Skip to content

Commit

Permalink
[Filebeat][Fortinet] Remove pre populated event.timezone (elastic#20273)
Browse files Browse the repository at this point in the history
* Remove pre populated event.timezone

* Add changelog entry

* Remove  processor instead of the field
  • Loading branch information
marc-gr authored Jul 30, 2020
1 parent 6106a0e commit b1b7860
Show file tree
Hide file tree
Showing 4 changed files with 2 additions and 3 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Fix s3 input parsing json file without expand_event_list_from_field. {issue}19902[19902] {pull}19962[19962]
- Fix millisecond timestamp normalization issues in CrowdStrike module {issue}20035[20035], {pull}20138[20138]
- Fix support for message code 106100 in Cisco ASA and FTD. {issue}19350[19350] {pull}20245[20245]
- Fix `fortinet` setting `event.timezone` to the system one when no `tz` field present {pull}20273[20273]

*Heartbeat*

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ tags: {{.tags | tojson}}
publisher_pipeline.disable_host: {{ inList .tags "forwarded" }}

processors:
- add_locale: ~
- add_fields:
target: ''
fields:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -178,4 +178,4 @@ processors:
on_failure:
- set:
field: error.message
value: '{{ _ingest.on_failure_message }}'
value: '{{ _ingest.on_failure_message }}'
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,6 @@
"event.module": "fortinet",
"event.outcome": "success",
"event.start": "2020-06-24T01:16:08.000Z",
"event.timezone": "-02:00",
"event.type": [
"connection",
"end"
Expand Down

0 comments on commit b1b7860

Please sign in to comment.