comments from @adriansr

elastic · May 11, 2021 · 6c443fd · 6c443fd
1 parent 24cb1e7
commit 6c443fd
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 20 deletions.
diff --git a/x-pack/filebeat/module/panw/panos/_meta/fields.yml b/x-pack/filebeat/module/panw/panos/_meta/fields.yml
@@ -148,21 +148,6 @@
       description: >
         Virtual system instance
 
-    # - name: eventid
-    #   type: keyword
-    #   description: >
-    #     A string showing the name of the event.
-
-    # - name: hostid
-    #   type: keyword
-    #   description: >
-    #     The unique ID that GlobalProtect assigns to identify the host.
-
-    # - name: machinename
-    #   type: keyword
-    #   description: >
-    #     The name of the user’s machine.
-
     - name: client_os_ver
       type: keyword
       description: >

diff --git a/x-pack/filebeat/module/panw/panos/ingest/pipeline.yml b/x-pack/filebeat/module/panw/panos/ingest/pipeline.yml
@@ -183,14 +183,9 @@ processors:
       allow_duplicates: false
       value: denied
       if: "ctx?.panw?.panos?.action != null && ['deny', 'drop', 'reset-client', 'reset-server', 'reset-both', 'block-url', 'block-ip', 'random-drop', 'sinkhole', 'block'].contains(ctx.panw.panos.action)"
-  - set:
-      field: event.outcome
-      value: failure
-      if: "ctx?.event?.type != null && ctx?.event?.type.contains('denied')"
   - set:
       field: event.outcome
       value: success
-      if: ctx?.event?.outcome == null
 
   # event.action for traffic logs.
   - set: