address review comments

elastic · Apr 26, 2024 · 929449d · 929449d
1 parent 7afce89
commit 929449d
Show file tree

Hide file tree

Showing 7 changed files with 46 additions and 68 deletions.
diff --git a/packages/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log-expected.json b/packages/apache/data_stream/access/_dev/test/pipeline/test-access-basic.log-expected.json
@@ -4,7 +4,6 @@
             "@timestamp": "2016-12-26T14:16:29.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "::1"
                     ]
@@ -16,7 +15,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419585881Z",
+                "ingested": "2024-04-26T05:46:25.296250288Z",
                 "kind": "event",
                 "original": "::1 - - [26/Dec/2016:16:16:29 +0200] \"GET /favicon.ico HTTP/1.1\" 404 209",
                 "outcome": "failure"
@@ -53,7 +52,6 @@
             "@timestamp": "2016-12-26T16:22:13.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "192.168.33.1"
                     ]
@@ -65,7 +63,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419621774Z",
+                "ingested": "2024-04-26T05:46:25.296284705Z",
                 "kind": "event",
                 "original": "192.168.33.1 - - [26/Dec/2016:16:22:13 +0000] \"GET /hello HTTP/1.1\" 404 499 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:50.0) Gecko/20100101 Firefox/50.0\"",
                 "outcome": "failure"
@@ -115,7 +113,6 @@
             "@timestamp": "2016-12-26T14:16:48.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "::1"
                     ]
@@ -127,7 +124,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419628526Z",
+                "ingested": "2024-04-26T05:46:25.296289743Z",
                 "kind": "event",
                 "original": "::1 - - [26/Dec/2016:16:16:48 +0200] \"-\" 408 -",
                 "outcome": "failure"
@@ -152,7 +149,6 @@
             "@timestamp": "2017-05-29T19:02:48.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "172.17.0.1"
                     ]
@@ -164,7 +160,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419633501Z",
+                "ingested": "2024-04-26T05:46:25.296293311Z",
                 "kind": "event",
                 "original": "172.17.0.1 - - [29/May/2017:19:02:48 +0000] \"GET /stringpatch HTTP/1.1\" 404 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"",
                 "outcome": "failure"
@@ -214,7 +210,6 @@
             "@timestamp": "2017-05-29T19:02:48.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "monitoring-server"
                     ]
@@ -226,7 +221,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419638188Z",
+                "ingested": "2024-04-26T05:46:25.296296691Z",
                 "kind": "event",
                 "original": "monitoring-server - - [29/May/2017:19:02:48 +0000] \"GET /status HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" \"-\"",
                 "outcome": "success"
@@ -276,7 +271,6 @@
             "@timestamp": "2019-02-02T04:38:45.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "127.0.0.1"
                     ]
@@ -288,7 +282,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419642845Z",
+                "ingested": "2024-04-26T05:46:25.296300048Z",
                 "kind": "event",
                 "original": "127.0.0.1 - - [02/Feb/2019:05:38:45 +0100] \"-\" 408 152 \"-\" \"-\"",
                 "outcome": "failure"
@@ -326,7 +320,6 @@
             "@timestamp": "2017-05-29T19:02:48.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "monitoring-server"
                     ]
@@ -338,7 +331,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419647444Z",
+                "ingested": "2024-04-26T05:46:25.296303835Z",
                 "kind": "event",
                 "original": "monitoring-server - - [29/May/2017:19:02:48 +0000] \"GET /A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4 HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" X-Forwarded-For=\"-\"",
                 "outcome": "success"
@@ -389,7 +382,6 @@
             "@timestamp": "2017-05-29T19:02:48.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "10.0.0.2",
                         "10.0.0.1",
@@ -406,7 +398,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419652022Z",
+                "ingested": "2024-04-26T05:46:25.296310193Z",
                 "kind": "event",
                 "original": "89.160.20.112 - - [29/May/2017:19:02:48 +0000] \"GET /A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4 HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" X-Forwarded-For=\"10.0.0.2,10.0.0.1\"",
                 "outcome": "success"
@@ -478,7 +470,6 @@
             "@timestamp": "2017-05-29T19:02:48.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "10.225.192.17",
                         "10.2.2.121",
@@ -495,7 +486,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419656560Z",
+                "ingested": "2024-04-26T05:46:25.296313609Z",
                 "kind": "event",
                 "original": "2a02:cf40:add:4002:91f2:a9b2:e09a:6fc6 - - [29/May/2017:19:02:48 +0000] \"GET /A%20Beka%20G1%20Howe/029_AND_30/15%20reading%20elephants.mp4 HTTP/1.1\" 200 612 \"-\" \"Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20120716 Firefox/15.0a2\" X-Forwarded-For=\"10.225.192.17, 10.2.2.121\"",
                 "outcome": "success"
@@ -558,7 +549,6 @@
             "@timestamp": "2022-05-17T21:41:43.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "192.168.0.2",
                         "monitoring-server"
@@ -574,7 +564,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419661112Z",
+                "ingested": "2024-04-26T05:46:25.296316938Z",
                 "kind": "event",
                 "original": "monitoring-server - - [17/May/2022:21:41:43 +0000] \"GET / HTTP/1.1\" 200 45 \"-\" \"curl/7.79.1\" X-Forwarded-For=\"192.168.0.2\"",
                 "outcome": "success"
@@ -634,7 +624,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.419665782Z",
+                "ingested": "2024-04-26T05:46:25.296320274Z",
                 "kind": "event",
                 "original": "127.0.0.1 user-identity frank [10/Oct/2000:13:55:36 -0700] \"GET /apache_pb.gif HTTP/1.0\" 200 2326",
                 "outcome": "success"

