Skip to content

Commit

Permalink
Add system and pipeline test for Palo Alto PAN-OS (elastic#454)
Browse files Browse the repository at this point in the history 
This adds both a pipeline and a system test for the Palo Alto PAN-OS.
The test uncovered an issue with incorrect data types in the final ingest
pipeline that's loaded to ES. I added a work-around to the pipeline for the
incorrect data types. elastic/kibana#85486

And there were a few undocumented fields.
  • Loading branch information
@andrewkroh
andrewkroh authored Dec 14, 2020
1 parent d07d890 commit 9126b0f
Show file tree
Hide file tree
Showing 16 changed files with 780 additions and 4 deletions.
5 changes: 5 additions & 0 deletions packages/panw/_dev/deploy/docker/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
FROM alpine

COPY ./*.log /sample_logs/

ENTRYPOINT [ "/bin/sh" ]
8 changes: 8 additions & 0 deletions packages/panw/_dev/deploy/docker/docker-compose.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
version: '2.3'
services:
panw:
tty: true
build: .
volumes:
- ${SERVICE_LOGS_DIR}:/logs
command: -c "cp /sample_logs/*.log /logs/"
34 changes: 34 additions & 0 deletions packages/panw/_dev/deploy/docker/panw-panos-inc-other.log
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
Mar 25 23:58:57 1,2013/03/25 23:58:57,1606001116,CONFIG,0,0,2012/02/25 00:51:50,192.168.0.2,,set,admin,Web,Succeeded, config shared local-user-database user badguy,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,CONFIG,0,0,2012/02/25 00:53:22,192.168.0.2,,set,admin,Web,Succeeded, config mgt-config users badguy,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,CONFIG,0,0,2012/02/25 00:53:40,192.168.0.2,,commit,admin,Web,Submitted,,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,SYSTEM,routing,0,2012/02/25 00:53:53,,routed-config-p1-success,,0,0,general,informational,Route daemon configuration load phase-1 succeeded.,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,SYSTEM,vpn,0,2012/02/25 00:53:56,,ike-config-p1-success,,0,0,general,informational,IKE daemon configuration load phase-1 succeeded.,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,SYSTEM,routing,0,2012/02/25 00:54:16,,routed-config-p2-success,,0,0,general,informational,Route daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,SYSTEM,ras,0,2012/02/25 00:54:16,,rasmgr-config-p2-success,,0,0,general,informational,RASMGR daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,CONFIG,0,0,2012/02/25 00:57:17,192.168.0.2,,edit,badguy,Web,Succeeded, vsys vsys1 profiles url-filtering monzyspolicy,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,CONFIG,0,0,2012/02/25 00:57:36,192.168.0.2,,commit,badguy,Web,Submitted,,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,SYSTEM,routing,0,2012/02/25 00:57:49,,routed-config-p1-success,,0,0,general,informational,Route daemon configuration load phase-1 succeeded.,0,0x0
Mar 25 23:59:02 1,2013/03/25 23:59:02,1606001116,SYSTEM,vpn,0,2012/02/25 00:57:52,,ike-config-p1-success,,0,0,general,informational,IKE daemon configuration load phase-1 succeeded.,0,0x0
Mar 25 23:59:07 1,2013/03/25 23:59:07,1606001116,SYSTEM,routing,0,2012/02/25 00:58:12,,routed-config-p2-success,,0,0,general,informational,Route daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:07 1,2013/03/25 23:59:07,1606001116,SYSTEM,vpn,0,2012/02/25 00:58:12,,ike-config-p2-success,,0,0,general,informational,IKE daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:07 1,2013/03/25 23:59:07,1606001116,SYSTEM,ras,0,2012/02/25 00:58:12,,rasmgr-config-p2-success,,0,0,general,informational,RASMGR daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:07 1,2013/03/25 23:59:07,1606001116,SYSTEM,general,1,2012/02/25 00:58:14,,unknown,,0,0,general,informational,Config installed,909,0x0
