Update Splunk integration #625
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
opensearch-project#16148) (opensearch-project#16178) (cherry picked from commit 6020c58) Signed-off-by: Gaurav Bafna <gbbafna@amazon.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…n Repository (opensearch-project#16141) * Add default implementation to new finalizeSnapshot() in Repository (opensearch-project#16128) Signed-off-by: Sachin Kale <sachinpkale@gmail.com> (cherry picked from commit 9a5c7b2) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Fix japicmp configuration by treating abstract-to-default method changes as non-breaking Signed-off-by: Andriy Redko <andriy.redko@aiven.io> --------- Signed-off-by: Sachin Kale <sachinpkale@gmail.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Andriy Redko <andriy.redko@aiven.io>
…anslog (opensearch-project#16151) (opensearch-project#16186) (cherry picked from commit aef7eca) Signed-off-by: Sachin Kale <sachinpkale@gmail.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…ect#16187) * add `Strings#isDigits` API inspiration taken from [this SO answer][SO]. note that the stream is not parallelised to avoid the overhead of this as the method is intended to be called primarily with shorter strings where the time to set up would take longer than the actual check. [SO]: https://stackoverflow.com/a/35150400 Signed-off-by: Ralph Ursprung <Ralph.Ursprung@avaloq.com> * add `phone` & `phone-search` analyzer + tokenizer this is largely based on [elasticsearch-phone] and internally uses [libphonenumber]. this intentionally only ports a subset of the features: only `phone` and `phone-search` are supported right now, `phone-email` can be added if/when there's a clear need for it. using `libphonenumber` is required since parsing phone numbers is a non-trivial task (even though it might seem trivial at first glance!), as can be seen in the list [falsehoods programmers believe about phone numbers][falsehoods]. this allows defining the region to be used when analysing a phone number. so far only the generic "unkown" region (`ZZ`) had been used which worked as long as international numbers were prefixed with `+` but did not work when using local numbers (e.g. a number stored as `+4158...` was not matched against a number entered as `004158...` or `058...`). example configuration for an index: ```json { "index": { "analysis": { "analyzer": { "phone": { "type": "phone" }, "phone-search": { "type": "phone-search" }, "phone-ch": { "type": "phone", "phone-region": "CH" }, "phone-search-ch": { "type": "phone-search", "phone-region": "CH" } } } } } ``` this creates four analyzers: `phone` and `phone-search` which do not explicitly specify a region and thus fall back to `ZZ` (unknown region, regional version of international dialing prefix (e.g. `00` instead of `+` in most of europe) will not be recognised) and `phone-ch` and `phone-search-ch` which will try to parse the phone number as a swiss phone number (thus e.g. `00` as a prefix is recognised as the international dialing prefix). note that the analyzer is (currently) not meant to find phone numbers in large text documents - instead it should be used on fields which contain just the phone number (though extra text will be ignored) and it collects the whole content of the field into a `String` in memory, making it unsuitable for large field values. this has been implemented in a new plugin which is however part of the central opensearch repository as it was deemed too big an overhead to have it in a separate repository but not important enough to bundle it directly in `analysis-common` (see the discussion on the issue and the PR for further details). note that the new plugin has been added to the exclude list of the javadoc check as this check is overzealous and also complains in many cases where it shouldn't (e.g. on overridden methods - which it should theoretically not do - or constructors which don't even exist). the check first needs to be improved before this exclusion could be removed. closes opensearch-project#11326 [elasticsearch-phone]: https://github.com/purecloudlabs/elasticsearch-phone [libphonenumber]: https://github.com/google/libphonenumber [falsehoods]: https://github.com/google/libphonenumber/blob/master/FALSEHOODS.md Signed-off-by: Ralph Ursprung <Ralph.Ursprung@avaloq.com> --------- Signed-off-by: Ralph Ursprung <Ralph.Ursprung@avaloq.com>
…pensearch-project#16194) (opensearch-project#16196) * Fix warnings from SLF4J on startup when repository-s3 is installed * Add to CHANGELOG * Fix precommit --------- (cherry picked from commit b06ddb6) Signed-off-by: Craig Perkins <cwperx@amazon.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…ch-project#16192) (opensearch-project#16197) (cherry picked from commit 421a1cc) Signed-off-by: Sachin Kale <sachinpkale@gmail.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…ch-project#15990) (opensearch-project#16082) * Fix red index on close for remote translog * Add UTs --------- (cherry picked from commit f1acc7a) Signed-off-by: Ashish Singh <ssashish@amazon.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Ashish Singh <ssashish@amazon.com>
… completion (opensearch-project#16191) * Run queued operations post v2 operations completion (opensearch-project#16179) Signed-off-by: Gaurav Bafna <gbbafna@amazon.com> (cherry picked from commit ba8f1be) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Mute snapshot v2 flaky tests (opensearch-project#16193) Signed-off-by: Gaurav Bafna <gbbafna@amazon.com> --------- Signed-off-by: Gaurav Bafna <gbbafna@amazon.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Gaurav Bafna <85113518+gbbafna@users.noreply.github.com>
