Skip to content

Commit

Permalink
Set source.bytes/packets for uni-directional netflow (elastic#14111)
Browse files Browse the repository at this point in the history 
This populates the `source.bytes` and `source.packets` fields for uni-directional netflow events. Previously only `network.bytes`/`network.packets` would be set. The input would already populate the source fields for bi-directional flows.

This also fixes an issue where the totals in `network.bytes` and `network.packets` were incorrectly calculated for bi-directional flows.

Closes elastic#11473
  • Loading branch information
@andrewkroh @jorgemarey
andrewkroh authored and jorgemarey committed Dec 13, 2019
1 parent f243c2f commit 928ec7c
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.next.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Fix cisco module's asa and ftd filesets parsing of domain names where an IP address is expected. {issue}14034[14034]
- Fixed increased memory usage with large files when multiline pattern does not match. {issue}14068[14068]
- panw module: Use geo.name instead of geo.country_iso_code for free-form location. {issue}13272[13272]
- Fix calculation of `network.bytes` and `network.packets` for bi-directional netflow events. {pull}14111[14111]

*Heartbeat*

Expand Down Expand Up @@ -208,6 +209,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Add ExpandEventListFromField config option in the kafka input. {pull}13965[13965]
- Add ELB fileset to AWS module. {pull}14020[14020]
- Add module for MISP (Malware Information Sharing Platform). {pull}13805[13805]
- Add `source.bytes` and `source.packets` for uni-directional netflow events. {pull}14111[14111]

*Heartbeat*

Expand Down

0 comments on commit 928ec7c

Please sign in to comment.