From f8fa10e00e7abc8f5cecf131d947dfa29ee2a2f4 Mon Sep 17 00:00:00 2001 From: Mariana Dima Date: Mon, 26 Jul 2021 14:41:35 +0100 Subject: [PATCH] Re-adding pipeline changes removed by mistake (#1353) * re-add functionality which was accidentally removed * add changes * changelog --- packages/azure/changelog.yml | 5 ++++ .../elasticsearch/ingest_pipeline/default.yml | 23 +++++++++++++++++++ packages/azure/manifest.yml | 2 +- 3 files changed, 29 insertions(+), 1 deletion(-) diff --git a/packages/azure/changelog.yml b/packages/azure/changelog.yml index 51eb307353f..d6b29a29aae 100644 --- a/packages/azure/changelog.yml +++ b/packages/azure/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.5.1" + changes: + - description: Re-add pipeline changes for invalid json + type: enhancement + link: https://github.com/elastic/integrations/pull/1353 - version: "0.5.0" changes: - description: Add input groups diff --git a/packages/azure/data_stream/platformlogs/elasticsearch/ingest_pipeline/default.yml b/packages/azure/data_stream/platformlogs/elasticsearch/ingest_pipeline/default.yml index 86c0c733eab..6e1fe3fa0a6 100644 --- a/packages/azure/data_stream/platformlogs/elasticsearch/ingest_pipeline/default.yml +++ b/packages/azure/data_stream/platformlogs/elasticsearch/ingest_pipeline/default.yml @@ -23,6 +23,29 @@ processors: - json: field: event.original target_field: azure.platformlogs + on_failure: + - grok: + field: event.original + patterns: + - "resourceId\": ?\"%{DATA:azure.platformlogs.resourceId}\"" + ignore_failure: true + ignore_missing: true + - grok: + field: event.original + patterns: + - "category\": ?\"%{DATA:azure.platformlogs.category}\"" + ignore_failure: true + ignore_missing: true + - grok: + field: event.original + patterns: + - "time\": ?\"%{DATA:azure.platformlogs.time}\"" + ignore_failure: true + ignore_missing: true + - set: + field: error.message + value: 'invalid json log' + ignore_failure: true - date: field: azure.platformlogs.time target_field: '@timestamp' diff --git a/packages/azure/manifest.yml b/packages/azure/manifest.yml index b7e09593d4e..33f83a728cd 100644 --- a/packages/azure/manifest.yml +++ b/packages/azure/manifest.yml @@ -1,6 +1,6 @@ name: azure title: Azure Logs -version: 0.5.0 +version: 0.5.1 release: beta description: Azure Logs Integration type: integration