Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move user related fields to align with ECS schema. #1783

Merged
merged 9 commits into from
Jan 17, 2019
Merged

Move user related fields to align with ECS schema. #1783

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
dc56f56
Move user related fields to align with ECS schema.
simitt Jan 13, 2019
10ed047
Adapt dashboards.
simitt Jan 14, 2019
f590575
fix user_agent pipeline
simitt Jan 14, 2019
06e7f30
Revert "Adapt dashboards."
simitt Jan 15, 2019
9280b55
revert fields.yml changes for stored objects.
simitt Jan 15, 2019
177980a
PR comments
simitt Jan 15, 2019
da38048
Merge remote-tracking branch 'elastic/master' into ecs-change-user
simitt Jan 16, 2019
75e636c
Update tests to reflect changes.
simitt Jan 17, 2019
7343c4f
fix tests
simitt Jan 17, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
89 changes: 58 additions & 31 deletions _meta/fields.common.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,37 +47,6 @@
description: >
The status code of the http response.

- name: user
type: group
fields:

- name: username
type: keyword
description: >
The username of the logged in user.

- name: id
type: keyword
description: >
Identifier of the logged in user.

- name: email
type: keyword
description: >
Email of the logged in user.

- name: ip
type: ip
description: >
IP of the user where the event is recorded, typically a web browser.
This is obtained from the X-Forwarded-For header, of which the first entry is the IP of the original client.
This value however might not be necessarily trusted, as it can be forged by a malicious user.

- name: user-agent
type: text
description: >
Software agent acting in behalf of a user, eg. a web browser / OS combination.

- name: request
type: group
fields:
Expand Down Expand Up @@ -360,3 +329,61 @@
type: keyword
description: >
Address the server is listening on.

- name: user
type: group
fields:

- name: name
type: keyword
description: >
The username of the logged in user.
overwrite: true

- name: id
type: keyword
description: >
Identifier of the logged in user.
overwrite: true

- name: email
type: keyword
description: >
Email of the logged in user.
overwrite: true

- name: client
type: group
fields:

- name: ip
type: ip
description: >
IP of the user where the event is recorded, typically a web browser.
This is obtained from the X-Forwarded-For header, of which the first entry is the IP of the original client.
This value however might not be necessarily trusted, as it can be forged by a malicious user.
overwrite: true

- name: user_agent
title: User agent
description: >
The user_agent fields normally come from a browser request. They often
show up in web service logs coming from the parsed user agent string.
type: group
overwrite: true
fields:

- name: original
type: keyword
description: >
Unparsed version of the user_agent.
example: "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1"
overwrite: true

multi_fields:
- name: text
type: text
description: >
Software agent acting in behalf of a user, eg. a web browser / OS combination.
overwrite: true

24 changes: 19 additions & 5 deletions beater/test_approved_es_documents/TestPublishIntegrationErrors.approved.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,11 +70,6 @@
},
"tags": {
"organization_uuid": "9f0e9d64-c185-4d21-a6f4-4673ed561ec8"
},
"user": {
"email": "[email protected]",
"id": 99,
"username": "foo"
}
},
"error": {
Expand Down Expand Up @@ -267,6 +262,10 @@
},
"timestamp": {
"us": 1494342245999999
},
"user": {
"id": "99",
"name": "foo"
}
},
{
Expand Down Expand Up @@ -334,6 +333,11 @@
},
"timestamp": {
"us": 1533826745999000
},
"user": {
"email": "[email protected]",
"id": "123",
"name": "bar"
}
},
{
Expand Down Expand Up @@ -401,6 +405,11 @@
},
"timestamp": {
"us": 1547070053000000
},
"user": {
"email": "[email protected]",
"id": "123",
"name": "bar"
}
},
{
Expand Down Expand Up @@ -480,6 +489,11 @@
"id": "1234567890987654",
"sampled": true,
"type": "request"
},
"user": {
"email": "[email protected]",
"id": "123",
"name": "bar"
}
}
]
Expand Down
12 changes: 11 additions & 1 deletion beater/test_approved_es_documents/TestPublishIntegrationMetricsets.approved.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,12 @@
},
"name": "1234_service-12a3"
},
"short_counter": 227
"short_counter": 227,
"user": {
"email": "[email protected]",
"id": "axb123hg",
"name": "logged-in-user"
}
},
{
"@metadata": {
Expand Down Expand Up @@ -102,6 +107,11 @@
"name": "ecmascript"
},
"name": "1234_service-12a3"
},
"user": {
"email": "[email protected]",
"id": "axb123hg",
"name": "logged-in-user"
}
}
]
Expand Down
19 changes: 14 additions & 5 deletions beater/test_approved_es_documents/TestPublishIntegrationTransactions.approved.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,11 @@
"started": 43
},
"type": "request"
},
"user": {
"email": "[email protected]",
"id": "123user",
"name": "bar"
}
},
{
Expand Down Expand Up @@ -157,11 +162,6 @@
"tag2": 12,
"tag3": 12.45,
"tag4": false
},
"user": {
"email": "[email protected]",
"id": "99",
"username": "foo"
}
},
"host": {
Expand Down Expand Up @@ -227,6 +227,10 @@
"started": 17
},
"type": "request"
},
"user": {
"id": "99",
"name": "foo"
}
},
{
Expand Down Expand Up @@ -319,6 +323,11 @@
"started": 436
},
"type": "request"
},
"user": {
"email": "[email protected]",
"id": "123user",
"name": "bar"
}
}
]
Expand Down
1 change: 0 additions & 1 deletion decoder/req_decoder.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,6 @@ func DecodeSourcemapFormData(req *http.Request) (map[string]interface{}, error)
if err != nil {
return nil, err
}

