diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index 7fa7be11f93..0b90c245736 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -766,6 +766,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - Allow cef and checkpoint modules to override network directionality based off of zones {pull}23066[23066] - Add the ability to override `network.direction` based on interfaces in Fortinet/firewall fileset. {pull}23072[23072] - Add `network.direction` override by specifying `internal_networks` in gcp module. {pull}23081[23081] +- Migrate okta to httpjson v2 config {pull}23059[23059] *Heartbeat* diff --git a/x-pack/filebeat/module/okta/system/config/input.yml b/x-pack/filebeat/module/okta/system/config/input.yml index 002888a1b14..107dd3ca320 100644 --- a/x-pack/filebeat/module/okta/system/config/input.yml +++ b/x-pack/filebeat/module/okta/system/config/input.yml @@ -1,52 +1,40 @@ {{ if eq .input "httpjson" }} type: httpjson - -{{ if .api_key }} -api_key: {{ .api_key }} -{{ end }} - -authentication_scheme: {{ .authentication_scheme }} - -{{ if .http_client_timeout }} -http_client_timeout: {{ .http_client_timeout }} -{{ end }} - -{{ if .http_method }} -http_method: {{ .http_method }} -{{ end }} - -{{ if .http_headers }} -http_headers: {{ .http_headers | tojson }} -{{ end }} - -{{ if .http_request_body }} -http_request_body: {{ .http_request_body }} -{{ end }} - +config_version: "2" interval: {{ .interval }} -{{ if .json_objects_array }} -json_objects_array: {{ .json_objects_array }} -{{ end }} - -no_http_body: {{ .no_http_body }} - -pagination: {{ .pagination | tojson }} - -rate_limit: {{ .rate_limit | tojson }} - {{ if .ssl }} -ssl: {{ .ssl | tojson }} +request.ssl: {{ .ssl | tojson }} {{ end }} -{{ if .url }} -url: {{ .url }} -{{ end }} - -date_cursor.field: published -date_cursor.url_field: since -date_cursor.initial_interval: {{ .initial_interval }} +{{ if .http_client_timeout }} +request.timeout: {{ .http_client_timeout }} +{{ end }} + +request.method: GET +request.url: {{ .url }} +request.rate_limit: + limit: '[[.last_response.header.Get "X-Rate-Limit-Limit"]]' + remaining: '[[.last_response.header.Get "X-Rate-Limit-Remaining"]]' + reset: '[[.last_response.header.Get "X-Rate-Limit-Reset"]]' +request.transforms: + - set: + target: header.Authorization + value: "SSWS {{.api_key}}" + - set: + target: url.params.since + value: "[[.cursor.published]]" + default: '[[now (parseDuration "-{{.initial_interval}}")]]' + +response.pagination: + - set: + target: url.value + value: '[[ getRFC5988Link "next" .last_response.header.Link ]]' + +cursor: + published: + value: "[[.last_event.published]]" {{ else if eq .input "file" }} diff --git a/x-pack/filebeat/module/okta/system/manifest.yml b/x-pack/filebeat/module/okta/system/manifest.yml index f8f83fd9aee..688f1a9ba44 100644 --- a/x-pack/filebeat/module/okta/system/manifest.yml +++ b/x-pack/filebeat/module/okta/system/manifest.yml @@ -4,30 +4,11 @@ var: - name: input default: httpjson - name: api_key - - name: authentication_scheme - default: "SSWS" - name: http_client_timeout - - name: http_method - default: GET - - name: http_headers - - name: http_request_body - name: interval default: 60s - - name: json_objects_array - name: keep_original_message default: true - - name: no_http_body - default: true - - name: pagination - default: - header: - field_name: Link - regex_pattern: '<([^>]+)>; *rel="next"(?:,|$)' - - name: rate_limit - default: - limit: X-Rate-Limit-Limit - remaining: X-Rate-Limit-Remaining - reset: X-Rate-Limit-Reset - name: ssl - name: tags default: [forwarded]