Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

google_workspace,jamf_protect,ti_mandiant: add "preserve_original_event" tag to documents with event.kind set to "pipeline_error" #12108

Merged
merged 1 commit into from
Dec 17, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions packages/google_workspace/changelog.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "2.27.0"
changes:
- description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".
type: enhancement
link: https://github.com/elastic/integrations/pull/12108
- version: "2.26.1"
changes:
- description: Fix string literals in painless scripts.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -382,3 +382,7 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
Original file line number Diff line number Diff line change
Expand Up @@ -823,6 +823,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -1056,6 +1056,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -357,3 +357,7 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
Original file line number Diff line number Diff line change
Expand Up @@ -554,3 +554,7 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
Original file line number Diff line number Diff line change
Expand Up @@ -276,6 +276,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -337,3 +337,7 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
Original file line number Diff line number Diff line change
Expand Up @@ -377,3 +377,7 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
Original file line number Diff line number Diff line change
Expand Up @@ -307,6 +307,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -265,6 +265,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -527,6 +527,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -371,3 +371,7 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
2 changes: 1 addition & 1 deletion packages/google_workspace/manifest.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: google_workspace
title: Google Workspace
version: "2.26.1"
version: "2.27.0"
source:
license: Elastic-2.0
description: Collect logs from Google Workspace with Elastic Agent.
Expand Down
5 changes: 5 additions & 0 deletions packages/jamf_protect/changelog.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "2.8.0"
changes:
- description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".
type: enhancement
link: https://github.com/elastic/integrations/pull/12108
- version: "2.7.0"
changes:
- description: Do not remove `event.original` in main ingest pipeline.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -486,6 +486,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -353,6 +353,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: >-
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -241,6 +241,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
Original file line number Diff line number Diff line change
Expand Up @@ -265,6 +265,10 @@ on_failure:
- set:
field: event.kind
value: pipeline_error
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
- append:
field: error.message
value: '{{{ _ingest.on_failure_message }}}'
2 changes: 1 addition & 1 deletion packages/jamf_protect/manifest.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
format_version: 3.0.3
name: jamf_protect
title: Jamf Protect
version: "2.7.0"
version: "2.8.0"
description: Receives events from Jamf Protect with Elastic Agent.
type: integration
categories:
Expand Down
5 changes: 5 additions & 0 deletions packages/ti_mandiant_advantage/changelog.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "1.7.0"
changes:
- description: Add "preserve_original_event" tag to documents with `event.kind` set to "pipeline_error".
type: enhancement
link: https://github.com/elastic/integrations/pull/12108
- version: "1.6.0"
changes:
- description: Add support for proxy configuration.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -415,3 +415,7 @@ on_failure:
field: event.kind
value: pipeline_error
allow_duplicates: false
- append:
field: tags
value: preserve_original_event
allow_duplicates: false
2 changes: 1 addition & 1 deletion packages/ti_mandiant_advantage/manifest.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
format_version: 3.0.2
name: ti_mandiant_advantage
title: "Mandiant Advantage"
version: "1.6.0"
version: "1.7.0"
source:
license: "Elastic-2.0"
description: "Collect Threat Intelligence from products within the Mandiant Advantage platform."
Expand Down