adding support for epoch in seconds

[P1llus]

What does this PR do?

Certain versions of fortinet handles the eventtime field in seconds instead of milliseconds, added support for that datetime format

Why is it important?

Adds support for certain fields that can be calculated incorrectly on certain versions.

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
  - [ ] I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

[elasticmachine]

Pinging @elastic/siem (Team:SIEM)

[elasticmachine]

💔 Build Failed

Expand to view the summary

Build stats

• Build Cause: [P1llus commented: jenkins run tests]

• Start Time: 2020-07-14T08:53:06.294+0000

• Duration: 34 min 51 sec

Test stats 🧪

Test	Results
Failed	0
Passed	1671
Skipped	384
Total	2055

Steps errors

Expand to view the steps failures

• Name: Mage update build test

  • Description: mage update build test

  • Duration: 5 min 29 sec

  • Start Time: 2020-07-14T09:17:00.465+0000

  • log

• Name: Report to Codecov

  • Description: curl -sSLo codecov https://codecov.io/bash for i in auditbeat filebeat heartbeat libbeat metricbeat packetbeat winlogbeat journalbeat do FILE="${i}/build/coverage/full.cov" if [ -f "${FILE}" ]; then bash codecov -f "${FILE}" fi done

  • Duration: 1 min 27 sec

  • Start Time: 2020-07-14T09:18:49.286+0000

  • log

Log output

Expand to view the last 100 lines of log output

[2020-07-14T09:22:29.955Z] Recording test results
[2020-07-14T09:22:31.507Z] Stashed 2 file(s)
[2020-07-14T09:22:31.519Z] Archiving artifacts
[2020-07-14T09:22:32.246Z] + curl -sSLo codecov https://codecov.io/bash
[2020-07-14T09:22:32.507Z] + FILE=auditbeat/build/coverage/full.cov
[2020-07-14T09:22:32.507Z] + [ -f auditbeat/build/coverage/full.cov ]
[2020-07-14T09:22:32.507Z] + FILE=filebeat/build/coverage/full.cov
[2020-07-14T09:22:32.507Z] + [ -f filebeat/build/coverage/full.cov ]
[2020-07-14T09:22:32.507Z] + FILE=heartbeat/build/coverage/full.cov
[2020-07-14T09:22:32.507Z] + [ -f heartbeat/build/coverage/full.cov ]
[2020-07-14T09:22:32.507Z] + FILE=libbeat/build/coverage/full.cov
[2020-07-14T09:22:32.507Z] + [ -f libbeat/build/coverage/full.cov ]
[2020-07-14T09:22:32.507Z] + FILE=metricbeat/build/coverage/full.cov
[2020-07-14T09:22:32.507Z] + [ -f metricbeat/build/coverage/full.cov ]
[2020-07-14T09:22:32.507Z] + FILE=packetbeat/build/coverage/full.cov
[2020-07-14T09:22:32.507Z] + [ -f packetbeat/build/coverage/full.cov ]
[2020-07-14T09:22:32.507Z] + FILE=winlogbeat/build/coverage/full.cov
[2020-07-14T09:22:32.507Z] + [ -f winlogbeat/build/coverage/full.cov ]
[2020-07-14T09:22:32.507Z] + FILE=journalbeat/build/coverage/full.cov
[2020-07-14T09:22:32.507Z] + [ -f journalbeat/build/coverage/full.cov ]
[2020-07-14T09:22:33.795Z] Failed in branch Filebeat x-pack
[2020-07-14T09:23:41.739Z] >> go test: Unit Testing
[2020-07-14T09:25:03.239Z] SUMMARY:
[2020-07-14T09:25:03.239Z]   Fail:     0
[2020-07-14T09:25:03.239Z]   Skip:     7
[2020-07-14T09:25:03.239Z]   Pass:     545
[2020-07-14T09:25:03.239Z]   Packages: 20
[2020-07-14T09:25:03.239Z]   Duration: 1m20.3895338s
[2020-07-14T09:25:03.239Z]   Coverage Report: C:\Users\jenkins\workspace\Beats_beats_PR-19512\src\github.com\elastic\beats\x-pack\filebeat\build\TEST-go-unit.html
[2020-07-14T09:25:03.239Z]   JUnit Report:    C:\Users\jenkins\workspace\Beats_beats_PR-19512\src\github.com\elastic\beats\x-pack\filebeat\build\TEST-go-unit.xml
