Skip to content

[zeek] Make zeek package GA with v1.0.0 #1217

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jun 30, 2021
Merged

[zeek] Make zeek package GA with v1.0.0 #1217

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ce8202c
Make zeek package GA with v1.0.0
marc-gr Jun 28, 2021
74e72bd
Set event.module and event.dataset
marc-gr Jun 29, 2021
File filter

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions packages/zeek/changelog.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,12 @@
# newer versions go on top
- version: "1.0.0"
changes:
- description: make GA
type: enhancement
link: https://github.com/elastic/integrations/pull/1217
- description: Set "event.module" and "event.dataset"
type: enhancement
link: https://github.com/elastic/integrations/pull/1217
- version: "0.8.4"
changes:
- description: Add support for Splunk authorization tokens
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/capture_loss/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.capture_loss
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/capture_loss/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek capture_loss logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/connection/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.connection
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/connection/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek connection logs
release: experimental
streams:
- input: logfile
template_path: log.yml.hbs
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/dce_rpc/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.dce_rpc
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/dce_rpc/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek dce_rpc logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/dhcp/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.dhcp
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/dhcp/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek dhcp logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/dnp3/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.dnp3
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/dnp3/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek dnp3 logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/dns/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.dns
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/dns/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek dns logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/dpd/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.dpd
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/dpd/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek dpd logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/files/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.files
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/files/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek files logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/ftp/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.ftp
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/ftp/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek ftp logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/http/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.http
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/http/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek http logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/intel/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.intel
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/intel/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek intel logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/irc/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.irc
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/irc/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek irc logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/kerberos/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.kerberos
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/kerberos/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek kerberos logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/modbus/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.modbus
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/modbus/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek modbus logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/mysql/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.mysql
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/mysql/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek mysql logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/notice/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.notice
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/notice/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek notice logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
8 changes: 8 additions & 0 deletions packages/zeek/data_stream/ntlm/fields/base-fields.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,14 @@
- name: data_stream.namespace
type: constant_keyword
description: Data stream namespace.
- name: event.module
type: constant_keyword
description: Event module
value: zeek
- name: event.dataset
type: constant_keyword
description: Event dataset
value: zeek.ntlm
- name: '@timestamp'
type: date
description: Event timestamp.
1 change: 0 additions & 1 deletion packages/zeek/data_stream/ntlm/manifest.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
type: logs
title: Zeek ntlm logs
release: experimental
streams:
- input: logfile
vars:
Expand Down
Loading