Skip to content

Fix pfsense grok to support new opensense log format#3612

Merged
kcreddy merged 10 commits intoelastic:mainfrom
kcreddy:pfsense_grok
Jul 4, 2022
Merged

Fix pfsense grok to support new opensense log format#3612
kcreddy merged 10 commits intoelastic:mainfrom
kcreddy:pfsense_grok

Conversation

@kcreddy
Copy link
Contributor

@kcreddy kcreddy commented Jun 28, 2022

What does this PR do?

Short-term fix for handling new OPNsense log format by updating the grok pattern. A permanent fix will be to switch to syslog after elastic/beats#31798 is merged

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Related issues

@kcreddy kcreddy changed the title fix opensense grok Fix pfsense grok to support new opensense log format Jun 28, 2022
@elasticmachine
Copy link

elasticmachine commented Jun 28, 2022
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-07-04T17:31:24.409+0000

  • Duration: 16 min 53 sec

Test stats 🧪

Test Results
Failed 0
Passed 45
Skipped 0
Total 45

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@elasticmachine
Copy link

elasticmachine commented Jun 28, 2022
edited
Loading

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 100.0% (1/1) 💚
Files 88.889% (8/9) 👎 -7.71
Classes 88.889% (8/9) 👎 -7.71
Methods 92.063% (58/63) 👍 3.236
Lines 89.409% (650/727) 👎 -0.539
Conditionals 100.0% (0/0) 💚

@kcreddy kcreddy marked this pull request as ready for review June 28, 2022 14:25
@kcreddy kcreddy requested a review from a team as a code owner June 28, 2022 14:25
@kcreddy kcreddy requested a review from P1llus June 28, 2022 14:25
@elasticmachine
Copy link

elasticmachine commented Jun 28, 2022

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@kcreddy kcreddy added the bug Something isn't working, use only for issues label Jun 28, 2022
leehinman
leehinman approved these changes Jun 28, 2022
View reviewed changes
Copy link
Contributor

@leehinman leehinman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kcreddy kcreddy merged commit 723c623 into elastic:main Jul 4, 2022
@kcreddy kcreddy deleted the pfsense_grok branch July 4, 2022 18:17
@andrewkroh andrewkroh mentioned this pull request Jul 6, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@P1llus P1llus P1llus approved these changes

@leehinman leehinman leehinman approved these changes

+1 more reviewer

@legoguy1000 legoguy1000 legoguy1000 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bug Something isn't working, use only for issues

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[pfsense] switch from grok to syslog processor

5 participants

@kcreddy @elasticmachine @P1llus @legoguy1000 @leehinman