[2020-07-14T09:25:03.239Z]   Output File:     C:\Users\jenkins\workspace\Beats_beats_PR-19512\src\github.com\elastic\beats\x-pack\filebeat\build\TEST-go-unit.out
[2020-07-14T09:25:03.239Z] >> go test: Unit Test Passed
[2020-07-14T09:25:18.368Z] >> python test: Unit Testing
[2020-07-14T09:25:28.347Z] WARNING: You are using pip version 19.2.3, however version 20.1.1 is available.
[2020-07-14T09:25:28.347Z] You should consider upgrading via the 'python -m pip install --upgrade pip' command.
[2020-07-14T09:26:24.587Z] WARNING: You are using pip version 19.2.3, however version 20.1.1 is available.
[2020-07-14T09:26:24.587Z] You should consider upgrading via the 'python -m pip install --upgrade pip' command.
[2020-07-14T09:26:28.289Z] .......SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
[2020-07-14T09:26:28.289Z] [success] 15.96% test_http_endpoint.Test.test_http_endpoint_request: 1.7051s
[2020-07-14T09:26:28.289Z] [success] 14.39% test_http_endpoint.Test.test_http_endpoint_empty_body: 1.5379s
[2020-07-14T09:26:28.289Z] [success] 14.10% test_http_endpoint.Test.test_http_endpoint_malformed_json: 1.5071s
[2020-07-14T09:26:28.289Z] [success] 14.00% test_http_endpoint.Test.test_http_endpoint_wrong_auth_value: 1.4964s
[2020-07-14T09:26:28.289Z] [success] 13.94% test_http_endpoint.Test.test_http_endpoint_wrong_content_header: 1.4894s
[2020-07-14T09:26:28.289Z] [success] 13.88% test_http_endpoint.Test.test_http_endpoint_missing_auth_value: 1.4829s
[2020-07-14T09:26:28.289Z] [success] 13.73% test_http_endpoint.Test.test_http_endpoint_get_request: 1.4672s
[2020-07-14T09:26:28.289Z] ----------------------------------------------------------------------
[2020-07-14T09:26:28.289Z] Ran 128 tests in 10.701s
[2020-07-14T09:26:28.289Z] 
[2020-07-14T09:26:28.289Z] OK (SKIP=121)
[2020-07-14T09:26:28.549Z] >> python test: Unit Testing Complete
[2020-07-14T09:26:28.618Z] Recording test results
[2020-07-14T09:26:31.307Z] Stashed 2 file(s)
[2020-07-14T09:26:31.319Z] Archiving artifacts
[2020-07-14T09:26:35.837Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-19512/src/github.com/elastic/beats
[2020-07-14T09:26:36.139Z] + find . -type f -name TEST*.xml -path */build/* -delete
[2020-07-14T09:26:36.151Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-19512/src/github.com/elastic/beats/Lint
[2020-07-14T09:26:36.231Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-19512/src/github.com/elastic/beats/Filebeat-x-pack-Mac-OS-X
[2020-07-14T09:26:36.302Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-19512/src/github.com/elastic/beats/Filebeat-x-pack
[2020-07-14T09:26:36.384Z] Running in /var/lib/jenkins/workspace/Beats_beats_PR-19512/src/github.com/elastic/beats/Filebeat-x-pack-Windows
[2020-07-14T09:26:36.749Z] + cat
[2020-07-14T09:26:36.749Z] + /usr/local/bin/runbld ./runbld-script
[2020-07-14T09:26:36.749Z] Picked up JAVA_TOOL_OPTIONS: -Dfile.encoding=UTF8
[2020-07-14T09:26:43.361Z] runbld>>> runbld started
[2020-07-14T09:26:43.361Z] runbld>>> 1.6.12/f45d832f2ba0aa2722ab4ec1fda8ad140f027f8b
[2020-07-14T09:26:45.283Z] runbld>>> The following profiles matched the job 'Beats/beats/PR-19512' in order of occurrence in the config (last value wins).
[2020-07-14T09:26:46.674Z] runbld>>> Debug logging enabled.
[2020-07-14T09:26:46.674Z] runbld>>> Storing result
[2020-07-14T09:26:46.936Z] runbld>>> Store result: created {:total 2, :successful 2, :failed 0} 1
