diff --git a/x-pack/filebeat/module/barracuda/waf/ingest/pipeline.yml b/x-pack/filebeat/module/barracuda/waf/ingest/pipeline.yml index 1616836706d..8f0ef057c18 100644 --- a/x-pack/filebeat/module/barracuda/waf/ingest/pipeline.yml +++ b/x-pack/filebeat/module/barracuda/waf/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Barracuda Web Application Firewall processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/bluecoat/director/ingest/pipeline.yml b/x-pack/filebeat/module/bluecoat/director/ingest/pipeline.yml index 8f8064017d4..9d462241ae8 100644 --- a/x-pack/filebeat/module/bluecoat/director/ingest/pipeline.yml +++ b/x-pack/filebeat/module/bluecoat/director/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Blue Coat Director processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/cisco/nexus/ingest/pipeline.yml b/x-pack/filebeat/module/cisco/nexus/ingest/pipeline.yml index 33dda070fcb..ae975fb7e86 100644 --- a/x-pack/filebeat/module/cisco/nexus/ingest/pipeline.yml +++ b/x-pack/filebeat/module/cisco/nexus/ingest/pipeline.yml @@ -2,6 +2,10 @@ description: Pipeline for Cisco Nexus processors: + # ECS event.ingested + - set: + field: event.ingested + value: '{{_ingest.timestamp}}' # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/cylance/protect/ingest/pipeline.yml b/x-pack/filebeat/module/cylance/protect/ingest/pipeline.yml index 286058aea62..4df5148c770 100644 --- a/x-pack/filebeat/module/cylance/protect/ingest/pipeline.yml +++ b/x-pack/filebeat/module/cylance/protect/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for CylanceProtect processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/f5/bigipapm/ingest/pipeline.yml b/x-pack/filebeat/module/f5/bigipapm/ingest/pipeline.yml index 2de20fc1a50..e8059307928 100644 --- a/x-pack/filebeat/module/f5/bigipapm/ingest/pipeline.yml +++ b/x-pack/filebeat/module/f5/bigipapm/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Big-IP Access Policy Manager processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/fortinet/clientendpoint/ingest/pipeline.yml b/x-pack/filebeat/module/fortinet/clientendpoint/ingest/pipeline.yml index 1fd14e58bd6..36997bc4379 100644 --- a/x-pack/filebeat/module/fortinet/clientendpoint/ingest/pipeline.yml +++ b/x-pack/filebeat/module/fortinet/clientendpoint/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Fortinet FortiClient Endpoint Security processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/imperva/securesphere/ingest/pipeline.yml b/x-pack/filebeat/module/imperva/securesphere/ingest/pipeline.yml index 63671e09e97..3ff3b353c28 100644 --- a/x-pack/filebeat/module/imperva/securesphere/ingest/pipeline.yml +++ b/x-pack/filebeat/module/imperva/securesphere/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Imperva SecureSphere processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/infoblox/nios/ingest/pipeline.yml b/x-pack/filebeat/module/infoblox/nios/ingest/pipeline.yml index cc784492797..3b42b82526b 100644 --- a/x-pack/filebeat/module/infoblox/nios/ingest/pipeline.yml +++ b/x-pack/filebeat/module/infoblox/nios/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Infoblox NIOS processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/juniper/junos/ingest/pipeline.yml b/x-pack/filebeat/module/juniper/junos/ingest/pipeline.yml index 64ad00379f7..afa4b02bec4 100644 --- a/x-pack/filebeat/module/juniper/junos/ingest/pipeline.yml +++ b/x-pack/filebeat/module/juniper/junos/ingest/pipeline.yml @@ -2,6 +2,10 @@ description: Pipeline for Juniper JUNOS processors: + # ECS event.ingested + - set: + field: event.ingested + value: '{{_ingest.timestamp}}' # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/microsoft/dhcp/ingest/pipeline.yml b/x-pack/filebeat/module/microsoft/dhcp/ingest/pipeline.yml index fd43032ff6e..7c917d05c81 100644 --- a/x-pack/filebeat/module/microsoft/dhcp/ingest/pipeline.yml +++ b/x-pack/filebeat/module/microsoft/dhcp/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Microsoft DHCP processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/netscout/sightline/ingest/pipeline.yml b/x-pack/filebeat/module/netscout/sightline/ingest/pipeline.yml index 5525c2ba70f..44b0b754e15 100644 --- a/x-pack/filebeat/module/netscout/sightline/ingest/pipeline.yml +++ b/x-pack/filebeat/module/netscout/sightline/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Arbor Peakflow SP processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/radware/defensepro/ingest/pipeline.yml b/x-pack/filebeat/module/radware/defensepro/ingest/pipeline.yml index 9b916ed8805..f1ddbd56ba7 100644 --- a/x-pack/filebeat/module/radware/defensepro/ingest/pipeline.yml +++ b/x-pack/filebeat/module/radware/defensepro/ingest/pipeline.yml @@ -2,6 +2,10 @@ description: Pipeline for Radware DefensePro processors: + # ECS event.ingested + - set: + field: event.ingested + value: '{{_ingest.timestamp}}' # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/sonicwall/firewall/ingest/pipeline.yml b/x-pack/filebeat/module/sonicwall/firewall/ingest/pipeline.yml index fdfb0f7f9a0..921b02b96ea 100644 --- a/x-pack/filebeat/module/sonicwall/firewall/ingest/pipeline.yml +++ b/x-pack/filebeat/module/sonicwall/firewall/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Sonicwall-FW processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/squid/log/ingest/pipeline.yml b/x-pack/filebeat/module/squid/log/ingest/pipeline.yml index 574cfafde0a..96b12b89731 100644 --- a/x-pack/filebeat/module/squid/log/ingest/pipeline.yml +++ b/x-pack/filebeat/module/squid/log/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Squid processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/tomcat/log/ingest/pipeline.yml b/x-pack/filebeat/module/tomcat/log/ingest/pipeline.yml index 16a25fde6f2..9983081e838 100644 --- a/x-pack/filebeat/module/tomcat/log/ingest/pipeline.yml +++ b/x-pack/filebeat/module/tomcat/log/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Apache Tomcat processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original diff --git a/x-pack/filebeat/module/zscaler/zia/ingest/pipeline.yml b/x-pack/filebeat/module/zscaler/zia/ingest/pipeline.yml index 884dd6392a5..aae73dd9ded 100644 --- a/x-pack/filebeat/module/zscaler/zia/ingest/pipeline.yml +++ b/x-pack/filebeat/module/zscaler/zia/ingest/pipeline.yml @@ -2,10 +2,10 @@ description: Pipeline for Zscaler NSS processors: + # ECS event.ingested - set: field: event.ingested value: '{{_ingest.timestamp}}' - # User agent - user_agent: field: user_agent.original