch 'upstream/master' into feature/ci-pipeli…
23c69ce 
…ne-2.0

* upstream/master: (39 commits)
  [ITs] Revert healthcheck for elasticsearchssl service to the previous behaviour (elastic#20558)
  [Heartbeat] Fix packaging (elastic#20566)
  [Heartbeat] Add Magefile to X-Pack (elastic#20549)
  [Packetbeat] Add "network" to event.category (elastic#20392)
  fix typo in docs (elastic#20541)
  Add service resource in k8s cluster role (elastic#20546)
  Update Golang version to 1.14.7 (elastic#20508)
  Add missing inputs to filebeat spec (elastic#20388)
  add warning log in aws and googlecloud module for API cost (elastic#20523)
  Fix fortinet.firewall.mem value to be interpreted as integer (elastic#19335)
  [CI] add more resilience (elastic#20505)
  [JJBB] fix credentials with a service account for golang-crossbuild (elastic#20537)
  [ITs] change healthcheck for elasticsearch (elastic#20514)
  [JJBB] fix credentials with a service account (elastic#20535)
  chore(ci): use build step for checking if is PR (elastic#20536)
  [CI] runbld project name (elastic#20466)
  Add panw.panos.endreason field (elastic#18705)
  [Filebeat] Fix PANW field spelling "veredict" to "verdict" (elastic#18808)
  Fix typo in netflow module docs (elastic#18992)
  Modified auditd ingest pipeline to handle node=hostname (elastic#19659)
  ...
andrewkroh added a commit that referenced this pull request Aug 14, 2020
@andrewkroh @leehinman
[Packetbeat] Add "network" to event.category (#20392) (#20554)
cfb5188 
Add "network" to event.category value.

Closes #20364


(cherry picked from commit 7b47f1f)

Co-authored-by: Lee Hinman <57081003+leehinman@users.noreply.github.com>
@leehinman leehinman deleted the 20364_packetbeat_category branch October 5, 2020 19:13
melchiormoulin pushed a commit to melchiormoulin/beats that referenced this pull request Oct 14, 2020
@leehinman @melchiormoulin
[Packetbeat] Add "network" to event.category (elastic#20392)
78103aa 
Add "network" to event.category value.

Closes elastic#20364
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees
No one assigned
Labels
bug Packetbeat v7.10.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Packetbeat] flow dataset should have "network" in event.category
3 participants
@leehinman @elasticmachine @andrewkroh