From 4b0ee2aa241576b0e60f6c47c5f89513d1d649f4 Mon Sep 17 00:00:00 2001 From: Adrian Serrano Date: Wed, 15 Jan 2020 10:12:28 +0100 Subject: [PATCH] Fix use of wrong fields in Cisco ASA dashboard (#15553) (#15560) This dashboard wasn't updated after a couple of fields were renamed. Fixes: #15420 (cherry picked from commit 9d70efde031fc964b43b24b12622d3f688acdd54) --- CHANGELOG.next.asciidoc | 1 + .../cisco/_meta/kibana/7/dashboard/Filebeat-Cisco-ASA.json | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index a4ead1451b3..7fdae7ebf7f 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -75,6 +75,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - netflow: Allow for options templates without scope fields. {pull}15449[15449] - netflow: Fix bytes/packets counters on some devices (NSEL and Netstream). {pull}15449[15449] - netflow: Fix compatibility with some Cisco devices by changing the field `class_id` from short to long. {pull}15449[15449] +- Fixed dashboard for Cisco ASA Firewall. {issue}15420[15420] {pull}15553[15553] *Heartbeat* diff --git a/x-pack/filebeat/module/cisco/_meta/kibana/7/dashboard/Filebeat-Cisco-ASA.json b/x-pack/filebeat/module/cisco/_meta/kibana/7/dashboard/Filebeat-Cisco-ASA.json index 5d50368c9f2..7a585fbf501 100644 --- a/x-pack/filebeat/module/cisco/_meta/kibana/7/dashboard/Filebeat-Cisco-ASA.json +++ b/x-pack/filebeat/module/cisco/_meta/kibana/7/dashboard/Filebeat-Cisco-ASA.json @@ -764,7 +764,7 @@ "id": "2", "params": { "customLabel": "ACL ID", - "field": "cisco.asa.list_id", + "field": "cisco.asa.rule_name", "missingBucket": false, "missingBucketLabel": "Missing", "order": "desc", @@ -878,7 +878,7 @@ "params": { "aggregate": "concat", "customLabel": "Sample message", - "field": "log.original", + "field": "event.original", "size": 1, "sortField": "@timestamp", "sortOrder": "desc"