-
Notifications
You must be signed in to change notification settings - Fork 423
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove event.original removal processors (integrations AWS & Azure) #10888
Remove event.original removal processors (integrations AWS & Azure) #10888
Conversation
Please run CI tests |
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations) |
/test |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Did you confirm that the minimum version is at least 8.11.0 (similar to #10417 (comment))?
🚀 Benchmarks reportPackage
|
Data stream | Previous EPS | New EPS | Diff (%) | Result |
---|---|---|---|---|
inspector |
1919.39 | 1545.6 | -373.79 (-19.47%) | 💔 |
route53_resolver_logs |
7042.25 | 4291.85 | -2750.4 (-39.06%) | 💔 |
apigateway_logs |
9803.92 | 5649.72 | -4154.2 (-42.37%) | 💔 |
cloudfront_logs |
2518.89 | 1964.64 | -554.25 (-22%) | 💔 |
cloudwatch_logs |
500000 | 333333.33 | -166666.67 (-33.33%) | 💔 |
ec2_logs |
47619.05 | 34482.76 | -13136.29 (-27.59%) | 💔 |
elb_logs |
6289.31 | 5291.01 | -998.3 (-15.87%) | 💔 |
Package azure
👍(6) 💚(3) 💔(2)
Expand to view
Data stream | Previous EPS | New EPS | Diff (%) | Result |
---|---|---|---|---|
auditlogs |
2380.95 | 1828.15 | -552.8 (-23.22%) | 💔 |
firewall_logs |
1612.9 | 1305.48 | -307.42 (-19.06%) | 💔 |
Package azure_frontdoor
👍(1) 💚(0) 💔(1)
Expand to view
Data stream | Previous EPS | New EPS | Diff (%) | Result |
---|---|---|---|---|
waf |
4950.5 | 3484.32 | -1466.18 (-29.62%) | 💔 |
Package azure_functions
👍(0) 💚(0) 💔(1)
Expand to view
Data stream | Previous EPS | New EPS | Diff (%) | Result |
---|---|---|---|---|
functionapplogs |
2074.69 | 1068.38 | -1006.31 (-48.5%) | 💔 |
To see the full report comment with /test benchmark fullreport
@andrewkroh I checked minimum Kibana constraints. However I saw that CI is failing on Azure integration due to permission denied on filesystem. Did I miss anything? |
You need to address this comment to fix the build failure. |
Should be done. Can you please run CI again? |
/test |
@elastic/obs-ds-hosted-services, can you please have look at the changes. This gives |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we remove the tag preserve_original_event
then since event.original
will always be there?
No, this tag is still used by Fleet's built-in final_pipeline to determine if it should remove |
/test |
…t-original-removal-temp
ac019b3
to
79220dd
Compare
@andrewkroh Could you run CI again? |
/test |
💚 Build Succeeded
History
|
Quality Gate passedIssues Measures |
Package aws - 2.25.0 containing this change is available at https://epr.elastic.co/search?package=aws |
Package aws_bedrock - 0.9.0 containing this change is available at https://epr.elastic.co/search?package=aws_bedrock |
Package azure - 1.16.0 containing this change is available at https://epr.elastic.co/search?package=azure |
Package azure_frontdoor - 1.10.0 containing this change is available at https://epr.elastic.co/search?package=azure_frontdoor |
Package azure_functions - 0.8.0 containing this change is available at https://epr.elastic.co/search?package=azure_functions |
Package azure_network_watcher_nsg - 0.3.0 containing this change is available at https://epr.elastic.co/search?package=azure_network_watcher_nsg |
Package azure_network_watcher_vnet - 0.3.0 containing this change is available at https://epr.elastic.co/search?package=azure_network_watcher_vnet |
Package azure_openai - 1.4.0 containing this change is available at https://epr.elastic.co/search?package=azure_openai |
Please label as enhancement
Proposed commit message
Remove event.original removal processors
Checklist
changelog.yml
file.Related issues
Review #10072 for additional info