…ject#15925) (opensearch-project#16225) * cancellation related * Update CHANGELOG.md * add better cancellation reason * Update DefaultTaskCancellationTests.java * refactor * refactor * Update DefaultTaskCancellation.java * Update DefaultTaskCancellation.java * Update DefaultTaskCancellation.java * Update DefaultTaskSelectionStrategy.java * refactor * refactor node level threshold * use query group task * code clean up and refactorings * add unit tests and fix existing ones * uncomment the test case * update CHANGELOG * fix imports * add queryGroupService * refactor and add UTs for new constructs * fix javadocs * remove code clutter * change annotation version and task selection strategy * rename a util class * remove wrappers from resource type * apply spotless * address comments * add rename changes * address comments * initial changes * refactor changes and logical bug fix * add chanegs * address comments * temp changes * add UTs * add changelog * add task completion listener hook * add remaining pieces to make the feature functional * extend stats and fix bugs * fix bugs and add logic to make SBP work with wlm * address comments * fix bugs and SBP ITs * add missed applyCluster state change * address comments * decouple queryGroupService and cancellationService * replace StateApplier with StateListener interface * fix precommit errors --------- Signed-off-by: Kiran Prakash <awskiran@amazon.com> Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> Co-authored-by: Kiran Prakash <awskiran@amazon.com>
… (opensearch-project#16209) Signed-off-by: Harsh Garg <gkharsh@amazon.com>
…ture (opensearch-project#16135) (opensearch-project#16206) * Bump org.jline:jline in /test/fixtures/hdfs-fixture Bumps [org.jline:jline](https://github.com/jline/jline3) from 3.26.3 to 3.27.0. - [Release notes](https://github.com/jline/jline3/releases) - [Changelog](https://github.com/jline/jline3/blob/master/changelog.md) - [Commits](jline/jline3@jline-parent-3.26.3...jline-3.27.0) --- updated-dependencies: - dependency-name: org.jline:jline dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Update changelog Signed-off-by: dependabot[bot] <support@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> (cherry picked from commit c46bf41) Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…roject#16228) (opensearch-project#16234) (cherry picked from commit 96082f7) Signed-off-by: Sachin Kale <sachinpkale@gmail.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…azure (opensearch-project#16217) (opensearch-project#16231) * Bump com.azure:azure-json in /plugins/repository-azure Bumps [com.azure:azure-json](https://github.com/Azure/azure-sdk-for-java) from 1.1.0 to 1.3.0. - [Release notes](https://github.com/Azure/azure-sdk-for-java/releases) - [Commits](Azure/azure-sdk-for-java@v1.1.0...v1.3.0) --- updated-dependencies: - dependency-name: com.azure:azure-json dependency-type: direct:production update-type: version-update:semver-minor ... * Updating SHAs * Update changelog --------- (cherry picked from commit aad325f) Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: Andriy Redko <andriy.redko@aiven.io>
…es (opensearch-project#16237) (opensearch-project#16239) * Remove force to TLSv1.2 in gradle.properties * Add TLSv1.3 --------- (cherry picked from commit febbc00) Signed-off-by: Craig Perkins <cwperx@amazon.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…rch-project#16240) (opensearch-project#16241) (cherry picked from commit 2ed8ff0) Signed-off-by: Sayali Gaikawad <gaiksaya@amazon.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…-project#16211) * Update Apache Lucene to 9.12.0 * change to IOContext READONCE in locations where the file is not expected to be read multiple times. * Use READ IOContext for all non Segment* files when copying node-node * Fixing more test failures * Move Composite912Codec under org.opensearch.index.codec.composite.composite912 package --------- (cherry picked from commit 146b0f7) Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Signed-off-by: Marc Handalian <marc.handalian@gmail.com> Co-authored-by: Marc Handalian <marc.handalian@gmail.com>
…roject#16229) * [Tiered Caching] Segmented cache changes (opensearch-project#16047) * Segmented cache changes for TieredCache Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Adding change log Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Allow segment number to be power of two Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Moving common tiered cache IT methods to a common base class Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Adding disk took time IT test with multiple segment Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Correcting changelog Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Addressing comments Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Fixing invalid segment count variable name Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Introducing new settings for size for respective cache tier Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Changing the default segmentCount logic Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> * Fixing missing java doc issue Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> --------- Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> Signed-off-by: Sagar <99425694+sgup432@users.noreply.github.com> * Fixing compatilbility test Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> --------- Signed-off-by: Sagar Upadhyaya <sagar.upadhyaya.121@gmail.com> Signed-off-by: Sagar <99425694+sgup432@users.noreply.github.com>
…#16110) (opensearch-project#16243) Signed-off-by: David Zane <davizane@amazon.com> Signed-off-by: Ankit Jain <akjain@amazon.com> (cherry picked from commit 5279d21)
…on dynamic limit settings (opensearch-project#15986) (opensearch-project#16235) Signed-off-by: Sumit Bansal <sumitsb@amazon.com>