diff --git a/packages/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log-expected.json b/packages/apache/data_stream/access/_dev/test/pipeline/test-access-darwin.log-expected.json
@@ -4,7 +4,6 @@
             "@timestamp": "2016-12-26T14:16:28.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "::1"
                     ]
@@ -16,7 +15,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.640870130Z",
+                "ingested": "2024-04-26T05:46:25.447843628Z",
                 "kind": "event",
                 "original": "::1 - - [26/Dec/2016:16:16:28 +0200] \"GET / HTTP/1.1\" 200 45",
                 "outcome": "success"
@@ -52,7 +51,6 @@
             "@timestamp": "2016-12-26T14:16:29.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "::1"
                     ]
@@ -64,7 +62,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.640922672Z",
+                "ingested": "2024-04-26T05:46:25.447895323Z",
                 "kind": "event",
                 "original": "::1 - - [26/Dec/2016:16:16:29 +0200] \"GET /favicon.ico HTTP/1.1\" 404 209",
                 "outcome": "failure"
@@ -101,7 +99,6 @@
             "@timestamp": "2016-12-26T14:16:48.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "::1"
                     ]
@@ -113,7 +110,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.640930188Z",
+                "ingested": "2024-04-26T05:46:25.447905030Z",
                 "kind": "event",
                 "original": "::1 - - [26/Dec/2016:16:16:48 +0200] \"-\" 408 -",
                 "outcome": "failure"
@@ -138,7 +135,6 @@
             "@timestamp": "2016-12-26T16:23:35.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "89.160.20.156"
                     ]
@@ -150,7 +146,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.640936194Z",
+                "ingested": "2024-04-26T05:46:25.447912585Z",
                 "kind": "event",
                 "original": "89.160.20.156 - - [26/Dec/2016:18:23:35 +0200] \"GET / HTTP/1.1\" 200 45",
                 "outcome": "success"
@@ -204,7 +200,6 @@
             "@timestamp": "2016-12-26T16:23:41.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "89.160.20.156"
                     ]
@@ -216,7 +211,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.640941558Z",
+                "ingested": "2024-04-26T05:46:25.447919912Z",
                 "kind": "event",
                 "original": "89.160.20.156 - - [26/Dec/2016:18:23:41 +0200] \"GET /notfound HTTP/1.1\" 404 206",
                 "outcome": "failure"
@@ -270,7 +265,6 @@
             "@timestamp": "2016-12-26T16:23:45.000Z",
             "apache": {
                 "access": {
-                    "identity": "-",
                     "remote_addresses": [
                         "89.160.20.156"
                     ]
@@ -282,7 +276,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.640946731Z",
+                "ingested": "2024-04-26T05:46:25.447927217Z",
                 "kind": "event",
                 "original": "89.160.20.156 - - [26/Dec/2016:18:23:45 +0200] \"GET /hmm HTTP/1.1\" 404 201",
                 "outcome": "failure"

diff --git a/...es/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log-expected.json b/...es/apache/data_stream/access/_dev/test/pipeline/test-access-ssl-request.log-expected.json
@@ -19,7 +19,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.788662911Z",
+                "ingested": "2024-04-26T05:46:25.568940509Z",
                 "kind": "event",
                 "original": "[10/Aug/2018:09:45:56 +0200] 172.30.0.119 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 \"GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax\u0026amp;opts=%7B%22func%22%3A%22get_admin_tasks_html%22%2C%22args%22%3A%22%22%7D\u0026amp;nsp=b5c7d5d4b6f7d0cf0c92f9cbdf737f6a5c838218425e6ae21 HTTP/1.1\" 1375"
             },
@@ -72,7 +72,7 @@
             "event": {
                 "category": "web",
                 "created": "2020-04-28T11:07:58.223Z",
-                "ingested": "2024-04-09T06:11:58.788703961Z",
+                "ingested": "2024-04-26T05:46:25.568967013Z",
                 "kind": "event",
                 "original": "[16/Oct/2019:11:53:47 +0200] 89.160.20.156 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 \"GET /appl/ajaxhelper.php?cmd=getxicoreajax\u0026opts=%7B%22func%22%3A%22get_pagetop_alert_content_html%22%2C%22args%22%3A%22%22%7D\u0026nsp=c2700eab9797eda8a9f65a3ab17a6adbceccd60a6cca7708650a5923950d HTTP/1.1\" -"
             },