payload := map[string]interface{}{
"sourcemap": string(sourcemapBytes),
"service_name": req.FormValue("service_name"),
Expand Down
24 changes: 19 additions & 5 deletions docs/data/elasticsearch/generated/errors.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,11 +65,6 @@
},
"tags": {
"organization_uuid": "9f0e9d64-c185-4d21-a6f4-4673ed561ec8"
},
"user": {
"email": "[email protected]",
"id": 99,
"username": "foo"
}
},
"error": {
Expand Down Expand Up @@ -255,6 +250,10 @@
},
"timestamp": {
"us": 1494342245999999
},
"user": {
"id": "99",
"name": "foo"
}
},
{
Expand Down Expand Up @@ -310,6 +309,11 @@
},
"timestamp": {
"us": 1533826745999000
},
"user": {
"email": "[email protected]",
"id": "123",
"name": "bar"
}
},
{
Expand Down Expand Up @@ -365,6 +369,11 @@
},
"timestamp": {
"us": 1533117600000000
},
"user": {
"email": "[email protected]",
"id": "123",
"name": "bar"
}
},
{
Expand Down Expand Up @@ -432,6 +441,11 @@
"id": "1234567890987654",
"sampled": true,
"type": "request"
},
"user": {
"email": "[email protected]",
"id": "123",
"name": "bar"
}
}
]
Expand Down
12 changes: 11 additions & 1 deletion docs/data/elasticsearch/generated/metricsets.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,12 @@
},
"name": "1234_service-12a3"
},
"short_counter": 227
"short_counter": 227,
"user": {
"email": "[email protected]",
"id": "axb123hg",
"name": "logged-in-user"
}
},
{
"@timestamp": "2017-05-30T18:53:42.281Z",
Expand Down Expand Up @@ -78,6 +83,11 @@
"name": "ecmascript"
},
"name": "1234_service-12a3"
},
"user": {
"email": "[email protected]",
"id": "axb123hg",
"name": "logged-in-user"
}
}
]
Expand Down
19 changes: 14 additions & 5 deletions docs/data/elasticsearch/generated/transactions.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,11 @@
"started": 43
},
"type": "request"
},
"user": {
"email": "[email protected]",
"id": "123user",
"name": "bar"
}
},
{
Expand Down Expand Up @@ -140,11 +145,6 @@
"tag2": 12,
"tag3": 12.45,
"tag4": false
},
"user": {
"email": "[email protected]",
"id": "99",
"username": "foo"
}
},
"host": {
Expand Down Expand Up @@ -203,6 +203,10 @@
"started": 17
},
"type": "request"
},
"user": {
"id": "99",
"name": "foo"
}
},
{
Expand Down Expand Up @@ -283,6 +287,11 @@
"started": 436
},
"type": "request"
},
"user": {
"email": "[email protected]",
"id": "123user",
"name": "bar"
}
}
]
Expand Down
Loading