Skip to content

[udp,tcp]: introduce preserve original event option #10474

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 16, 2024
Merged

[udp,tcp]: introduce preserve original event option #10474

merged 3 commits into from
Jul 16, 2024

Conversation

pkoutsovasilis
Copy link
Contributor

@pkoutsovasilis pkoutsovasilis commented Jul 12, 2024
edited
Loading

Proposed commit message

This PR introduces the preserve_event_original option for udp and tcp integrations. This is especially useful when a user has enabled the "Syslog Parser" toggle as there's no way to retain the original message because the syslog processor will overwrite message

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

N/A

How to test this PR locally

cd packages/tcp
elastic-package test system -v

cd packages/udp
elastic-package test system -v

Related issues

Screenshots

tcp udp

@pkoutsovasilis pkoutsovasilis force-pushed the pkoutsovasilis/tcp_udp_preserve_original_event branch 2 times, most recently from d97e85b to b75e3b0 Compare July 12, 2024 22:47
@pkoutsovasilis pkoutsovasilis self-assigned this Jul 12, 2024
@pkoutsovasilis pkoutsovasilis added enhancement New feature or request Integration:tcp Custom TCP Logs Integration:udp Custom UDP Logs Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices] labels Jul 12, 2024
@pkoutsovasilis pkoutsovasilis marked this pull request as ready for review July 12, 2024 22:51
@pkoutsovasilis pkoutsovasilis requested a review from a team as a code owner July 12, 2024 22:51
@elasticmachine
Copy link

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

@pkoutsovasilis pkoutsovasilis changed the title feat: introduce preserve original event option [udp,tcp]: introduce preserve original event option Jul 12, 2024
@pkoutsovasilis pkoutsovasilis force-pushed the pkoutsovasilis/tcp_udp_preserve_original_event branch from b75e3b0 to 107f248 Compare July 12, 2024 23:18
@pkoutsovasilis pkoutsovasilis force-pushed the pkoutsovasilis/tcp_udp_preserve_original_event branch from 107f248 to c705070 Compare July 13, 2024 00:02
andrewkroh
andrewkroh approved these changes Jul 16, 2024
View reviewed changes
@pkoutsovasilis
Copy link
Contributor Author

@andrewkroh any idea how to deal with coverage issue? I have added test cases for syslog+preserve_original_event and preserve_original_event alone so I am not sure what else I can do to increase it 😄

@andrewkroh
Copy link
Member

andrewkroh commented Jul 16, 2024
edited
Loading

This looks like a problem with that's occurring on several PRs. It seems like the changelog.yml and manifest.yml are being scored with 0% coverage bringing down overall value.

There was an email about updating PRs with main to address Sonarqube failures. Give that a try.

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate failed Quality Gate failed

Failed conditions
68.8% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube

@elasticmachine
Copy link

💚 Build Succeeded

History

cc @pkoutsovasilis

@andrewkroh
Copy link
Member

You can merge this according to #10225 (comment)

@pkoutsovasilis pkoutsovasilis merged commit 500d951 into elastic:main Jul 16, 2024
4 of 5 checks passed
@pkoutsovasilis pkoutsovasilis deleted the pkoutsovasilis/tcp_udp_preserve_original_event branch July 16, 2024 18:13
@elasticmachine
Copy link

Package tcp - 1.19.1 containing this change is available at https://epr.elastic.co/search?package=tcp

@elasticmachine
Copy link

Package udp - 1.19.1 containing this change is available at https://epr.elastic.co/search?package=udp

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewkroh andrewkroh andrewkroh approved these changes

Assignees

@pkoutsovasilis pkoutsovasilis

Labels
enhancement New feature or request Integration:tcp Custom TCP Logs Integration:udp Custom UDP Logs Team:Security-Deployment and Devices Deployment and Devices Security team [elastic/sec-deployment-and-devices]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[udp, tcp] Add "Perserve original event" toggle
3 participants
@pkoutsovasilis @elasticmachine @andrewkroh