…ch-project#16254) (opensearch-project#16260) * The protobuf-java leaks through client library dependencies * Address code review comments --------- (cherry picked from commit 68e3e45) Signed-off-by: Andriy Redko <andriy.redko@aiven.io> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…igured methods (opensearch-project#16249) * Separate Remote State and Publication enabled and configured methods (opensearch-project#16080) * Separate Remote State and Publication enabled and configured methods Signed-off-by: Shivansh Arora <hishiv@amazon.com> * Revert remote publication method renaming in DiscoveryNode (opensearch-project#16250) Signed-off-by: Sooraj Sinha <soosinha@amazon.com> --------- Signed-off-by: Shivansh Arora <hishiv@amazon.com> Signed-off-by: Sooraj Sinha <soosinha@amazon.com> Co-authored-by: Shivansh Arora <hishiv@amazon.com>
…search-project#16248) (opensearch-project#16264) (cherry picked from commit 58adc18) Signed-off-by: Sachin Kale <sachinpkale@gmail.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…plugins/repository-gcs (opensearch-project#16216) (opensearch-project#16244) * Bump com.google.api-client:google-api-client in /plugins/repository-gcs Bumps [com.google.api-client:google-api-client](https://github.com/googleapis/google-api-java-client) from 2.2.0 to 2.7.0. - [Release notes](https://github.com/googleapis/google-api-java-client/releases) - [Changelog](https://github.com/googleapis/google-api-java-client/blob/main/CHANGELOG.md) - [Commits](googleapis/google-api-java-client@v2.2.0...v2.7.0) --- updated-dependencies: - dependency-name: com.google.api-client:google-api-client dependency-type: direct:production update-type: version-update:semver-minor ... * Updating SHAs * Update changelog --------- (cherry picked from commit acf209f) Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: gaobinlong <gbinlong@amazon.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com> Co-authored-by: gaobinlong <gbinlong@amazon.com>
…ch-project#16267) (opensearch-project#16270) (cherry picked from commit 942765e) Signed-off-by: Ashish Singh <ssashish@amazon.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
…opensearch-project#16113) * Registering disable user-agent setting with OpenSearch (opensearch-project#16052) * Registering allowlist setting in user-agent Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com> * Adding unit tests Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com> --------- Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com> (cherry picked from commit 78860ac) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * Fixing backport 2.x Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com> --------- Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>
…opensearch-project#15955) (opensearch-project#16275) * Add Integration Tests for Workload Management CRUD APIs (opensearch-project#15955) Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * add IT for workload management CRUD APIs Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify based on comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * add IT for workload management CRUD APIs Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> (cherry picked from commit b3b8c9b) * Add Integration Tests for Workload Management CRUD APIs (opensearch-project#15955) Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * add IT for workload management CRUD APIs Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify based on comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * add IT for workload management CRUD APIs Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> (cherry picked from commit b3b8c9b)
…arch-project#16274) * [Workload Management] QueryGroup Stats API Logic (opensearch-project#15777) Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * changelog Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * address comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * add tests Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify uri Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * address comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify based on comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * changelog Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * address comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * add tests Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify uri Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify based on comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify based on comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * revise Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * address comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * changelog Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * address comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * add tests Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify uri Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify based on comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * modify based on comments Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * git pull Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * rebase Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * encapsulate querygroupstats in wlmstats Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * fix UT Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> (cherry picked from commit b2253f1) * fix backward compatibility issue Signed-off-by: Ruirui Zhang <mariazrr@amazon.com> * spotless apply Signed-off-by: Ruirui Zhang <mariazrr@amazon.com>
…ch-project#16280) * fix wlm stats output Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * rename wlm stats vars Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> * fix ut failure Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com> --------- Signed-off-by: Kaushal Kumar <ravi.kaushal97@gmail.com>
