Skip to content

[ Cloudflare Logpush ] Populate event.id from the Ray ID value for Firewall Events and HTTP Requests #12246

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 0 commits into from
Jan 8, 2025
Merged

[ Cloudflare Logpush ] Populate event.id from the Ray ID value for Firewall Events and HTTP Requests #12246

merged 0 commits into from
Jan 8, 2025

Conversation

leandrojmp
Copy link
Contributor

  • Enhancement

Proposed commit message

This PR adds a set processor on the Firewall Events and HTTP Requests ingest pipelines to populate the field event.id with the value of the fields cloudflare_logpush.http_request.ray.id in the HTTP Requests dataset and cloudflare_logpush.firewall_event.ray.id in the Firewall Events dataset.

This enables the user to filter for events on both datasets by the same event.id.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

@leandrojmp leandrojmp requested a review from a team as a code owner January 7, 2025 18:09
@andrewkroh andrewkroh added enhancement New feature or request Integration:cloudflare_logpush Cloudflare Logpush Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] labels Jan 7, 2025
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@chemamartinez
Copy link
Contributor

/test

@elasticmachine
Copy link

💚 Build Succeeded

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

chemamartinez
chemamartinez approved these changes Jan 8, 2025
View reviewed changes
Copy link
Contributor

@chemamartinez chemamartinez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@chemamartinez chemamartinez merged commit de2dc0f into elastic:main Jan 8, 2025
5 checks passed
@elastic-vault-github-plugin-prod
Copy link

Package cloudflare_logpush - 1.31.0 containing this change is available at https://epr.elastic.co/package/cloudflare_logpush/1.31.0/

harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@leandrojmp
[ Cloudflare Logpush ] Populate event.id from the Ray ID value for Fi…
8f2146b 
…rewall Events and HTTP Requests (elastic#12246)

Add event.id from ray.id for firewall events and HTTP requests
harnish-crest-data pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@leandrojmp
[ Cloudflare Logpush ] Populate event.id from the Ray ID value for Fi…
dfcf892 
…rewall Events and HTTP Requests (elastic#12246)

Add event.id from ray.id for firewall events and HTTP requests
@leandrojmp leandrojmp deleted the cloudflare_logpush_add_event_id branch February 6, 2025 03:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chemamartinez chemamartinez chemamartinez approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request Integration:cloudflare_logpush Cloudflare Logpush Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[ Cloudflare Logpush ] Ray ID field should have the same name in all datasets.
4 participants
@leandrojmp @elasticmachine @chemamartinez @andrewkroh