Skip to content

Fixed issues with pipeline test failures #15

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
joeperuzzi merged 2 commits into from
Oct 6, 2023
Merged

Fixed issues with pipeline test failures #15

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
33fb49e
Fixed issues with pipeline test failures
tychon1 Oct 5, 2023
896e08a
Added Failsafe processors to volume ingest pipeline
tychon1 Oct 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion packages/tychon/changelog.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
- version: 0.0.54
- version: 0.0.57
changes:
- description: Fixed incorrect types in field.yml and cleaned up formatting
type: enhancement
Expand Down
4 changes: 2 additions & 2 deletions packages/tychon/data_stream/tychon_arp/_dev/test/pipeline/test-arp.json-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"expected": [
{
"@timestamp": "2023-09-25T21:55:23.418865635Z",
"@timestamp": "2023-10-05T13:48:07.498243391Z",
"destination": {
"hostname": "Request timed out (700 ms)",
"ip": "10.70.4.16",
Expand All @@ -15,7 +15,7 @@
"category": [
"network"
],
"ingested": "2023-09-25T21:55:23.418865635Z",
"ingested": "2023-10-05T13:48:07.498243391Z",
"kind": "state",
"module": "tychon",
"type": [
Expand Down
9 changes: 5 additions & 4 deletions packages/tychon/data_stream/tychon_arp/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,15 @@ processors:
- set:
field: event.module
value: tychon
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- gsub:
field: host.mac
pattern: ":"
replacement: "-"
ignore_missing: true
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- convert:
field: host.uptime
type: string
Expand Down
4 changes: 2 additions & 2 deletions packages/tychon/data_stream/tychon_cpu/_dev/test/pipeline/test-cpu.json-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
{
"expected": [
{
"@timestamp": "2023-09-25T21:55:23.632476469Z",
"@timestamp": "2023-10-05T13:48:07.751417637Z",
"ecs": {
"version": "8.8.0"
},
"event": {
"category": [
"configuration"
],
"ingested": "2023-09-25T21:55:23.632476469Z",
"ingested": "2023-10-05T13:48:07.751417637Z",
"kind": "state",
"module": "tychon",
"type": [
Expand Down
9 changes: 5 additions & 4 deletions packages/tychon/data_stream/tychon_cpu/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,14 +12,15 @@ processors:
- set:
field: ecs.version
value: 8.8.0
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- gsub:
field: host.mac
pattern: ":"
replacement: "-"
ignore_missing: true
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- convert:
field: host.uptime
type: string
Expand Down
10 changes: 7 additions & 3 deletions packages/tychon/data_stream/tychon_cve/_dev/test/pipeline/test-cve.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
{
"host.biossn": "737C4D56-5714-9415-3B54-352BA8936AF3",
"host.cloud.hosted": false,
"host.domain": null,
"host.domain": "",
"host.hardware.bios.name": "Phoenix Technologies LTD",
"host.hardware.bios.version": "6.00",
"host.hardware.cpu.caption": "Intel64 Family 6 Model 45 Stepping 7",
Expand All @@ -12,10 +12,14 @@
"host.hardware.serial_number": "VMware-56 4d 7c 73 14 57 15 94-3b 54 35 2b a8 93 6a f3",
"host.hostname": "BOTANYBAYEP1",
"host.id": "c698e42cc0794fd19b2f9157a8a2c88b_737C4D56-5714-9415-3B54-352BA8936AF3_BOTANYBAYEP1_WORKGROUP",
"host.ip": "10.1.9.51",
"host.ip": [
"10.1.9.51"
],
"host.ipv4": "10.1.9.51",
"host.ipv6": "",
"host.mac": "00:0C:29:93:6A:F3",
"host.mac": [
"00:0C:29:93:6A:F3"
],
"host.oem.manufacturer": "",
"host.oem.model": "",
"host.os.build": "19045",
Expand Down
14 changes: 9 additions & 5 deletions packages/tychon/data_stream/tychon_cve/_dev/test/pipeline/test-cve.json-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
