Skip to content

Cherry-pick #14553 to 7.6: New fileset for googlecloud firewall logs#15620

Closed
adriansr wants to merge 1 commit intoelastic:7.6from
adriansr:backport_14553_7.6
Closed

Cherry-pick #14553 to 7.6: New fileset for googlecloud firewall logs#15620
adriansr wants to merge 1 commit intoelastic:7.6from
adriansr:backport_14553_7.6

Conversation

@adriansr
Copy link
Copy Markdown
Contributor

@adriansr adriansr commented Jan 16, 2020

Cherry-pick of PR #14553 to 7.6 branch. Original message:

This PR adds a new fileset, firewall, to the googlecloud module in Filebeat. It helps parsing firewall logs generated by rules under VPC Network -> Firewall Rules.

Note that GCP only logs firewall events under the following conditions:

  • Logging needs to be enabled for each individual rule in order to log.
  • Only TCP and UDP rules can be logged.

See https://cloud.google.com/vpc/docs/using-firewall-rules-logging.

@adriansr
New fileset for googlecloud firewall logs (elastic#14553)
c3e4745 
This PR adds a new fileset, firewall, to the googlecloud module in Filebeat. It helps
parsing firewall logs generated by rules under VPC Network -> Firewall Rules.

Note that GCP only logs firewall events under the following conditions:
- Logging needs to be enabled for each individual rule in order to log.
- Only TCP and UDP rules can be logged.

(cherry picked from commit 4a66f0b)
@adriansr adriansr requested a review from a team as a code owner January 16, 2020 22:55
@adriansr adriansr closed this Jan 16, 2020
@adriansr adriansr removed the request for review from a team January 16, 2020 22:56
@adriansr adriansr deleted the backport_14553_7.6 branch January 16, 2020 23:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@adriansr