Mar 25 23:59:07 1,2013/03/25 23:59:07,1606001116,SYSTEM,general,0,2012/02/25 00:59:36,,general,,0,0,general,informational,Log type config cleared by user badguy ,0,0x0
Mar 25 23:59:22 1,2013/03/25 23:59:22,01606001116,SYSTEM,general,1,2012/04/10 03:11:57,,unknown,,0,0,general,informational,Config installed,884,0x0
Mar 25 23:59:22 1,2013/03/25 23:59:22,01606001116,SYSTEM,ras,0,2012/04/10 03:11:56,,rasmgr-config-p2-success,,0,0,general,informational,RASMGR daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:22 1,2013/03/25 23:59:22,01606001116,SYSTEM,vpn,0,2012/04/10 03:11:56,,ike-config-p2-success,,0,0,general,informational,IKE daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:22 1,2013/03/25 23:59:22,01606001116,SYSTEM,routing,0,2012/04/10 03:11:56,,routed-config-p2-success,,0,0,general,informational,Route daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:22 1,2013/03/25 23:59:22,01606001116,SYSTEM,ras,0,2012/04/10 03:06:11,,rasmgr-config-p1-success,,0,0,general,informational,RASMGR daemon configuration load phase-1 succeeded.,0,0x0
Mar 25 23:59:27 1,2013/03/25 23:59:27,01606001116,SYSTEM,routing,0,2012/04/10 03:06:00,,routed-config-p1-success,,0,0,general,informational,Route daemon configuration load phase-1 succeeded.,0,0x0
Mar 25 23:59:27 1,2013/03/25 23:59:27,01606001116,SYSTEM,general,1,2012/04/09 09:02:53,,unknown,,0,0,general,informational,Config installed,840,0x0
Mar 25 23:59:27 1,2013/03/25 23:59:27,01606001116,SYSTEM,ras,0,2012/04/09 09:02:52,,rasmgr-config-p2-success,,0,0,general,informational,RASMGR daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:27 1,2013/03/25 23:59:27,01606001116,SYSTEM,vpn,0,2012/04/09 09:02:52,,ike-config-p2-success,,0,0,general,informational,IKE daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:27 1,2013/03/25 23:59:27,01606001116,SYSTEM,routing,0,2012/04/09 09:02:52,,routed-config-p2-success,,0,0,general,informational,Route daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:27 1,2013/03/25 23:59:27,01606001116,SYSTEM,ras,0,2012/04/09 09:00:55,,rasmgr-config-p1-success,,0,0,general,informational,RASMGR daemon configuration load phase-1 succeeded.,0,0x0
Mar 25 23:59:27 1,2013/03/25 23:59:27,01606001116,SYSTEM,vpn,0,2012/04/09 09:00:52,,ike-config-p1-success,,0,0,general,informational,IKE daemon configuration load phase-1 succeeded.,0,0x0
Mar 25 23:59:32 1,2013/03/25 23:59:32,01606001116,CONFIG,0,0,2012/04/09 09:00:35,192.168.0.2,,commit,admin,Web,Submitted,,0,0x0
Mar 25 23:59:32 1,2013/03/25 23:59:32,01606001116,CONFIG,0,0,2012/04/09 09:00:20,192.168.0.2,,edit,admin,Web,Succeeded, vsys vsys1 profiles data-objects PII,0,0x0
Mar 25 23:59:47 1,2013/03/25 23:59:47,01606001116,SYSTEM,general,1,2012/04/09 03:21:53,,unknown,,0,0,general,informational,Config installed,821,0x0
Mar 25 23:59:47 1,2013/03/25 23:59:47,01606001116,SYSTEM,ras,0,2012/04/09 03:21:53,,rasmgr-config-p2-success,,0,0,general,informational,RASMGR daemon configuration load phase-2 succeeded.,0,0x0
Mar 25 23:59:47 1,2013/03/25 23:59:47,01606001116,SYSTEM,vpn,0,2012/04/09 03:21:53,,ike-config-p2-success,,0,0,general,informational,IKE daemon configuration load phase-2 succeeded.,0,0x0
Oct 30 09:46:17 1,2012/10/30 09:46:17,01606001116,TRAFFIC,start,1,2012/04/10 04:39:56,192.168.0.2,204.232.231.46,0.0.0.0,0.0.0.0,rule1,crusher,,web-browsing,vsys1,trust,untrust,ethernet1/2,ethernet1/1,forwardAll,2012/04/10 04:39:57,25149,1,59309,80,0,0,0x200000,tcp,allow,78,78,0,1,2012/04/10 04:39:56,0,any,0,0,0x0,192.168.0.0-192.168.255.255,United States,0,1,0
Loading

0 comments on commit 9126b0f

Please sign in to comment.