Skip to content

Commit

Permalink
[8.16](backport #42199) Fix Otel API change and update system test go…
Browse files Browse the repository at this point in the history 
…lden files to 2025 (#42217)

* Fix Otel API change and update system test golden files to 2025 (#42199)

* Fix Otel API change

* Update test files with new date/year

(cherry picked from commit 1430cfd)

# Conflicts:
#	x-pack/filebeat/fbreceiver/receiver_test.go

* remove benchmark code not backported to 8.16

---------

Co-authored-by: Tiago Queiroz <[email protected]>
Co-authored-by: Mauri de Souza Meneguzzo <[email protected]>
  • Loading branch information
@mergify @belimawr @mauri870
3 people authored Jan 6, 2025
1 parent fc0d0a1 commit 393ed97
Show file tree
Hide file tree
Showing 14 changed files with 37 additions and 37 deletions.
36 changes: 18 additions & 18 deletions x-pack/filebeat/module/cisco/asa/test/additional_messages.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,12 +181,12 @@
"event.code": 609002,
"event.dataset": "cisco.asa",
"event.duration": 0,
"event.end": "2024-05-05T17:51:17.000-02:00",
"event.end": "2025-05-05T17:51:17.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%FTD-7-609002: Teardown local-host net:192.168.2.2 duration 0:00:00",
"event.severity": 7,
"event.start": "2024-05-05T19:51:17.000Z",
"event.start": "2025-05-05T19:51:17.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
Expand Down Expand Up @@ -701,12 +701,12 @@
"event.code": 609002,
"event.dataset": "cisco.asa",
"event.duration": 0,
"event.end": "2024-05-05T18:24:31.000-02:00",
"event.end": "2025-05-05T18:24:31.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-7-609002: Teardown local-host identity:10.10.10.10 duration 0:00:00",
"event.severity": 7,
"event.start": "2024-05-05T20:24:31.000Z",
"event.start": "2025-05-05T20:24:31.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
Expand Down Expand Up @@ -849,13 +849,13 @@
"event.code": 302014,
"event.dataset": "cisco.asa",
"event.duration": 0,
"event.end": "2024-05-05T18:29:32.000-02:00",
"event.end": "2025-05-05T18:29:32.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-6-302014: Teardown TCP connection 2960892904 for out111:10.10.10.10/443 to fw111:192.168.2.2/55225 duration 0:00:00 bytes 0 TCP Reset-I",
"event.reason": "TCP Reset-I",
"event.severity": 6,
"event.start": "2024-05-05T20:29:32.000Z",
"event.start": "2025-05-05T20:29:32.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
Expand Down Expand Up @@ -966,12 +966,12 @@
"event.code": 305012,
"event.dataset": "cisco.asa",
"event.duration": 0,
"event.end": "2024-05-05T18:29:32.000-02:00",
"event.end": "2025-05-05T18:29:32.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-6-305012: Teardown dynamic UDP translation from fw111:10.10.10.10/54230 to out111:192.168.2.2/54230 duration 0:00:00",
"event.severity": 6,
"event.start": "2024-05-05T20:29:32.000Z",
"event.start": "2025-05-05T20:29:32.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
Expand Down Expand Up @@ -1175,12 +1175,12 @@
"event.code": 302016,
"event.dataset": "cisco.asa",
"event.duration": 124000000000,
"event.end": "2024-05-05T18:40:50.000-02:00",
"event.end": "2025-05-05T18:40:50.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-2-302016: Teardown UDP connection 1671727 for intfacename:10.10.10.10/161 to net:192.186.2.2/53356 duration 0:02:04 bytes 64585",
"event.severity": 2,
"event.start": "2024-05-05T20:38:46.000Z",
"event.start": "2025-05-05T20:38:46.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
Expand Down Expand Up @@ -1812,13 +1812,13 @@
"event.code": 302023,
"event.dataset": "cisco.asa",
"event.duration": 0,
"event.end": "2024-05-05T19:02:58.000-02:00",
"event.end": "2025-05-05T19:02:58.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-6-302023: Teardown stub TCP connection for fw111:10.10.10.10/39210 to net:192.168.2.2/10051 duration 0:00:00 forwarded bytes 0 Cluster flow with CLU closed on owner",
"event.reason": "Cluster flow with CLU closed on owner",
"event.severity": 6,
"event.start": "2024-05-05T21:02:58.000Z",
"event.start": "2025-05-05T21:02:58.000Z",
"event.timezone": "-02:00",
"event.type": [
"info"
Expand Down Expand Up @@ -1868,13 +1868,13 @@
"event.code": 302023,
"event.dataset": "cisco.asa",
"event.duration": 0,
"event.end": "2024-05-05T19:02:58.000-02:00",