{
"expected": [
{
"@timestamp": "2023-09-25T21:55:23.823090043Z",
"@timestamp": "2023-10-05T13:48:07.991051920Z",
"ecs": {
"version": "8.8.0"
},
"event": {
"category": [
"vulnerability"
],
"ingested": "2023-09-25T21:55:23.823090043Z",
"ingested": "2023-10-05T13:48:07.991051920Z",
"kind": "state",
"module": "tychon",
"outcome": "success",
Expand All @@ -22,7 +22,7 @@
"cloud": {
"hosted": false
},
"domain": null,
"domain": "",
"hardware": {
"bios": {
"name": "Phoenix Technologies LTD",
Expand All @@ -37,12 +37,16 @@
},
"hostname": "BOTANYBAYEP1",
"id": "c698e42cc0794fd19b2f9157a8a2c88b_737C4D56-5714-9415-3B54-352BA8936AF3_BOTANYBAYEP1_WORKGROUP",
"ip": "10.1.9.51",
"ip": [
"10.1.9.51"
],
"ipv4": [
"10.1.9.51"
],
"ipv6": "",
"mac": "00-0C-29-93-6A-F3",
"mac": [
"00-0C-29-93-6A-F3"
],
"oem": {
"manufacturer": "",
"model": ""
Expand Down
10 changes: 6 additions & 4 deletions packages/tychon/data_stream/tychon_cve/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,14 +31,15 @@ processors:
- set:
field: event.module
value: tychon
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- gsub:
field: host.mac
pattern: ":"
replacement: "-"
ignore_missing: true
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- convert:
field: host.uptime
type: string
Expand Down Expand Up @@ -82,6 +83,7 @@ processors:
- convert:
field: vulnerability.score.base
type: float
ignore_failure: true
- convert:
field: vulnerability.year
type: long
Expand Down
4 changes: 2 additions & 2 deletions packages/tychon/data_stream/tychon_epp/_dev/test/pipeline/test-epp.json-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
"expected": [
{
"@timestamp": "2023-09-25T21:55:24.027955596Z",
"@timestamp": "2023-10-05T13:48:08.349377955Z",
"ecs": {
"version": "8.8.0"
},
Expand All @@ -24,7 +24,7 @@
"category": [
"configuration"
],
"ingested": "2023-09-25T21:55:24.027955596Z",
"ingested": "2023-10-05T13:48:08.349377955Z",
"kind": "state",
"module": "tychon",
"type": [
Expand Down
9 changes: 5 additions & 4 deletions packages/tychon/data_stream/tychon_epp/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,14 +24,15 @@ processors:
- set:
field: event.type
value: [info]
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- gsub:
field: host.mac
pattern: ":"
replacement: "-"
ignore_missing: true
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- convert:
field: host.uptime
type: string
Expand Down
4 changes: 2 additions & 2 deletions ...ta_stream/tychon_exposedservice/_dev/test/pipeline/test-exposedservice.json-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
{
"expected": [
{
"@timestamp": "2023-09-25T21:55:24.225040722Z",
"@timestamp": "2023-10-05T13:48:08.716336204Z",
"ecs": {
"version": "8.8.0"
},
"event": {
"category": [
"network"
],
"ingested": "2023-09-25T21:55:24.225040722Z",
"ingested": "2023-10-05T13:48:08.716336204Z",
"kind": "state",
"module": "tychon",
"type": [
Expand Down
9 changes: 5 additions & 4 deletions packages/tychon/data_stream/tychon_exposedservice/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,15 @@ processors:
- set:
field: event.kind
value: state
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- gsub:
field: host.mac
pattern: ":"
replacement: "-"
ignore_missing: true
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- convert:
field: host.uptime
type: string
Expand Down
14 changes: 9 additions & 5 deletions packages/tychon/data_stream/tychon_harddrive/_dev/test/pipeline/test-harddrive.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,9 @@
"host.hardware.manufacturer": "VMware, Inc.",
"disk.serial_number": "",
"host.os.build": "19045",
"host.ip": "10.1.9.51",
"host.ip": [
"10.1.9.51"
],
"disk.boot_from": "true",
"host.hostname": "BOTANYBAYEP1",