…opensearch-project#16268) * Reconfigure remote state thread pool count Signed-off-by: Sooraj Sinha <soosinha@amazon.com>
Signed-off-by: Álex Ruiz <alejandro.ruiz.becerra@wazuh.com>
* Migrate 525 to 2.17.1 * Adding custom agent.host custom field definitions to remaining indices * Add custom fields to index templates * Fix host custom schema * Fix host custom schema in networks template * Fix host custom schema in ports template * Fix host field in states-vulnerabilities * Include specific agent fields in alerts index subset * Add agent and host fields to states-fim * Add host fields to alerts top level * Add agent fields to states-inventory-hardware * Add agent fields to states-inventory-hardware * Add agent fields to states-inventory-hotfixes * Add agent fields to states-inventory-packages * Add agent fields to states-inventory-ports * Add agent fields to states-inventory-processes * Add agent fields to states-inventory-system * Add all-in-one script --------- Co-authored-by: Alex Ruiz <alejandro.ruiz.becerra@wazuh.com>
Include the 'scripts' directory summary Signed-off-by: Kevin Ledesma <kevinledesmam95@gmail.com>
* Remove security related config files and jvm.prod.options Changes are appended to the original files instead * Update performance-analyzer.service to 2.18.0 * Remove duplicated line * Add PA settings * Fix PA missing permissions on Deb packages * Attempt to properly define OPENSEARCH_PATH_CONF in rpm.spec file
Remove `curl` from the provision of the test-tools/Vagrantfile as it breaks the communication with the VM from the host due to the latest curl update (it forces an update of OpenSSL). Signed-off-by: Álex Ruiz <alejandro.ruiz.becerra@wazuh.com>
* Add demo certificates to Indexer packages * Format files * Roll back hard coded certs changes --------- Co-authored-by: Alex Ruiz <alejandro.ruiz.becerra@wazuh.com>
* Fix indexes definitions * More fixes * Update event generators
* Add interface fields to the root level Expected at root level on the inventory-networks index * Update inventory-networks index events generator and docs * Add network interface custom fields to event generator * Fix event generator * Normalize --------- Signed-off-by: Kevin Ledesma <kevinledesmam95@gmail.com> Co-authored-by: Alex Ruiz <alejandro.ruiz.becerra@wazuh.com>
…x data model (#568) * Add ECS fields @timestamp and delivery_timestamp to command index data model * Update command event_generator with new fields * Move delivery_timestamp to doc level Update command event_generator Remove delivery_timestamp from custom command fields * Move delivery_timestamp definition to a new file * Rename delivery_timestamp custom group to 'base' Now delivery_timestamp can be used as part of base Updated the command subset.yml * Fix the include_all_fields option on the event_generator * Update command event_generator Remove duplicated fields and order the full document Update command ECS index documentation * Update event_generator to use date_time_no_millis compatible datetime format * Improve command.timeout description * Add new revision to commands.md --------- Co-authored-by: Álex Ruiz <alejandro.ruiz.becerra@wazuh.com>
* Add tty char_device.major field to processes mapping Update event generator to implement tty fields * Update processes ecs documentation
Update alerts ECS template documentation
* Remove multi-fields and change type to match text only * Update generate.sh to remove multifields from process and agent.host * Fix jq command * Change wildcard type to keyword
* Adapt commands event_generator to job-scheduler changes Use new commands array on the body for API bulks Add tool argument to select http or https protocols * Update post request body to use JSON dumps * Fix generated data dump to log file
* Add simple Dockerfile for the simplified package builder * Add Java and Gradle installation to build Dockerfile * Add indexer repositories branches as arguments and repo cloning * Add package building stages * Add plugins and reporting built and fix ownership * Add version definition on each RUN step * Simplify plugins build steps * Split the dockerfile into two files, a Dockerfile and a shell script to make the image lightweight * Update builder Dockerfile entrypoint script Make Docker image more lightweight Add output messages for build process * Add new line at .dockerignore EOF * Update Docker shared volume path * Remove old package generation Docker image * Update package building documentation * Fix typos on the documentation * Update default path to store the package on documentation * Move artifacts directory creation to previous stage * store changes * Add compose and script * Fix uid 1000 with noble images * Move repos to volumes * Update entrypoint to deliver packages under artifacts/dist * Clean compose file * Expose variables to compose command * Fix compose.yml * Allow configuration through arguments * Improve help message * fix typo * Fix DESTROY default value * Remove --build and --detach * Format files * Update markdown documentation for wazuh-indexer packages * Fix typos --------- Co-authored-by: f-galland <federico.galland@wazuh.com> Co-authored-by: Fede Galland <99492720+f-galland@users.noreply.github.com> Co-authored-by: Álex Ruiz <alejandro.ruiz.becerra@wazuh.com>
* Add script to build Docker images * Add workflow to build Docker images * Trigger workflow for testing * Trigger workflow for testing * Trigger workflow for testing * Remove testing stuff * Pass tarball name * Add 'outputs' to workflow_call * Bump Docker base image to amazonlinux:2023.6.20241212.0 * Add documentation Format files
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR updates the Splunk integration to version
9.4.0Related Issues
Resolves #624
Check List