"event.end": "2025-05-05T19:02:58.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-6-302023: Teardown stub TCP connection for net:10.10.10.10/10051 to unknown:192.168.2.2/39222 duration 0:00:00 forwarded bytes 0 Forwarding or redirect flow removed to create director or backup flow",
"event.reason": "Forwarding or redirect flow removed to create director or backup flow",
"event.severity": 6,
"event.start": "2024-05-05T21:02:58.000Z",
"event.start": "2025-05-05T21:02:58.000Z",
"event.timezone": "-02:00",
"event.type": [
"info"
Expand Down Expand Up @@ -2687,13 +2687,13 @@
"event.code": 302304,
"event.dataset": "cisco.asa",
"event.duration": 3602000000000,
"event.end": "2024-04-27T04:12:23.000-02:00",
"event.end": "2025-04-27T04:12:23.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-6-302304: Teardown TCP state-bypass connection 2751765169 from server.deflan:81.2.69.143/54242 to server.deflan:67.43.156.12/9101 duration 1:00:02 bytes 245 Connection timeout",
"event.reason": "Connection timeout",
"event.severity": 6,
"event.start": "2024-04-27T05:12:21.000Z",
"event.start": "2025-04-27T05:12:21.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
Expand Down Expand Up @@ -3227,13 +3227,13 @@
"event.code": 113019,
"event.dataset": "cisco.asa",
"event.duration": 1936000000000,
"event.end": "2024-04-27T02:03:03.000-02:00",
"event.end": "2025-04-27T02:03:03.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-4-113019: Group = 81.2.69.143, Username = 81.2.69.143, IP = 81.2.69.143, Session disconnected. Session Type: LAN-to-LAN, Duration: 0h:32m:16s, Bytes xmt: 297103, Bytes rcv: 1216163, Reason: User Requested",
"event.reason": "User Requested",
"event.severity": 4,
"event.start": "2024-04-27T03:30:47.000Z",
"event.start": "2025-04-27T03:30:47.000Z",
"event.timezone": "-02:00",
"event.type": [
"info"
Expand Down
8 changes: 4 additions & 4 deletions x-pack/filebeat/module/cisco/asa/test/non-canonical.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -361,12 +361,12 @@
"event.code": 305012,
"event.dataset": "cisco.asa",
"event.duration": 41000000000,
"event.end": "2024-07-15T13:38:47.000-02:00",
"event.end": "2025-07-15T13:38:47.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-6-305012: Teardown dynamic UDP translation from SERVERS:exp-wait/62409 to outside:81.2.69.142/62409 duration 0:00:41",
"event.severity": 6,
"event.start": "2024-07-15T15:38:06.000Z",
"event.start": "2025-07-15T15:38:06.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
Expand Down Expand Up @@ -423,12 +423,12 @@
"event.code": 305012,
"event.dataset": "cisco.asa",
"event.duration": 30000000000,
"event.end": "2024-07-15T13:37:33.000-02:00",
"event.end": "2025-07-15T13:37:33.000-02:00",
"event.kind": "event",
"event.module": "cisco",
"event.original": "%ASA-6-305012: Teardown dynamic UDP translation from SERVERS:exp-wait/56421 to outside:81.2.69.142/56421 duration 0:00:30",
"event.severity": 6,
"event.start": "2024-07-15T15:37:03.000Z",
"event.start": "2025-07-15T15:37:03.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
Expand Down
2 changes: 1 addition & 1 deletion ...lebeat/module/cyberarkpas/audit/test/288_auto_clear_users_history_start.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
]
},
{
"@timestamp": "2024-03-08T03:00:20.000-02:00",
"@timestamp": "2025-03-08T03:00:20.000-02:00",
"cyberarkpas.audit.action": "Auto Clear Users History start",
"cyberarkpas.audit.desc": "Auto Clear Users History start",
"cyberarkpas.audit.issuer": "Batch",
Expand Down
2 changes: 1 addition & 1 deletion ...filebeat/module/cyberarkpas/audit/test/289_auto_clear_users_history_end.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
]
},
{
"@timestamp": "2024-03-08T03:00:20.000-02:00",
"@timestamp": "2025-03-08T03:00:20.000-02:00",
"cyberarkpas.audit.action": "Auto Clear Users History end",
"cyberarkpas.audit.desc": "Auto Clear Users History end",
"cyberarkpas.audit.issuer": "Batch",
Expand Down
2 changes: 1 addition & 1 deletion ...filebeat/module/cyberarkpas/audit/test/310_monitor_dr_replication_start.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
]
},
{
"@timestamp": "2024-03-08T02:48:07.000-02:00",
"@timestamp": "2025-03-08T02:48:07.000-02:00",
"cyberarkpas.audit.action": "Monitor DR Replication start",
"cyberarkpas.audit.desc": "Monitor DR Replication start",
"cyberarkpas.audit.issuer": "Batch",