"disk.adapter.serial_number": "",
Expand All @@ -27,23 +29,25 @@
"disk.is_boot": "true",
"host.hardware.bios.name": "Phoenix Technologies LTD",
"host.type": "Workstation",
"disk.model": "Virtual disk ",
"disk.model": "Virtual disk",
"disk.health_status": "Healthy",
"disk.number": "0",
"script.current_duration": "13711.00",
"disk.offline": "false",
"disk.location.bus": "3",
"disk.location.pci_slot": "160",
"host.biossn": "737C4D56-5714-9415-3B54-352BA8936AF3",
"host.mac": "00:0C:29:93:6A:F3",
"host.mac": [
"00:0C:29:93:6A:F3"
],
"host.id": "c698e42cc0794fd19b2f9157a8a2c88b_737C4D56-5714-9415-3B54-352BA8936AF3_BOTANYBAYEP1_WORKGROUP",
"host.uptime": "614991.6714276",
"id": "ec85d3b7de5e9d8717b7799a134bd829beada75c",
"disk.firmware.version": "2.0 ",
"disk.location.function": "0",
"script.current_time": "2023-09-25T19:04:02Z",
"disk.bus_type": "SAS",
"disk.manufacturer": "VMware ",
"disk.firmware_version": "2.0",
"disk.manufacturer": "VMware",
"disk.clustered": "false",
"script.name": "Get-TychonHardDriveInfo.ps1",
"script.version": "2.3.141.0",
Expand Down
12 changes: 5 additions & 7 deletions .../tychon/data_stream/tychon_harddrive/_dev/test/pipeline/test-harddrive.json-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,15 @@
{
"expected": [
{
"@timestamp": "2023-09-25T21:55:24.421648324Z",
"@timestamp": "2023-10-05T13:48:09.028702894Z",
"disk": {
"adapter": {
"serial_number": ""
},
"boot_from": "true",
"bus_type": "SAS",
"clustered": "false",
"firmware": {
"version": "2.0 "
},
"firmware_version": "2.0",
"health_status": "Healthy",
"highly_available": "false",
"id": "{1}\\\\BOTANYBAYEP1\\root/Microsoft/Windows/Storage/Providers_v2\\WSP_Disk.ObjectId=\"{c3aa4c8f-3a0e-11ed-91c8-806e6f6e6963}:DI:\\\\?\\scsi#disk\u0026ven_vmware\u0026prod_virtual_disk#5\u00261ec51bf7\u00260\u0026000000#{53f56307-b6bf-11d0-94f2-00a0c91efb8b}\"",
Expand All @@ -23,8 +21,8 @@
"function": "0",
"pci_slot": "160"
},
"manufacturer": "VMware ",
"model": "Virtual disk ",
"manufacturer": "VMware",
"model": "Virtual disk",
"name": "VMware Virtual disk",
"number": "0",
"number_of_partitions": "3",
Expand All @@ -42,7 +40,7 @@
"category": [
"configuration"
],
"ingested": "2023-09-25T21:55:24.421648324Z",
"ingested": "2023-10-05T13:48:09.028702894Z",
"kind": "state",
"module": "tychon",
"type": [
Expand Down
11 changes: 2 additions & 9 deletions packages/tychon/data_stream/tychon_harddrive/elasticsearch/ingest_pipeline/default.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,20 +15,13 @@ processors:
- set:
field: event.kind
value: state
- split:
field: host.ip
separator: ","
ignore_missing: true
- split:
field: host.ipv4
separator: ","
ignore_missing: true
- gsub:
field: host.mac
pattern: ":"
replacement: "-"
ignore_missing: true
- split:
field: host.mac
field: host.ipv4
separator: ","
ignore_missing: true
- convert:
Expand Down
8 changes: 6 additions & 2 deletions packages/tychon/data_stream/tychon_hardware/_dev/test/pipeline/test-hardware.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@
"tychon.id": "c698e42cc0794fd19b2f9157a8a2c88b_737C4D56-5714-9415-3B54-352BA8936AF3_BOTANYBAYEP1_WORKGROUP",
"script.type": "powershell",
"host.os.build": "19045",
"host.ip": "10.1.9.51",
"host.ip": [
"10.1.9.51"
],
"script.version": "2.3.141.0",
"host.hostname": "BOTANYBAYEP1",
"host.hardware.manufacturer": "VMware, Inc.",
Expand All @@ -26,7 +28,9 @@
"host.id": "c698e42cc0794fd19b2f9157a8a2c88b_737C4D56-5714-9415-3B54-352BA8936AF3_BOTANYBAYEP1_WORKGROUP",
"device.class": "System",
"host.biossn": "737C4D56-5714-9415-3B54-352BA8936AF3",
"host.mac": "00:0C:29:93:6A:F3",
"host.mac": [
"00:0C:29:93:6A:F3"
],
"device.friendly_name": "Motherboard resources",
"host.oem.model": "",
"host.uptime": "560978.5582333",
Expand Down
Loading