Rename field and remove not used one

elastic · sayden · May 30, 2019 · May 7, 2019 · May 7, 2019 · May 8, 2019
commit c7d3da202c7b768e96c3a918396259f3771713ce
diff --git a/x-pack/filebeat/module/mssql/fields.go b/x-pack/filebeat/module/mssql/fields.go
diff --git a/x-pack/filebeat/module/mssql/log/_meta/fields.yml b/x-pack/filebeat/module/mssql/log/_meta/fields.yml
@@ -2,9 +2,6 @@
   description: Common log fields
   type: group
   fields:
-    - name: source
+    - name: origin
       description: Origin of the message, usually the server but it can also be a recovery process
       type: text
-    - name: msg
-      description: Text of the message
-      type: text
diff --git a/x-pack/filebeat/module/mssql/log/ingest/pipeline.json b/x-pack/filebeat/module/mssql/log/ingest/pipeline.json
@@ -4,7 +4,7 @@
         {
             "grok": {
                 "field": "message",
-                "patterns": ["%{MSSQL_DATE:date} %{DATA:mssql.log.source} [ ]*%{GREEDYDATA:msg_temp}"],
+                "patterns": ["%{MSSQL_DATE:date} %{DATA:mssql.log.origin} [ ]*%{GREEDYDATA:msg_temp}"],
                 "pattern_definitions": {
                     "MSSQL_DATE":"%{DATA} %{DATA}"
                 }

diff --git a/x-pack/filebeat/module/mssql/log/test/test.log-expected.json b/x-pack/filebeat/module/mssql/log/test/test.log-expected.json
@@ -13,7 +13,7 @@
         "log.offset": 0,
         "log.original": "2019-05-03 09:01:09.99 Server      Microsoft SQL Server 2017 (RTM-CU13) (KB4466404) - 14.0.3048.4 (X64)\n\tNov 30 2018 12:57:58\n\tCopyright (C) 2017 Microsoft Corporation\n\tDeveloper Edition (64-bit) on Linux (Ubuntu 16.04.5 LTS)",
         "message": "Microsoft SQL Server 2017 (RTM-CU13) (KB4466404) - 14.0.3048.4 (X64)",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -27,7 +27,7 @@
         "log.offset": 226,
         "log.original": "2019-05-03 09:01:09.99 Server      UTC adjustment: 0:00",
         "message": "UTC adjustment: 0:00",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -41,7 +41,7 @@
         "log.offset": 282,
         "log.original": "2019-05-03 09:01:09.99 Server      (c) Microsoft Corporation.",
         "message": "(c) Microsoft Corporation.",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -55,7 +55,7 @@
         "log.offset": 344,
         "log.original": "2019-05-03 09:01:09.99 Server      All rights reserved.",
         "message": "All rights reserved.",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -69,7 +69,7 @@
         "log.offset": 400,
         "log.original": "2019-05-03 09:01:10.00 Server      Server process ID is 4124.",
         "message": "Server process ID is 4124.",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -83,7 +83,7 @@
         "log.offset": 462,
         "log.original": "2019-05-03 09:01:10.00 Server      Logging SQL Server messages in file '/var/opt/mssql/log/errorlog'.",
         "message": "Logging SQL Server messages in file '/var/opt/mssql/log/errorlog'.",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -100,7 +100,7 @@
         "log.offset": 564,
         "log.original": "2019-05-03 09:01:10.00 Server      Registry startup parameters:\n\t -d /var/opt/mssql/data/master.mdf\n\t -l /var/opt/mssql/data/mastlog.ldf\n\t -e /var/opt/mssql/log/errorlog",
         "message": "Registry startup parameters:",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -114,7 +114,7 @@
         "log.offset": 734,
         "log.original": "2019-05-03 09:01:10.00 Server      SQL Server detected 1 sockets with 6 cores per socket and 12 logical processors per socket, 12 total logical processors; using 12 logical processors based on SQL Server licensing. This is an informational message; no user action is required.",
         "message": "SQL Server detected 1 sockets with 6 cores per socket and 12 logical processors per socket, 12 total logical processors; using 12 logical processors based on SQL Server licensing. This is an informational message; no user action is required.",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -128,7 +128,7 @@
         "log.offset": 1011,
         "log.original": "2019-05-03 09:01:10.00 Server      SQL Server is starting at normal priority base (=7). This is an informational message only. No user action is required.",
         "message": "SQL Server is starting at normal priority base (=7). This is an informational message only. No user action is required.",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -142,7 +142,7 @@
         "log.offset": 1166,
         "log.original": "2019-05-03 09:01:10.00 Server      Detected 25445 MB of RAM. This is an informational message; no user action is required.",
         "message": "Detected 25445 MB of RAM. This is an informational message; no user action is required.",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -156,7 +156,7 @@
         "log.offset": 1289,
         "log.original": "2019-05-03 09:01:10.00 Server      Using conventional memory in the memory manager.",
         "message": "Using conventional memory in the memory manager.",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -170,7 +170,7 @@
         "log.offset": 1373,
         "log.original": "2019-05-03 09:01:10.01 Server      Large Page Allocated: 32MB",
         "message": "Large Page Allocated: 32MB",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -184,7 +184,7 @@
         "log.offset": 1435,
         "log.original": "2019-05-03 09:01:10.20 Server      Buffer pool extension is already disabled. No action is n",
         "message": "Buffer pool extension is already disabled. No action is n",
-        "mssql.log.source": "Server",
+        "mssql.log.origin": "Server",
         "service.type": "mssql"
     },
     {
@@ -198,7 +198,7 @@
         "log.offset": 1528,
         "log.original": "2019-05-03 09:01:11.93 spid22s     Service Broker manager has started.",
         "message": "Service Broker manager has started.",
-        "mssql.log.source": "spid22s",
+        "mssql.log.origin": "spid22s",
         "service.type": "mssql"
     },
     {
@@ -212,7 +212,7 @@
         "log.offset": 1599,
         "log.original": "2019-05-03 09:01:12.03 spid6s      Recovery is complete. This is an informational message only. No user action is required.",
         "message": "Recovery is complete. This is an informational message only. No user action is required.",
-        "mssql.log.source": "spid6s",
+        "mssql.log.origin": "spid6s",
         "service.type": "mssql"
     }
 ]