Expand Down
2 changes: 1 addition & 1 deletion ...k/filebeat/module/cyberarkpas/audit/test/311_monitor_dr_replication_end.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
]
},
{
"@timestamp": "2024-03-08T02:48:07.000-02:00",
"@timestamp": "2025-03-08T02:48:07.000-02:00",
"cyberarkpas.audit.action": "Monitor DR Replication end",
"cyberarkpas.audit.desc": "Monitor DR Replication end",
"cyberarkpas.audit.issuer": "Batch",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/357_monitor_fw_rules_start.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
]
},
{
"@timestamp": "2024-03-08T02:32:56.000-02:00",
"@timestamp": "2025-03-08T02:32:56.000-02:00",
"cyberarkpas.audit.action": "Monitor FW rules start",
"cyberarkpas.audit.desc": "Monitor FW rules start",
"cyberarkpas.audit.issuer": "Batch",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/358_monitor_fw_rules_end.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
]
},
{
"@timestamp": "2024-03-08T02:32:56.000-02:00",
"@timestamp": "2025-03-08T02:32:56.000-02:00",
"cyberarkpas.audit.action": "Monitor FW Rules end",
"cyberarkpas.audit.desc": "Monitor FW Rules end",
"cyberarkpas.audit.issuer": "Batch",
Expand Down
2 changes: 1 addition & 1 deletion ...y_warning_the_signature_hash_algorithm_of_the_vault_certificate_is_sha1.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
]
},
{
"@timestamp": "2024-03-08T07:46:54.000-02:00",
"@timestamp": "2025-03-08T07:46:54.000-02:00",
"cyberarkpas.audit.action": "Security warning - The Signature Hash Algorithm of the Vault certificate is SHA1.",
"cyberarkpas.audit.desc": "Security warning - The Signature Hash Algorithm of the Vault certificate is SHA1.",
"cyberarkpas.audit.issuer": "Builtin",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/59_clear_safe_history.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@
]
},
{
"@timestamp": "2024-03-08T03:10:31.000-02:00",
"@timestamp": "2025-03-08T03:10:31.000-02:00",
"cyberarkpas.audit.action": "Clear Safe History",
"cyberarkpas.audit.desc": "Clear Safe History",
"cyberarkpas.audit.issuer": "PasswordManager",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/88_set_password.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@
]
},
{
"@timestamp": "2024-03-08T02:54:46.000-02:00",
"@timestamp": "2025-03-08T02:54:46.000-02:00",
"cyberarkpas.audit.action": "Set Password",
"cyberarkpas.audit.desc": "Set Password",
"cyberarkpas.audit.issuer": "PVWAGWUser",
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/module/cyberarkpas/audit/test/legacysyslog.log-expected.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[
{
"@timestamp": "2024-03-08T03:41:01.000-02:00",
"@timestamp": "2025-03-08T03:41:01.000-02:00",
"cyberarkpas.audit.action": "Retrieve File",
"cyberarkpas.audit.desc": "Retrieve File",
"cyberarkpas.audit.file": "Root\\Policies\\Policy-BusinessWebsite.ini",
Expand Down
4 changes: 2 additions & 2 deletions .../filebeat/module/microsoft/m365_defender/test/m365_defender-test.ndjson.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -674,7 +674,7 @@
"microsoft.m365_defender.alerts.detectionSource": "WindowsDefenderAv",
"microsoft.m365_defender.alerts.devices": [
{
"deviceDnsName": "TestServer4",
"deviceDnsName": "TestServer5",
"firstSeen": "2020-06-30T08:55:08.8320449Z",
"healthStatus": "Inactive",
"mdatpDeviceId": "75a63a39f9bc5a964f417c11f6277d5bf9489f0d",
Expand All @@ -686,7 +686,7 @@
"version": "Other"
},
{
"deviceDnsName": "TestServer5",
"deviceDnsName": "TestServer4",
"firstSeen": "2020-06-30T08:55:08.8320449Z",
"healthStatus": "Inactive",
"mdatpDeviceId": "75a63a39f9bc5a964f417c11f6277d5bf9489f0d",
Expand Down
6 changes: 3 additions & 3 deletions x-pack/filebeat/module/mysqlenterprise/audit/test/mysql_audit_test.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,11 @@
"mysqlenterprise.audit.connection_id": 0,
"mysqlenterprise.audit.id": 0,
"process.args": [
"--log-error=log.err",
"/usr/local/mysql/bin/mysqld",
"--loose-audit-log-format=JSON",
"--log-error=log.err",
"--pid-file=mysqld.pid",
"--port=3306",
"/usr/local/mysql/bin/mysqld"
"--port=3306"
],
"process.args_count": 5,
"process.command_line": "/usr/local/mysql/bin/mysqld --loose-audit-log-format=JSON --log-error=log.err --pid-file=mysqld.pid --port=3306",
Expand Down

0 comments on commit 393ed97

Please sign in to comment.