Skip to content

Commit

Permalink
Remove wrongly mapped field and bump ecs version
Browse files Browse the repository at this point in the history
  • Loading branch information
@marc-gr
marc-gr committed Sep 7, 2020
1 parent 28aca3e commit 7119527
Show file tree
Hide file tree
Showing 7 changed files with 4 additions and 20 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Fix event types and categories in auditd module to comply with ECS {pull}20652[20652]
- Update documentation in the azure module filebeat. {pull}20815[20815]
- Provide backwards compatibility for the `set` processor when Elasticsearch is less than 7.9.0. {pull}20908[20908]
- Remove wrongly mapped `tls.client.server_name` from `fortinet/firewall` fileset. {pull}20983[20983]

*Heartbeat*

Expand Down
7 changes: 0 additions & 7 deletions filebeat/docs/fields.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52955,13 +52955,6 @@ type: keyword

--

*`tls.server.server_name`*::
+
--
type: keyword

--

[float]
=== fortinet

Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/fortinet/fields.go
View file

Large diffs are not rendered by default.

3 changes: 0 additions & 3 deletions x-pack/filebeat/module/fortinet/firewall/_meta/fields.yml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,3 @@
- name: tls.server.server_name
type: keyword

- name: fortinet
type: group
description: >
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/fortinet/firewall/config/firewall.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,4 @@ processors:
- add_fields:
target: ''
fields:
ecs.version: 1.5.0
ecs.version: 1.6.0
6 changes: 1 addition & 5 deletions x-pack/filebeat/module/fortinet/firewall/ingest/utm.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -295,12 +295,8 @@ processors:
ignore_missing: true
- rename:
field: fortinet.firewall.scertcname
target_field: tls.server.server_name
target_field: tls.server.x509.subject.common_name
ignore_missing: true
- set:
field: tls.server.x509.subject.common_name
value: "{{tls.server.server_name}}"
ignore_empty_value: true
- rename:
field: fortinet.firewall.scertissuer
target_field: tls.server.issuer
Expand Down
3 changes: 0 additions & 3 deletions x-pack/filebeat/module/fortinet/firewall/test/fortinet.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,7 +289,6 @@
"fortinet-firewall",
"forwarded"
],
"tls.server.server_name": "test.elastic.co",
"tls.server.x509.subject.common_name": "test.elastic.co",
"url.domain": "elastic.co",
"url.path": "/"
Expand Down Expand Up @@ -364,7 +363,6 @@
"fortinet-firewall",
"forwarded"
],
"tls.server.server_name": "test.elastic.co",
"tls.server.x509.subject.common_name": "test.elastic.co",
"url.domain": "elastic.co",
"url.path": "/"
Expand Down Expand Up @@ -1937,7 +1935,6 @@
"forwarded"
],
"tls.server.issuer": "DigiCert SHA2 High Assurance Server CA",
"tls.server.server_name": "*.dailymotion.com",
"tls.server.x509.issuer.common_name": "DigiCert SHA2 High Assurance Server CA",
"tls.server.x509.subject.common_name": "*.dailymotion.com",
"url.domain": "www.dailymotion.com",
Expand Down

0 comments on commit 7119527

Please sign in to comment.