Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[zeek] Make event.original optional #992

Merged
merged 2 commits into from
Jun 8, 2021

Conversation

marc-gr
Copy link
Contributor

@marc-gr marc-gr commented May 14, 2021

What does this PR do?

Make event.original optional

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.

Related issues

Screenshots

image

@elasticmachine
Copy link

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

@elasticmachine
Copy link

elasticmachine commented May 14, 2021

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Build Cause: Pull request #992 updated

  • Start Time: 2021-06-08T08:38:53.661+0000

  • Duration: 33 min 50 sec

  • Commit: 357d9c5

Test stats 🧪

Test Results
Failed 0
Passed 155
Skipped 0
Total 155

Trends 🧪

Image of Build Times

Image of Tests

Copy link
Member

@P1llus P1llus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, small nitpick, you could change the description for:
description: Drop if no Splunk or log data present.
To the fact that it only drops if the data is from Splunk, since there is no empty values from zeek directly.

@marc-gr marc-gr merged commit 5a22e91 into elastic:master Jun 8, 2021
@marc-gr marc-gr deleted the zeek-eventoriginal branch June 8, 2021 09:15
james-elastic pushed a commit to james-elastic/integrations that referenced this pull request Jun 30, 2021
* Make event.original optional

* Change description
eyalkraft pushed a commit to build-security/integrations that referenced this pull request Mar 30, 2022
* Make event.original optional

* Change description
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants