Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[filebeat][fortinet] Use default add_locale for fortinet.firewall #26524

Merged
merged 2 commits into from
Jun 30, 2021

Conversation

marc-gr
Copy link
Contributor

@marc-gr marc-gr commented Jun 28, 2021

What does this PR do?

  • Adds a add_locale default processor to fortinet.firewall
  • Uses event.timezone on the ingest pipeline
  • Adds documentation about how to set a custom timezone

Why is it important?

It has been a recurrent request to be able to set a custom timezone to fortinet.firewall.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Related issues

@elasticmachine
Copy link
Collaborator

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Jun 28, 2021
@marc-gr marc-gr requested review from jsoriano and P1llus June 28, 2021 13:33
@marc-gr marc-gr added the needs_integration_sync Changes in this PR need synced to elastic/integrations. label Jun 28, 2021
@elasticmachine
Copy link
Collaborator

elasticmachine commented Jun 28, 2021

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Pull request #26524 updated

  • Start Time: 2021-06-30T08:46:18.885+0000

  • Duration: 123 min 20 sec

  • Commit: 414c2f9

Test stats 🧪

Test Results
Failed 0
Passed 14126
Skipped 2311
Total 16437

Trends 🧪

Image of Build Times

Image of Tests

💚 Flaky test report

Tests succeeded.

Expand to view the summary

Test stats 🧪

Test Results
Failed 0
Passed 14126
Skipped 2311
Total 16437

@legoguy1000
Copy link
Contributor

Doesn't this cause issue if the firewall isn't in the same timezone as Filebeat??

@marc-gr
Copy link
Contributor Author

marc-gr commented Jun 29, 2021

/test

@marc-gr
Copy link
Contributor Author

marc-gr commented Jun 29, 2021

Doesn't this cause issue if the firewall isn't in the same timezone as Filebeat??

If that is the case, the timezone can be deleted or overwritten. The docs have been updated with https://github.com/elastic/beats/blob/7df6d010f2cdfdeced76e335049ae0fe78e4d1ea/filebeat/docs/include/timezone-support.asciidoc as per @jsoriano suggestion in #20300 (comment).

Hope that makes sense 👍

Copy link
Member

@jsoriano jsoriano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This pipeline has several date processors, I wonder if same timezone should be used in all of them.

Copy link
Member

@P1llus P1llus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, seems the other reviews already catched the issues :)

@mergify
Copy link
Contributor

mergify bot commented Jun 29, 2021

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b feat-20300 upstream/feat-20300
git merge upstream/master
git push upstream feat-20300

@marc-gr marc-gr force-pushed the feat-20300 branch 2 times, most recently from 937b8b4 to 5504dc2 Compare June 30, 2021 07:33
Copy link
Member

@jsoriano jsoriano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@marc-gr marc-gr merged commit 5d258c8 into elastic:master Jun 30, 2021
@marc-gr marc-gr deleted the feat-20300 branch June 30, 2021 11:54
mergify bot pushed a commit that referenced this pull request Jun 30, 2021
…6524)

* Use default add_locale for fortinet.firewall

* Use event.timezone in all date processors

(cherry picked from commit 5d258c8)
mdelapenya added a commit to mdelapenya/beats that referenced this pull request Jul 1, 2021
* master:
  [MetricBeat] [AWS] Fix aws metric tags with resourcegroupstaggingapi paginator (elastic#26385) (elastic#26443)
  Move openmetrics module to oss (elastic#26561)
  Skip flaky test TestFilestreamMetadataUpdatedOnRename (elastic#26609)
  [filebeat][fortinet] Use default add_locale for fortinet.firewall (elastic#26524)
  Enroll proxy settings (elastic#26514)
marc-gr added a commit that referenced this pull request Jul 1, 2021
…6524) (#26611)

* Use default add_locale for fortinet.firewall

* Use event.timezone in all date processors

(cherry picked from commit 5d258c8)

Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com>
@marc-gr marc-gr added the v7.14.0 label Jul 1, 2021
marc-gr added a commit to marc-gr/beats that referenced this pull request Jul 1, 2021
…astic#26524)

* Use default add_locale for fortinet.firewall

* Use event.timezone in all date processors

(cherry picked from commit 5d258c8)
mergify bot pushed a commit that referenced this pull request Jul 1, 2021
…6524)

* Use default add_locale for fortinet.firewall

* Use event.timezone in all date processors

(cherry picked from commit 5d258c8)
marc-gr added a commit to marc-gr/beats that referenced this pull request Jul 1, 2021
…astic#26524)

* Use default add_locale for fortinet.firewall

* Use event.timezone in all date processors

(cherry picked from commit 5d258c8)
marc-gr added a commit that referenced this pull request Jul 1, 2021
…6524) (#26660)

* Use default add_locale for fortinet.firewall

* Use event.timezone in all date processors

(cherry picked from commit 5d258c8)
v1v added a commit to v1v/beats that referenced this pull request Jul 5, 2021
…stage-failed-within-same-build

* upstream/master: (36 commits)
  Revert "[CI] fight the flakiness with some retry option in the CI only for the Pull Requests (elastic#26617)" (elastic#26704)
  Packaging: linux/armv7 is not supported (elastic#26706)
  Cyberarkpas: Link to official docs on how to setup TLS (elastic#26614)
  Make network_direction, registered_domain and convert processors compatible with ES older than 7.13.0 (elastic#26676)
  Disable armv7 packaging (elastic#26679)
  [Heartbeat] use --params flag for synthetics (elastic#26674)
  Update dependent package to avoid downloading a suspicious file (elastic#26406)
  [mergify] set title and allow bp in any direction (elastic#26648)
  Fix memory leak in SQL helper when database is not available (elastic#26607)
  [CI] fight the flakiness with some retry option in the CI only for the Pull Requests (elastic#26617)
  [mergify] automate PRs that change the backport rules (elastic#26641)
  [Metricbeat] Add Airflow module in xpack (elastic#26220)
  chore: add-backport-next (elastic#26620)
  [metricbeat] Add state_job metricset (elastic#26479)
  CI: jenkins labels are less time consuming now (elastic#26613)
  [MetricBeat] [AWS] Fix aws metric tags with resourcegroupstaggingapi paginator (elastic#26385) (elastic#26443)
  Move openmetrics module to oss (elastic#26561)
  Skip flaky test TestFilestreamMetadataUpdatedOnRename (elastic#26609)
  [filebeat][fortinet] Use default add_locale for fortinet.firewall (elastic#26524)
  Enroll proxy settings (elastic#26514)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport-v7.14.0 Automated backport with mergify enhancement needs_integration_sync Changes in this PR need synced to elastic/integrations. v7.14.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Filebeat][Fortinet] Add the ability to set a default timezone in fortinet config
5 participants