Skip to content

Jlind23/deprecate loginput #12503

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 29 commits into from
Feb 10, 2025
Merged

Jlind23/deprecate loginput #12503

merged 29 commits into from
Feb 10, 2025

Conversation

jlind23
Copy link
Contributor

@jlind23 jlind23 commented Jan 28, 2025
edited
Loading

With the introduction of elastic/beats#42295 the log input will soon not be able to run anymore as it is deprecated. To continue running we need to add this allow deprecated parameter to all log input template.

@jlind23 jlind23 self-assigned this Jan 28, 2025
@jlind23 jlind23 marked this pull request as ready for review January 28, 2025 20:15
@jlind23 jlind23 requested review from a team January 28, 2025 20:15
@jlind23
Copy link
Contributor Author

jlind23 commented Jan 28, 2025

@rdner @cmacknz I'd love to get a sanity check on this 😅

@elastic-vault-github-plugin-prod
Copy link

elastic-vault-github-plugin-prod bot commented Jan 28, 2025
edited
Loading

🚀 Benchmarks report

Package system 👍(1) 💚(1) 💔(1)

Expand to view
Data stream Previous EPS New EPS Diff (%) Result
security 2898.55 1715.27 -1183.28 (-40.82%) 💔

To see the full report comment with /test benchmark fullreport

@jlind23
Copy link
Contributor Author

jlind23 commented Jan 29, 2025

@elastic/sec-linux-platform could you help me understand why the auditd package tests are failing?

rdner
rdner reviewed Jan 29, 2025
View reviewed changes
packages/iis/manifest.yml
@@ -1,6 +1,6 @@
name: iis
title: IIS
version: "1.21.1-next"
version: "1.22.0"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we know why it had the -next prefix before? Is it okay to drop it?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That means this was a pre-release not shipped to end users. I would need @lalit-satapathy's inputs here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If it was a pre-release I assume we would have to keep it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

-next, apart from being a prerelease suffix, it avoids publishing the package. So if you add a version without this suffix it will also publish previously unreleased changes.

Though I am not sure why the previous change was included under a -next suffix, it only adds definitions for new fields, it looks safe and releaseable.

@stefans-elastic @muthu-mps do you see any reason not to release #12070?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jsoriano,
The -next tag was added to have the newer fields available from 8.17.x version and user has to upgrade the stack to get monitor those fields. I have noticed there was a similar discussion around handing such a scenario without upgrading the Kibana version. We can drop the pre-release tag.

jsoriano
jsoriano reviewed Jan 29, 2025
View reviewed changes
packages/iis/manifest.yml
@@ -1,6 +1,6 @@
name: iis
title: IIS
version: "1.21.1-next"
version: "1.22.0"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

-next, apart from being a prerelease suffix, it avoids publishing the package. So if you add a version without this suffix it will also publish previously unreleased changes.

Though I am not sure why the previous change was included under a -next suffix, it only adds definitions for new fields, it looks safe and releaseable.

@stefans-elastic @muthu-mps do you see any reason not to release #12070?

cmacknz
cmacknz approved these changes Jan 29, 2025
View reviewed changes
Copy link
Member

@cmacknz cmacknz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. This is a no-op until we make the change in Beats to refuse to start the log input without the allow_depreacted_use: true flag when it is run from Elastic Agent. Right now there is an exception for this. We would want this change made first regardless so that integrations aren't temporarily broken we do that.

@jlind23
Copy link
Contributor Author

jlind23 commented Jan 30, 2025

@elastic/obs-ds-hosted-services @elastic/obs-infraobs-integrations @elastic/sec-deployment-and-devices @elastic/sec-linux-platform @elastic/sec-windows-platform @elastic/security-service-integrations @elastic/stack-monitoring
Can I get your code owner approval on this please?

consulthys
consulthys approved these changes Jan 30, 2025
View reviewed changes
Copy link
Contributor

@consulthys consulthys left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGT Stack Monitoring

