Skip to content

Commit

Permalink
Fix fortinet.firewall.mem value to be interpreted as integer (elastic…
Browse files Browse the repository at this point in the history
…#19335)

Fix fortinet.firewall.mem value to be interpreted as integer. Add convert processor for fortinet.firewall.mem to ingest pipeline.

Closes elastic#19327

Co-authored-by: Andrew Kroh <[email protected]>
  • Loading branch information
2 people authored and melchiormoulin committed Oct 14, 2020
1 parent 6df3261 commit c4df757
Show file tree
Hide file tree
Showing 6 changed files with 10 additions and 4 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -175,6 +175,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d

*Filebeat*

- Fix mapping of fortinet.firewall.mem as integer. {pull}19335[19335]
- Ensure all zeek timestamps include millisecond precision. {issue}14599[14599] {pull}16766[16766]
- Fix s3 input hanging with GetObjectRequest API call by adding context_timeout config. {issue}15502[15502] {pull}15590[15590]
- Add shared_credential_file to cloudtrail config {issue}15652[15652] {pull}15656[15656]
Expand Down
2 changes: 1 addition & 1 deletion filebeat/docs/fields.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -59147,7 +59147,7 @@ type: integer
Memory usage system statistics


type: keyword
type: integer

--

Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/fortinet/fields.go

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion x-pack/filebeat/module/fortinet/firewall/_meta/fields.yml
Original file line number Diff line number Diff line change
Expand Up @@ -1126,7 +1126,7 @@
Fabric medium count
- name: mem
type: keyword
type: integer
description: >
Memory usage system statistics
Expand Down
5 changes: 5 additions & 0 deletions x-pack/filebeat/module/fortinet/firewall/ingest/event.yml
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,11 @@ processors:
ignore_failure: true
ignore_missing: true
if: "ctx.event?.duration == null"
- convert:
field: fortinet.firewall.mem
type: integer
ignore_failure: true
ignore_missing: true
- geoip:
field: source.ip
target_field: source.geo
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -973,7 +973,7 @@
"fortinet.firewall.disklograte": "0",
"fortinet.firewall.fazlograte": "0",
"fortinet.firewall.freediskstorage": "331",
"fortinet.firewall.mem": "10",
"fortinet.firewall.mem": 10,
"fortinet.firewall.setuprate": "0",
"fortinet.firewall.subtype": "system",
"fortinet.firewall.sysuptime": "25170",
Expand Down

0 comments on commit c4df757

Please sign in to comment.