-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Filebeat] Add field limit check for AWS Cloudtrail flattened fields #21388
Merged
leehinman
merged 1 commit into
elastic:master
from
leehinman:21382_cloudtrail_flattened
Sep 30, 2020
Merged
[Filebeat] Add field limit check for AWS Cloudtrail flattened fields #21388
leehinman
merged 1 commit into
elastic:master
from
leehinman:21382_cloudtrail_flattened
Sep 30, 2020
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
leehinman
added
bug
Filebeat
Filebeat
needs_backport
PR is waiting to be backported to other branches.
Team:SIEM
labels
Sep 29, 2020
Pinging @elastic/siem (Team:SIEM) |
botelastic
bot
added
needs_team
Indicates that the issue/PR needs a Team:* label
and removed
needs_team
Indicates that the issue/PR needs a Team:* label
labels
Sep 29, 2020
add 32k length check for - aws.cloudtrail.flattened.request_parameters - aws.cloudtrail.flattened.response_elements - aws.cloudtrail.flattened.additional_eventdata - aws.cloudtrail.flattened.service_event_details Closes elastic#21382
leehinman
force-pushed
the
21382_cloudtrail_flattened
branch
from
September 29, 2020 15:04
f06ba16
to
b4ee494
Compare
💔 Tests FailedExpand to view the summary
Build stats
Test stats 🧪
Test errorsExpand to view the tests failures
Steps errorsExpand to view the steps failures
Log outputExpand to view the last 100 lines of log output
|
adriansr
approved these changes
Sep 30, 2020
leehinman
added a commit
to leehinman/beats
that referenced
this pull request
Sep 30, 2020
) add 32k length check for - aws.cloudtrail.flattened.request_parameters - aws.cloudtrail.flattened.response_elements - aws.cloudtrail.flattened.additional_eventdata - aws.cloudtrail.flattened.service_event_details Closes elastic#21382 (cherry picked from commit eae9f5c)
6 tasks
leehinman
added
v7.10.0
and removed
needs_backport
PR is waiting to be backported to other branches.
labels
Sep 30, 2020
6 tasks
leehinman
added a commit
to leehinman/beats
that referenced
this pull request
Sep 30, 2020
) add 32k length check for - aws.cloudtrail.flattened.request_parameters - aws.cloudtrail.flattened.response_elements - aws.cloudtrail.flattened.additional_eventdata - aws.cloudtrail.flattened.service_event_details Closes elastic#21382 (cherry picked from commit eae9f5c)
v1v
added a commit
to v1v/beats
that referenced
this pull request
Oct 2, 2020
* upstream/master: (27 commits) [Ingest Manager] Split index restrictions into type,dataset, namespace parts (elastic#21406) Update Filebeat module expected logs files (elastic#21454) Edit SQL module docs and fix broken doc structure (elastic#21233) [Ingest Manager] Send snapshot flag together with metadata (elastic#21285) Revert "[JJBB] Set shallow cloning to 10 (elastic#21409)" (elastic#21447) [JJBB] Use reference repo for fast checkouts (elastic#21410) Add initial skeleton of filestream input (elastic#21427) Initial spec file for apm-server (elastic#21225) [Ingest Manager] Upgrade Action: make source URI optional (elastic#21372) Add field limit check for AWS Cloudtrail flattened fields (elastic#21388) [Winlogbeat] Move winlogbeat javascript processor to libbeat (elastic#21402) ci: pipeline to generate the changelog (elastic#21426) [JJBB] Set shallow cloning to 10 (elastic#21409) docs: add link to release notes for 7.9.2 (elastic#21405) (elastic#21419) docs: Prepare Changelog for 7.9.2 (elastic#21229) (elastic#21403) fix: mark flaky tests (elastic#21300) fix: use a fixed version of setuptools (elastic#21393) Move Kubernetes events metricset to its own block in reference config (elastic#21407) [libbeat] Enable WriteAheadLimit in the disk queue (elastic#21391) docs: fix apt/yum formatting (elastic#21362) ...
v1v
added a commit
to v1v/beats
that referenced
this pull request
Oct 2, 2020
…ne-2.0-arm * upstream/master: (54 commits) [CI] Change x-pack/auditbeat build events (comments, labels) (elastic#21463) [CI] changeset from elastic#20603 was not added to CI2.0 (elastic#21464) Add new log file reader for filestream input (elastic#21450) [CI] Send slack message with build status (elastic#21428) Remove duplicated sources url in dependencies report (elastic#21462) Add implementation of FSWatcher and FSScanner for filestream (elastic#21444) [Ingest Manager] Split index restrictions into type,dataset, namespace parts (elastic#21406) Update Filebeat module expected logs files (elastic#21454) Edit SQL module docs and fix broken doc structure (elastic#21233) [Ingest Manager] Send snapshot flag together with metadata (elastic#21285) Revert "[JJBB] Set shallow cloning to 10 (elastic#21409)" (elastic#21447) [JJBB] Use reference repo for fast checkouts (elastic#21410) Add initial skeleton of filestream input (elastic#21427) Initial spec file for apm-server (elastic#21225) [Ingest Manager] Upgrade Action: make source URI optional (elastic#21372) Add field limit check for AWS Cloudtrail flattened fields (elastic#21388) [Winlogbeat] Move winlogbeat javascript processor to libbeat (elastic#21402) ci: pipeline to generate the changelog (elastic#21426) [JJBB] Set shallow cloning to 10 (elastic#21409) docs: add link to release notes for 7.9.2 (elastic#21405) (elastic#21419) ...
v1v
added a commit
to v1v/beats
that referenced
this pull request
Oct 2, 2020
…ci-build-label-support * upstream/master: [CI] Change x-pack/auditbeat build events (comments, labels) (elastic#21463) [CI] changeset from elastic#20603 was not added to CI2.0 (elastic#21464) Add new log file reader for filestream input (elastic#21450) [CI] Send slack message with build status (elastic#21428) Remove duplicated sources url in dependencies report (elastic#21462) Add implementation of FSWatcher and FSScanner for filestream (elastic#21444) [Ingest Manager] Split index restrictions into type,dataset, namespace parts (elastic#21406) Update Filebeat module expected logs files (elastic#21454) Edit SQL module docs and fix broken doc structure (elastic#21233) [Ingest Manager] Send snapshot flag together with metadata (elastic#21285) Revert "[JJBB] Set shallow cloning to 10 (elastic#21409)" (elastic#21447) [JJBB] Use reference repo for fast checkouts (elastic#21410) Add initial skeleton of filestream input (elastic#21427) Initial spec file for apm-server (elastic#21225) [Ingest Manager] Upgrade Action: make source URI optional (elastic#21372) Add field limit check for AWS Cloudtrail flattened fields (elastic#21388) [Winlogbeat] Move winlogbeat javascript processor to libbeat (elastic#21402) ci: pipeline to generate the changelog (elastic#21426)
leweafan
pushed a commit
to leweafan/beats
that referenced
this pull request
Apr 28, 2023
) (elastic#21432) add 32k length check for - aws.cloudtrail.flattened.request_parameters - aws.cloudtrail.flattened.response_elements - aws.cloudtrail.flattened.additional_eventdata - aws.cloudtrail.flattened.service_event_details Closes elastic#21382 (cherry picked from commit bfed554)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Adds a 32k length check for:
Why is it important?
Elasticsearch will fail to index the document if a flattened field is
over 32k in length.
Checklist
CHANGELOG.next.asciidoc
orCHANGELOG-developer.next.asciidoc
.How to test this PR locally
Related issues