Skip to content

Commit

Permalink
Cherry-pick #20454 to 7.9: [Filebeat] Fix Okta ingest pipeline (#20476)
Browse files Browse the repository at this point in the history 
* [Filebeat] Fix Okta ingest pipeline (#20454)

* Fix ingest pipeline

* Add changelog entry

(cherry picked from commit 5fdcb1c)

* Remove added event.ingested from another commit
  • Loading branch information
Andrew Stucki authored Aug 6, 2020
1 parent a7c8d0f commit a73b18c
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Fix millisecond timestamp normalization issues in CrowdStrike module {issue}20035[20035], {pull}20138[20138]
- Fix support for message code 106100 in Cisco ASA and FTD. {issue}19350[19350] {pull}20245[20245]
- Fix `fortinet` setting `event.timezone` to the system one when no `tz` field present {pull}20273[20273]
- Fix `okta` geoip lookup in pipeline for `destination.ip` {pull}20454[20454]

*Heartbeat*

Expand Down
4 changes: 2 additions & 2 deletions x-pack/filebeat/module/okta/system/ingest/pipeline.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ processors:
ignore_missing: true
- geoip:
field: destination.ip
target_field: source.geo
target_field: destination.geo
ignore_missing: true
- geoip:
database_file: GeoLite2-ASN.mmdb
Expand Down Expand Up @@ -48,4 +48,4 @@ processors:
on_failure:
- set:
field: error.message
value: '{{ _ingest.on_failure_message }}'
value: "{{ _ingest.on_failure_message }}"

0 comments on commit a73b18c

Please sign in to comment.