Skip to content

Commit

Permalink
[Filebeat] [tests] Keep host.name in forwarded events (#19604) (#19679)
Browse files Browse the repository at this point in the history
Update Filebeat's test_modules.py integration test to not strip the
`host.name` field in events marked as forwarded.

Relates #13920

(cherry picked from commit 156c87b)
  • Loading branch information
adriansr authored Jul 14, 2020
1 parent 19b1aec commit eeda621
Show file tree
Hide file tree
Showing 15 changed files with 352 additions and 1 deletion.
6 changes: 5 additions & 1 deletion filebeat/tests/system/test_modules.py
Original file line number Diff line number Diff line change
Expand Up @@ -218,7 +218,11 @@ def _test_expected_events(self, test_file, objects):

def clean_keys(obj):
# These keys are host dependent
host_keys = ["host.name", "agent.name", "agent.hostname", "agent.type", "agent.ephemeral_id", "agent.id"]
host_keys = ["agent.name", "agent.hostname", "agent.type", "agent.ephemeral_id", "agent.id"]
# Strip host.name if event is not tagged as `forwarded`.
if "tags" not in obj or "forwarded" not in obj["tags"]:
host_keys.append("host.name")

# The create timestamps area always new
time_keys = ["event.created"]
# source path and agent.version can be different for each run
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 0,
Expand All @@ -26,6 +27,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 194,
Expand All @@ -45,6 +47,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 386,
Expand All @@ -64,6 +67,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 568,
Expand All @@ -83,6 +87,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 774,
Expand All @@ -102,6 +107,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 943,
Expand All @@ -121,6 +127,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 1072,
Expand All @@ -140,6 +147,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 1191,
Expand All @@ -159,6 +167,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 1316,
Expand All @@ -178,6 +187,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 1440,
Expand All @@ -197,6 +207,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 1575,
Expand All @@ -216,6 +227,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 1721,
Expand All @@ -235,6 +247,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 1867,
Expand All @@ -254,6 +267,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 1984,
Expand All @@ -273,6 +287,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 2128,
Expand All @@ -292,6 +307,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 2285,
Expand All @@ -311,6 +327,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 2436,
Expand All @@ -330,6 +347,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 2580,
Expand All @@ -349,6 +367,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 2737,
Expand All @@ -368,6 +387,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 2888,
Expand All @@ -387,6 +407,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 3032,
Expand All @@ -406,6 +427,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 3143,
Expand All @@ -425,6 +447,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 3267,
Expand All @@ -444,6 +467,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 3440,
Expand All @@ -463,6 +487,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 3564,
Expand All @@ -482,6 +507,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 3739,
Expand All @@ -501,6 +527,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 3874,
Expand All @@ -520,6 +547,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 4002,
Expand All @@ -539,6 +567,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 4113,
Expand All @@ -558,6 +587,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 4238,
Expand All @@ -577,6 +607,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 4357,
Expand All @@ -596,6 +627,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 4492,
Expand All @@ -615,6 +647,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 4686,
Expand All @@ -634,6 +667,7 @@
"event.severity": 7,
"event.timezone": "-02:00",
"fileset.name": "ftd",
"host.name": "siem-management",
"input.type": "log",
"log.level": "debug",
"log.offset": 4870,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
"start"
],
"fileset.name": "falcon",
"host.name": "hostnameofmachine",
"input.type": "log",
"log.flags": [
"multiline"
Expand Down Expand Up @@ -52,6 +53,7 @@
"end"
],
"fileset.name": "falcon",
"host.name": "hostnameofmachine",
"input.type": "log",
"log.flags": [
"multiline"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@
"file.hash.md5": "ac4c51eb24aa95b77f705ab159189e24",
"file.hash.sha256": "6a671b92a69755de6fd063fcbe4ba926d83b49f78c42dbaeed8cdb6bbc57576a",
"fileset.name": "falcon",
"host.name": "alice-laptop",
"input.type": "log",
"log.flags": [
"multiline"
Expand Down
Loading

0 comments on commit eeda621

Please sign in to comment.