Skip to content

[7.17](backport #31388) [Filebeat] sophos.xg - Handle new log field names#31637

Merged
andrewkroh merged 4 commits into7.17from
mergify/bp/7.17/pr-31388
May 25, 2022
Merged

[7.17](backport #31388) [Filebeat] sophos.xg - Handle new log field names#31637
andrewkroh merged 4 commits into7.17from
mergify/bp/7.17/pr-31388

Conversation

@mergify
Copy link
Contributor

@mergify mergify bot commented May 16, 2022
edited by zube bot
Loading

This is an automatic backport of pull request #31388 done by Mergify.
Cherry-pick of ef833ae has failed:

On branch mergify/bp/7.17/pr-31388
Your branch is up to date with 'origin/7.17'.

You are currently cherry-picking commit ef833aea60.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   CHANGELOG.next.asciidoc
	modified:   x-pack/filebeat/module/sophos/xg/config/config.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/antispam.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/antivirus.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/atp.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/cfilter.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/event.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/firewall.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/idp.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/sandstorm.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/systemhealth.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/waf.yml
	modified:   x-pack/filebeat/module/sophos/xg/ingest/wifi.yml
	modified:   x-pack/filebeat/module/sophos/xg/manifest.yml
	modified:   x-pack/filebeat/module/sophos/xg/test/sandbox.log-expected.json
	modified:   x-pack/filebeat/module/sophos/xg/test/system-health.log-expected.json
	modified:   x-pack/filebeat/module/sophos/xg/test/wifi.log-expected.json

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   filebeat/docs/fields.asciidoc
	both modified:   x-pack/filebeat/module/sophos/fields.go
	both modified:   x-pack/filebeat/module/sophos/xg/_meta/fields.yml
	both modified:   x-pack/filebeat/module/sophos/xg/ingest/pipeline.yml
	both modified:   x-pack/filebeat/module/sophos/xg/test/anti-spam.log-expected.json
	both modified:   x-pack/filebeat/module/sophos/xg/test/anti-virus.log-expected.json
	both modified:   x-pack/filebeat/module/sophos/xg/test/atp.log-expected.json
	both modified:   x-pack/filebeat/module/sophos/xg/test/cfilter.log-expected.json
	both modified:   x-pack/filebeat/module/sophos/xg/test/event.log-expected.json
	both modified:   x-pack/filebeat/module/sophos/xg/test/firewall.log-expected.json
	both modified:   x-pack/filebeat/module/sophos/xg/test/idp.log-expected.json
	both modified:   x-pack/filebeat/module/sophos/xg/test/waf.log-expected.json

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

Mergify commands and options

More conditions and actions can be found in the documentation.

You can also trigger Mergify actions by commenting on this pull request:

  • @Mergifyio refresh will re-evaluate the rules
  • @Mergifyio rebase will rebase this PR on its base branch
  • @Mergifyio update will merge the base branch into this PR
  • @Mergifyio backport <destination> will backport this PR on <destination> branch

Additionally, on Mergify dashboard you can:

  • look at your merge queues
  • generate the Mergify configuration with the config editor.

Finally, you can contact us on https://mergify.com

@mergify mergify bot requested a review from a team as a code owner May 16, 2022 19:44
@mergify mergify bot added backport conflicts There is a conflict in the backported pull request labels May 16, 2022
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label May 16, 2022
@botelastic
Copy link

botelastic bot commented May 16, 2022

This pull request doesn't have a Team:<team> label.

@elasticmachine
Copy link
Contributor

elasticmachine commented May 16, 2022
edited by jenkins-beats-ci bot
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-05-25T15:37:33.096+0000

  • Duration: 75 min 44 sec

Test stats 🧪

Test Results
Failed 0
Passed 7049
Skipped 681
Total 7730

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@andrewkroh andrewkroh force-pushed the mergify/bp/7.17/pr-31388 branch from 30bdbc4 to 852bd50 Compare May 16, 2022 20:41
@andrewkroh andrewkroh mentioned this pull request May 18, 2022
Merged
6 tasks
@mergify
Copy link
Contributor Author

mergify bot commented May 23, 2022

This pull request has not been merged yet. Could you please review and merge it @andrewkroh? 🙏

@mergify
Copy link
Contributor Author

mergify bot commented May 24, 2022

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b mergify/bp/7.17/pr-31388 upstream/mergify/bp/7.17/pr-31388
git merge upstream/7.17
git push upstream mergify/bp/7.17/pr-31388

andrewkroh added 2 commits May 24, 2022 17:32
@andrewkroh
[Filebeat] sophos.xg - Handle new log field names (#31388)
e1263f2 
* Sort fields.yml by name before modifying

* sophos.xg - Handle new log field names

Sync the Fleet integration pipeline into the Filebeat module.

Based on elastic/integrations@919fe81.

Fixes #29002

* Remove duplicate syslog_server_name field

* Pipeline modifications for Beats

Add event.ingested.

Change to Go template format.

* Update generated files

[git-generate]
mage -d filebeat update
cd x-pack/filebeat
mage update
PYTEST_ADDOPTS="-k sophos" TESTING_FILEBEAT_MODULES=sophos GENERATE=true mage -v pythonIntegTest

* Add changelog
@andrewkroh
Add default_field: false to sophos.xg fields
e99cfe7
@andrewkroh andrewkroh force-pushed the mergify/bp/7.17/pr-31388 branch from ec89b1b to e99cfe7 Compare May 24, 2022 21:32
@andrewkroh andrewkroh merged commit 6d6be4a into 7.17 May 25, 2022
@mergify mergify bot deleted the mergify/bp/7.17/pr-31388 branch May 25, 2022 17:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@andrewkroh andrewkroh

Labels

backport conflicts There is a conflict in the backported pull request needs_team Indicates that the issue/PR needs a Team:* label

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@elasticmachine @andrewkroh