@andrewkroh andrewkroh added Integration:system System Integration:apache Apache HTTP Server Integration:rabbitmq RabbitMQ Logs and Metrics Integration:iptables Iptables Integration:cyberarkpas CyberArk Privileged Access Security Integration:forcepoint_web Forcepoint Web Security (Community supported) Integration:microsoft_exchange_online_message_trac Microsoft Exchange Online Message Trace Integration:pps Pleasant Password Server (Community supported) Integration:logstash Logstash Integration:platform_observability Platform Observability Integration:ibmmq IBM MQ labels Jan 30, 2025
@elastic-vault-github-plugin-prod
Copy link

Package ibmmq - 1.5.0 containing this change is available at https://epr.elastic.co/package/ibmmq/1.5.0/

@elastic-vault-github-plugin-prod
Copy link

Package iis - 1.22.0 containing this change is available at https://epr.elastic.co/package/iis/1.22.0/

@elastic-vault-github-plugin-prod
Copy link

Package infoblox_nios - 1.27.0 containing this change is available at https://epr.elastic.co/package/infoblox_nios/1.27.0/

@elastic-vault-github-plugin-prod
Copy link

Package iptables - 1.19.0 containing this change is available at https://epr.elastic.co/package/iptables/1.19.0/

@elastic-vault-github-plugin-prod
Copy link

Package kafka - 1.17.0 containing this change is available at https://epr.elastic.co/package/kafka/1.17.0/

@elastic-vault-github-plugin-prod
Copy link

Package kibana - 2.6.0 containing this change is available at https://epr.elastic.co/package/kibana/2.6.0/

@elastic-vault-github-plugin-prod
Copy link

Package logstash - 2.5.0 containing this change is available at https://epr.elastic.co/package/logstash/2.5.0/

@elastic-vault-github-plugin-prod
Copy link

Package microsoft_defender_endpoint - 2.28.0 containing this change is available at https://epr.elastic.co/package/microsoft_defender_endpoint/2.28.0/

@elastic-vault-github-plugin-prod
Copy link

Package microsoft_exchange_online_message_trace - 1.26.0 containing this change is available at https://epr.elastic.co/package/microsoft_exchange_online_message_trace/1.26.0/

@elastic-vault-github-plugin-prod
Copy link

Package microsoft_sqlserver - 2.11.0 containing this change is available at https://epr.elastic.co/package/microsoft_sqlserver/2.11.0/

@elastic-vault-github-plugin-prod
Copy link

Package mongodb - 1.18.0 containing this change is available at https://epr.elastic.co/package/mongodb/1.18.0/

@elastic-vault-github-plugin-prod
Copy link

Package nats - 1.8.0 containing this change is available at https://epr.elastic.co/package/nats/1.8.0/

@elastic-vault-github-plugin-prod
Copy link

Package osquery - 1.21.0 containing this change is available at https://epr.elastic.co/package/osquery/1.21.0/

@elastic-vault-github-plugin-prod
Copy link

Package platform_observability - 0.1.0 containing this change is available at https://epr.elastic.co/package/platform_observability/0.1.0/

@elastic-vault-github-plugin-prod
Copy link

Package postgresql - 1.26.0 containing this change is available at https://epr.elastic.co/package/postgresql/1.26.0/

@elastic-vault-github-plugin-prod
Copy link

Package pps - 0.4.0 containing this change is available at https://epr.elastic.co/package/pps/0.4.0/

@elastic-vault-github-plugin-prod
Copy link

Package rabbitmq - 1.17.0 containing this change is available at https://epr.elastic.co/package/rabbitmq/1.17.0/

@elastic-vault-github-plugin-prod
Copy link

Package santa - 3.23.0 containing this change is available at https://epr.elastic.co/package/santa/3.23.0/

@elastic-vault-github-plugin-prod
Copy link

Package snort - 1.17.0 containing this change is available at https://epr.elastic.co/package/snort/1.17.0/

@elastic-vault-github-plugin-prod
Copy link

Package sophos - 3.12.0 containing this change is available at https://epr.elastic.co/package/sophos/3.12.0/

@elastic-vault-github-plugin-prod
Copy link

Package stan - 1.8.0 containing this change is available at https://epr.elastic.co/package/stan/1.8.0/

@elastic-vault-github-plugin-prod
Copy link

Package suricata - 2.23.0 containing this change is available at https://epr.elastic.co/package/suricata/2.23.0/

@elastic-vault-github-plugin-prod
Copy link

Package system - 1.66.0 containing this change is available at https://epr.elastic.co/package/system/1.66.0/

