[fortinet_fortigate] Fix test data (#10865)

* [fortinet_fortigate] Fix test data * Update changelog with PR number * Fix the test data as a workaround for uri_parts processor bug that was fixed in Elasticsearch 8.14
elastic · Aug 24, 2024 · 77af95e · 77af95e
1 parent 6312d8b
commit 77af95e
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 5 deletions.
diff --git a/packages/fortinet_fortigate/changelog.yml b/packages/fortinet_fortigate/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.25.6"
+  changes:
+    - description: Fix test data
+      type: bugfix
+      link: https://github.com/elastic/integrations/pull/10865
 - version: "1.25.5"
   changes:
     - description: Fix handling alternative logs for Administrator logins

diff --git a/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log b/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log
@@ -37,7 +37,7 @@ date=2020-09-28 time=15:36:26 eventtime=1601332560405228924 tz="-0700" logid="01
 date=2020-09-28 time=15:36:26 eventtime=1601332560336851635 tz="-0700" logid="0114032601" type="event" subtype="switch-controller" level="information" vd="vdom1" logdesc="Switch-Controller discovered" user="daemon_admin" ui="cmdbsvr" sn="S248EPTF18001384" name="S248EPTF18001384" msg="S248EPTF18001384 Discovered"
 date=2022-02-02 time=15:52:09 eventtime=1643845930263415066 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="system.usb-log" status="200" url="/api/v2/monitor/system/usb-log?vdom=root"
 date=2022-02-02 time=15:52:06 eventtime=1643845926774931021 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="license.status" status="200" url="/api/v2/monitor/license/status?vdom=root"
-date=2022-02-02 time=15:52:06 eventtime=1643845926764579729 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="log.fortianalyzer.setting" status="200" url="/api/v2/cmdb/log.fortianalyzer/setting?vdom=root"
+date=2022-02-02 time=15:52:06 eventtime=1643845926764579729 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="log.fortianalyzer.setting" status="200" url="/api/v2/cmdb/log_fortianalyzer/setting?vdom=root"
 date=2022-02-02 time=15:52:06 eventtime=1643845926762372766 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="system.sandbox" action="connection" status="200" url="/api/v2/monitor/system/sandbox/connection?vdom=root"
 date=2022-02-02 time=15:52:06 eventtime=1643845926755869998 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="system.firmware" status="200" url="/api/v2/monitor/system/firmware?vdom=root"
 date=2021-12-20 time=16:43:54 eventtime=1640047434839814226 tz="-0800" logid="0100020214" type="event" subtype="system" level="warning" vd="root" logdesc="Locally generated traffic goes to IoC location" srcip=172.16.200.2 srcport=18047 dstip=216.160.83.56 dstport=514 session_id=23563 proto=6

diff --git a/...fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log-expected.json b/...fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log-expected.json
@@ -2274,7 +2274,7 @@
             "event": {
                 "code": "0116047301",
                 "kind": "event",
-                "original": "date=2022-02-02 time=15:52:06 eventtime=1643845926764579729 tz=\"-0800\" logid=\"0116047301\" type=\"event\" subtype=\"rest-api\" level=\"information\" vd=\"root\" logdesc=\"REST API request success\" user=\"admin\" ui=\"GUI(192.168.1.69)\" method=\"GET\" path=\"log.fortianalyzer.setting\" status=\"200\" url=\"/api/v2/cmdb/log.fortianalyzer/setting?vdom=root\"",
+                "original": "date=2022-02-02 time=15:52:06 eventtime=1643845926764579729 tz=\"-0800\" logid=\"0116047301\" type=\"event\" subtype=\"rest-api\" level=\"information\" vd=\"root\" logdesc=\"REST API request success\" user=\"admin\" ui=\"GUI(192.168.1.69)\" method=\"GET\" path=\"log.fortianalyzer.setting\" status=\"200\" url=\"/api/v2/cmdb/log_fortianalyzer/setting?vdom=root\"",
                 "start": "2022-02-02T15:52:06.764-08:00",
                 "timezone": "-0800"
             },
@@ -2314,8 +2314,7 @@
                 "preserve_original_event"
             ],
             "url": {
-                "extension": "fortianalyzer/setting",
-                "path": "/api/v2/cmdb/log.fortianalyzer/setting",
+                "path": "/api/v2/cmdb/log_fortianalyzer/setting",
                 "query": "vdom=root"
             }
         },

diff --git a/packages/fortinet_fortigate/manifest.yml b/packages/fortinet_fortigate/manifest.yml
@@ -1,6 +1,6 @@
 name: fortinet_fortigate
 title: Fortinet FortiGate Firewall Logs
-version: "1.25.5"
+version: "1.25.6"
 description: Collect logs from Fortinet FortiGate firewalls with Elastic Agent.
 type: integration
 format_version: "3.0.3"