Skip to content

Cherry-pick #18525 to 7.7: Fix PANW bad mapping of client/source and server/dest packets and bytes #18533

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
May 15, 2020
Merged

Cherry-pick #18525 to 7.7: Fix PANW bad mapping of client/source and server/dest packets and bytes #18533

merged 2 commits into from
May 15, 2020

Conversation

@adriansr
Copy link
Contributor

@adriansr adriansr commented May 14, 2020
edited by zube bot
Loading

Cherry-pick of PR #18525 to 7.7 branch. Original message:

PANW pipeline was mapping:

Bytes sent to client/destination bytes.
Bytes received to server/source bytes.
Packets sent to server/destination packets.
Packets received to client/source packets.

All of these mappings are wrong.

The correct is:
Bytes sent to client/source bytes.
Bytes received to server/destination bytes.
Packets sent to client/source packets.
Packets received to server/destination packets.

Also adding some missing ECS mappings in the process.

Fixes #18522

@adriansr
Fix PANW bad mapping of client/source and server/dest packets and byt…
1365180 
…es (elastic#18525)

PANW pipeline was mapping:

Bytes sent to client/destination bytes.
Bytes received to server/source bytes.
Packets sent to server/destination packets.
Packets received to client/source packets.

All of these mappings are wrong.

The correct is:
Bytes sent to client/source bytes.
Bytes received to server/destination bytes.
Packets sent to client/source packets.
Packets received to server/destination packets.

Also adding some missing ECS mappings in the process.

Fixes elastic#18522

(cherry picked from commit 463a52a)
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label May 14, 2020
@elasticmachine
Copy link
Contributor

elasticmachine commented May 14, 2020

Pinging @elastic/siem (Team:SIEM)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label May 14, 2020
@adriansr adriansr merged commit 1c31fe2 into elastic:7.7 May 15, 2020
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@adriansr
Fix PANW bad mapping of client/source and server/dest packets and byt…
47218e8 
…es (elastic#18525) (elastic#18533)

PANW pipeline was mapping:

Bytes sent to client/destination bytes.
Bytes received to server/source bytes.
Packets sent to server/destination packets.
Packets received to client/source packets.

All of these mappings are wrong.

The correct is:
Bytes sent to client/source bytes.
Bytes received to server/destination bytes.
Packets sent to client/source packets.
Packets received to server/destination packets.

Also adding some missing ECS mappings in the process.

Fixes elastic#18522

(cherry picked from commit 9bae856)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees

No one assigned

Labels

backport review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@adriansr @elasticmachine @andrewkroh