@elastic-vault-github-plugin-prod
Copy link

Package thycotic_ss - 1.11.0 containing this change is available at https://epr.elastic.co/package/thycotic_ss/1.11.0/

@elastic-vault-github-plugin-prod
Copy link

Package traefik - 2.4.0 containing this change is available at https://epr.elastic.co/package/traefik/2.4.0/

@elastic-vault-github-plugin-prod
Copy link

Package zeek - 2.27.0 containing this change is available at https://epr.elastic.co/package/zeek/2.27.0/

@gizas gizas mentioned this pull request Feb 10, 2025
Merged
5 tasks
@jsoriano jsoriano mentioned this pull request Mar 26, 2025
Merged
jsoriano
jsoriano reviewed Mar 26, 2025
View reviewed changes
packages/apache/manifest.yml
@@ -11,7 +11,7 @@ categories:
- observability
conditions:
kibana:
version: "^8.13.0 || ^9.0.0"
version: "^8.13.0"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess this change was unintended, reverting it in #13315.

@rdner rdner mentioned this pull request Apr 24, 2025
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jsoriano jsoriano jsoriano left review comments

@ishleenk17 ishleenk17 ishleenk17 left review comments

@zmoog zmoog zmoog approved these changes

@consulthys consulthys consulthys approved these changes

@cmacknz cmacknz cmacknz approved these changes

@robbavey robbavey robbavey approved these changes

@nfritts nfritts nfritts approved these changes

@efd6 efd6 efd6 approved these changes

@taylor-swanson taylor-swanson taylor-swanson approved these changes

@muthu-mps muthu-mps muthu-mps approved these changes

@rdner rdner Awaiting requested review from rdner

@VihasMakwana VihasMakwana Awaiting requested review from VihasMakwana VihasMakwana was automatically assigned from elastic/elastic-agent-data-plane

Assignees

@jlind23 jlind23

Labels
Integration:activemq ActiveMQ Integration:apache Apache HTTP Server Integration:auditd Auditd Logs Integration:aws AWS Integration:azure_app_service Azure App Service Integration:azure Azure Logs Integration:carbonblack_edr VMware Carbon Black EDR Integration:cassandra Cassandra Integration:cef Common Event Format (CEF) Integration:checkpoint Check Point Integration:crowdstrike CrowdStrike Integration:cyberarkpas CyberArk Privileged Access Security Integration:elasticsearch Elasticsearch Integration:f5_bigip F5 BIG-IP Integration:forcepoint_web Forcepoint Web Security (Community supported) Integration:fortinet_fortiedr Fortinet FortiEDR Logs Integration:fortinet_fortigate Fortinet FortiGate Firewall Logs Integration:haproxy HAProxy Integration:ibmmq IBM MQ Integration:iis IIS Integration:infoblox_nios Infoblox NIOS Integration:iptables Iptables Integration:kafka Kafka Integration:kibana Kibana Integration:logstash Logstash Integration:microsoft_defender_endpoint Microsoft Defender for Endpoint Integration:microsoft_exchange_online_message_trac Microsoft Exchange Online Message Trace Integration:microsoft_sqlserver Microsoft SQL Server Integration:mongodb MongoDB Integration:nats NATS Integration:osquery Osquery Logs Integration:platform_observability Platform Observability Integration:postgresql PostgreSQL Integration:pps Pleasant Password Server (Community supported) Integration:rabbitmq RabbitMQ Logs and Metrics Integration:santa Google Santa Integration:snort Snort Integration:sophos Sophos Integration:stan STAN Integration:suricata Suricata Integration:system System Integration:thycotic_ss Thycotic Secret Server (Community supported) Integration:traefik Traefik Integration:zeek Zeek New Integration Issue or pull request for creating a new integration package. Team:obs-ds-hosted-services Observability Hosted Services team [elastic/obs-ds-hosted-services] Team:Obs-InfraObs Observability Infrastructure Monitoring team [elastic/obs-infraobs-integrations] Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices] Team:Security-Linux Platform Linux Platform Security team [elastic/sec-linux-platform] Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] Team:Stack Monitoring Stack Monitoring team [elastic/stack-monitoring]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.