Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[zeek] Make event.original optional #992

Merged
merged 2 commits into from
Jun 8, 2021
Merged

[zeek] Make event.original optional #992

merged 2 commits into from
Jun 8, 2021

Conversation

marc-gr
Copy link
Contributor

@marc-gr marc-gr commented May 14, 2021

What does this PR do?

Make event.original optional

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.

Related issues

Screenshots

image

@elasticmachine
Copy link

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@marc-gr marc-gr force-pushed the zeek-eventoriginal branch from 2fdc629 to dbe1051 Compare May 14, 2021 14:11
@elasticmachine
Copy link

elasticmachine commented May 14, 2021
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Pull request #992 updated

  • Start Time: 2021-06-08T08:38:53.661+0000

  • Duration: 33 min 50 sec

  • Commit: 357d9c5

Test stats 🧪

Test Results
Failed 0
Passed 155
Skipped 0
Total 155

Trends 🧪

Image of Build Times

Image of Tests

@marc-gr marc-gr mentioned this pull request May 14, 2021
Closed
43 tasks
@marc-gr marc-gr force-pushed the zeek-eventoriginal branch from dbe1051 to bbd4e3e Compare June 3, 2021 13:48
@marc-gr marc-gr force-pushed the zeek-eventoriginal branch from bbd4e3e to 6269436 Compare June 8, 2021 08:32
P1llus
P1llus reviewed Jun 8, 2021
View reviewed changes
Copy link
Member

@P1llus P1llus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, small nitpick, you could change the description for:
description: Drop if no Splunk or log data present.
To the fact that it only drops if the data is from Splunk, since there is no empty values from zeek directly.

@marc-gr marc-gr merged commit 5a22e91 into elastic:master Jun 8, 2021
@marc-gr marc-gr deleted the zeek-eventoriginal branch June 8, 2021 09:15
eyalkraft pushed a commit to build-security/integrations that referenced this pull request Mar 30, 2022
@marc-gr
[zeek] Make event.original optional (elastic#992)
f819270 
* Make event.original optional

* Change description
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@P1llus P1llus P1llus left review comments

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@marc-gr @elasticmachine @andrewkroh @P1llus