Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

junipersrx-module initial release #20017

Merged
merged 15 commits into from
Oct 6, 2020
Merged

junipersrx-module initial release #20017

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
2add7cb
junipersrx-module initial release
StefanSa Jul 17, 2020
1552e9e
stashing changes for later
P1llus Aug 19, 2020
8a315be
Initial MVP release ready for review
P1llus Aug 20, 2020
cbc0d5b
updating a comment in pipeline.yml
P1llus Aug 20, 2020
a3f859b
updating filebeat.reference.yml
P1llus Sep 22, 2020
5902c5e
Small fix for docs
adriansr Sep 24, 2020
327f3f4
Fix parsing of juniper.srx.timestamp
adriansr Sep 24, 2020
5aa0753
Fix bad samples
adriansr Sep 24, 2020
b5c3b1b
Remove some fields to make the index-pattern smaller
adriansr Sep 24, 2020
e97a8ae
Missing update
adriansr Sep 24, 2020
136548b
Fix var.tags and disable_host when forwarded
adriansr Oct 2, 2020
2e5f9aa
Add related fields
adriansr Oct 2, 2020
d643ea3
Add changelog entry
adriansr Oct 5, 2020
25fc2a5
Remove unused file
adriansr Oct 5, 2020
d9f8d98
Merge branch 'master' into junipersrx-module
marc-gr Oct 6, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix var.tags and disable_host when forwarded
  • Loading branch information
@adriansr
adriansr committed Oct 5, 2020
commit 136548b56025963a567ceb60860cb6b60c5c9f71
4 changes: 2 additions & 2 deletions x-pack/filebeat/module/juniper/netscreen/test/generated.log-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2399,8 +2399,8 @@
"observer.type": "Firewall",
"observer.vendor": "Juniper",
"related.ip": [
"10.119.181.171",
"10.166.144.66"
"10.166.144.66",
"10.119.181.171"
],
"rsa.internal.messageid": "00625",
"rsa.misc.hardware_id": "dol",
Expand Down
3 changes: 2 additions & 1 deletion x-pack/filebeat/module/juniper/srx/config/srx.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,8 @@ exclude_files: [".gz$"]

{{ end }}

tags: {{.tags}}
tags: {{.tags | tojson}}
publisher_pipeline.disable_host: {{ inList .tags "forwarded" }}

processors:
- add_locale: ~
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/juniper/srx/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ var:
- name: syslog_host
default: localhost
- name: tags
default: [juniper-srx, forwarded]
default: ["juniper.srx", "forwarded"]
- name: syslog_port
default: 9006
- name: input
Expand Down
14 changes: 10 additions & 4 deletions x-pack/filebeat/module/juniper/srx/test/atp.log-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
"destination.geo.city_name": "Juazeiro do Norte",
"destination.geo.continent_name": "South America",
"destination.geo.country_iso_code": "BR",
"destination.geo.country_name": "Brazil",
"destination.geo.location.lat": -7.1467,
"destination.geo.location.lon": -39.247,
"destination.geo.region_iso_code": "BR-CE",
Expand Down Expand Up @@ -57,7 +58,8 @@
"source.port": 57116,
"source.user.name": "user1",
"tags": [
"juniper-srx forwarded"
"juniper.srx",
"forwarded"
],
"url.domain": "www.mytest.com"
},
Expand Down Expand Up @@ -100,7 +102,8 @@
"source.ip": "192.0.2.0",
"source.user.name": "admin",
"tags": [
"juniper-srx forwarded"
"juniper.srx",
"forwarded"
]
},
{
Expand Down Expand Up @@ -142,7 +145,8 @@
"source.domain": "host.example.com",
"source.ip": "192.0.2.0",
"tags": [
"juniper-srx forwarded"
"juniper.srx",
"forwarded"
]
},
{
Expand Down Expand Up @@ -197,12 +201,14 @@
"source.domain": "dummy_host",
"source.geo.continent_name": "Oceania",
"source.geo.country_iso_code": "AU",
"source.geo.country_name": "Australia",
"source.geo.location.lat": -33.494,
"source.geo.location.lon": 143.2104,
"source.ip": "1.1.1.1",
"source.port": 60148,
"tags": [
"juniper-srx forwarded"
"juniper.srx",
"forwarded"
]
}
]
Loading