[2020-07-14T09:26:46.936Z] runbld>>> BUILD: https://c150076387b5421f9154dfbf536e5c60.us-west1.gcp.cloud.es.io:9243/build-1587637540455/t/20200714092646-6A4B0349
[2020-07-14T09:26:46.936Z] runbld>>> Adding system facts.
[2020-07-14T09:26:47.881Z] runbld>>> Adding vcs info for the latest commit:  020e4dc0db18fcb4d986e43deae2988789fedc8d
[2020-07-14T09:26:47.881Z] runbld>>> >>>>>>>>>>>> SCRIPT EXECUTION BEGIN >>>>>>>>>>>>
[2020-07-14T09:26:47.881Z] runbld>>> Adding /usr/lib/jvm/java-8-openjdk-amd64/bin to the path.
[2020-07-14T09:26:47.881Z] Processing JUnit reports with runbld...
[2020-07-14T09:26:47.881Z] + echo 'Processing JUnit reports with runbld...'
[2020-07-14T09:26:48.144Z] runbld>>> <<<<<<<<<<<< SCRIPT EXECUTION END <<<<<<<<<<<<
[2020-07-14T09:26:48.144Z] runbld>>> DURATION: 27ms
[2020-07-14T09:26:48.144Z] runbld>>> STDOUT: 40 bytes
[2020-07-14T09:26:48.144Z] runbld>>> STDERR: 49 bytes
[2020-07-14T09:26:48.144Z] runbld>>> WRAPPED PROCESS: SUCCESS (0)
[2020-07-14T09:26:48.144Z] runbld>>> Searching for build metadata in /var/lib/jenkins/workspace/Beats_beats_PR-19512/src/github.com/elastic/beats
[2020-07-14T09:26:49.090Z] runbld>>> Storing build metadata: 
[2020-07-14T09:26:49.090Z] runbld>>> Adding test report.
[2020-07-14T09:26:49.090Z] runbld>>> Searching for junit test output files with the pattern: TEST-.*\.xml$ in: /var/lib/jenkins/workspace/Beats_beats_PR-19512/src/github.com/elastic/beats
[2020-07-14T09:26:50.034Z] runbld>>> Found 6 test output files
[2020-07-14T09:26:50.608Z] runbld>>> Test output logs contained: Errors: 0 Failures: 0 Tests: 2055 Skipped: 363
[2020-07-14T09:26:50.608Z] runbld>>> Storing result
[2020-07-14T09:26:50.608Z] runbld>>> FAILURES: 0
[2020-07-14T09:26:50.869Z] runbld>>> Store result: updated {:total 2, :successful 2, :failed 0} 2
[2020-07-14T09:26:50.869Z] runbld>>> BUILD: https://c150076387b5421f9154dfbf536e5c60.us-west1.gcp.cloud.es.io:9243/build-1587637540455/t/20200714092646-6A4B0349
[2020-07-14T09:26:51.130Z] runbld>>> Email notification disabled by environment variable.
[2020-07-14T09:26:51.130Z] runbld>>> Slack notification disabled by environment variable.
[2020-07-14T09:26:56.646Z] Running on Jenkins in /var/lib/jenkins/workspace/Beats_beats_PR-19512
[2020-07-14T09:26:56.746Z] [INFO] getVaultSecret: Getting secrets
[2020-07-14T09:26:56.818Z] Masking supported pattern matches of $VAULT_ADDR or $VAULT_ROLE_ID or $VAULT_SECRET_ID
[2020-07-14T09:26:57.628Z] + chmod 755 generate-build-data.sh
[2020-07-14T09:26:57.628Z] + ./generate-build-data.sh https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-19512/ https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-19512/runs/7 FAILURE 2031073
[2020-07-14T09:26:57.628Z] INFO: curl https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-19512/runs/7/steps/?limit=10000 -o steps-info.json
[2020-07-14T09:26:57.878Z] INFO: curl https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-19512/runs/7/tests/?status=FAILED -o tests-errors.json
[2020-07-14T09:26:58.129Z] INFO: curl https://beats-ci.elastic.co/blue/rest/organizations/jenkins/pipelines/Beats/beats/PR-19512/runs/7/log/ -o pipeline-log.txt

[P1llus]

Seems like a small issue for the date formatter to compare between UNIX and UNIX_MS in the same processor, so trying to fix that, let's wait for all tests to complete first now, last one failed because one date field changed

[P1llus]

jenkins run tests

[P1llus]

jenkins run tests