From 4c96c97ea4e68491def984b1100f69202254da4a Mon Sep 17 00:00:00 2001
From: Mariana Dima <mariana@elastic.co>
Date: Mon, 25 Nov 2019 11:02:50 +0100
Subject: [PATCH] [Filebeat]Fix filebeat azure dashboards - event.category
 should be `Alert` (#14668) (#14686)

* Fix filebeat azure dashboards

* Update changelog

(cherry picked from commit 2603c5a08d7040d64f239f99145dbf74286f7ad2)
---
 CHANGELOG.next.asciidoc                                       | 1 +
 .../kibana/7/dashboard/Filebeat-azure-alerts-overview.json    | 4 ++--
 .../_meta/kibana/7/dashboard/Filebeat-azure-overview.json     | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc
index a59f494264d..75ebe2e7fe1 100644
--- a/CHANGELOG.next.asciidoc
+++ b/CHANGELOG.next.asciidoc
@@ -192,6 +192,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
 - Fix handling multiline log entries in nginx module. {issue}14349[14349] {pull}14499[14499]
 - Fix parsing of Elasticsearch node name by `elasticsearch/slowlog` fileset. {pull}14547[14547]
 - cisco/asa fileset: Fix parsing of 302021 message code. {pull}14519[14519]
+- Fix filebeat azure dashboards, event category should be `Alert`. {pull}14668[14668]
 
 *Heartbeat*
 
diff --git a/x-pack/filebeat/module/azure/_meta/kibana/7/dashboard/Filebeat-azure-alerts-overview.json b/x-pack/filebeat/module/azure/_meta/kibana/7/dashboard/Filebeat-azure-alerts-overview.json
index 7418ffa61d8..8674e2f3db3 100644
--- a/x-pack/filebeat/module/azure/_meta/kibana/7/dashboard/Filebeat-azure-alerts-overview.json
+++ b/x-pack/filebeat/module/azure/_meta/kibana/7/dashboard/Filebeat-azure-alerts-overview.json
@@ -328,7 +328,7 @@
             "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.index",
             "query": {
               "language": "kuery",
-              "query": "event.dataset :\"azure.activitylogs\" and event.category : \"Alerts\" "
+              "query": "event.dataset :\"azure.activitylogs\" and event.category : \"Alert\" "
             }
           }
         },
@@ -455,7 +455,7 @@
             "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.index",
             "query": {
               "language": "kuery",
-              "query": "event.dataset :\"azure.activitylogs\" and event.category : \"Alerts\" "
+              "query": "event.dataset :\"azure.activitylogs\" and event.category : \"Alert\" "
             }
           }
         },
diff --git a/x-pack/filebeat/module/azure/_meta/kibana/7/dashboard/Filebeat-azure-overview.json b/x-pack/filebeat/module/azure/_meta/kibana/7/dashboard/Filebeat-azure-overview.json
index 8bc9f64ed1f..2c6bcaaa440 100644
--- a/x-pack/filebeat/module/azure/_meta/kibana/7/dashboard/Filebeat-azure-overview.json
+++ b/x-pack/filebeat/module/azure/_meta/kibana/7/dashboard/Filebeat-azure-overview.json
@@ -1134,7 +1134,7 @@
             "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.index",
             "query": {
               "language": "kuery",
-              "query": "event.dataset :\"azure.activitylogs\" and event.category : \"Alerts\" "
+              "query": "event.dataset :\"azure.activitylogs\" and event.category : \"Alert\" "
             }
           }
         },