-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Filebeat] PANW Module - Pass-through other log types #16815
Labels
Comments
Pinging @elastic/siem (Team:SIEM) |
andrewkroh
changed the title
[Filebeat] PANW Module
[Filebeat] PANW Module - Pass-through other log types
Mar 5, 2020
@andrewkroh - I created a similar ticket on Jan 15h, 2020. #15603 CC: @mukeshelastic |
6 tasks
andrewkroh
added a commit
to andrewkroh/beats
that referenced
this issue
Jun 24, 2020
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC. This way we can retain the other log data but don't necessarily handle the parsing of it. Closes elastic#16815
andrewkroh
added a commit
that referenced
this issue
Jun 26, 2020
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC. This way we can retain the other log data but don't necessarily handle the parsing of it. Closes #16815
6 tasks
andrewkroh
added a commit
to andrewkroh/beats
that referenced
this issue
Jul 14, 2020
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC. This way we can retain the other log data but don't necessarily handle the parsing of it. Closes elastic#16815 (cherry picked from commit 53b32f9)
melchiormoulin
pushed a commit
to melchiormoulin/beats
that referenced
this issue
Oct 14, 2020
This removes the drop processor from the ingest node pipeline that drops events other than THREAT and TRAFFIC. This way we can retain the other log data but don't necessarily handle the parsing of it. Closes elastic#16815
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the enhancement:
Currently the Filebeat PANW module discards events that are not of type Traffic or Threat. This module should minimally not discard the non threat/traffic logs as they're still useful.
The text was updated successfully, but these errors were encountered: