diff --git a/packages/fortinet_fortigate/changelog.yml b/packages/fortinet_fortigate/changelog.yml index 36d60512156..a42b2501440 100644 --- a/packages/fortinet_fortigate/changelog.yml +++ b/packages/fortinet_fortigate/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.25.6" + changes: + - description: Fix test data + type: bugfix + link: https://github.com/elastic/integrations/pull/10865 - version: "1.25.5" changes: - description: Fix handling alternative logs for Administrator logins diff --git a/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log b/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log index 22846b2c458..80927ba6af8 100644 --- a/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log +++ b/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log @@ -37,7 +37,7 @@ date=2020-09-28 time=15:36:26 eventtime=1601332560405228924 tz="-0700" logid="01 date=2020-09-28 time=15:36:26 eventtime=1601332560336851635 tz="-0700" logid="0114032601" type="event" subtype="switch-controller" level="information" vd="vdom1" logdesc="Switch-Controller discovered" user="daemon_admin" ui="cmdbsvr" sn="S248EPTF18001384" name="S248EPTF18001384" msg="S248EPTF18001384 Discovered" date=2022-02-02 time=15:52:09 eventtime=1643845930263415066 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="system.usb-log" status="200" url="/api/v2/monitor/system/usb-log?vdom=root" date=2022-02-02 time=15:52:06 eventtime=1643845926774931021 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="license.status" status="200" url="/api/v2/monitor/license/status?vdom=root" -date=2022-02-02 time=15:52:06 eventtime=1643845926764579729 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="log.fortianalyzer.setting" status="200" url="/api/v2/cmdb/log.fortianalyzer/setting?vdom=root" +date=2022-02-02 time=15:52:06 eventtime=1643845926764579729 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="log.fortianalyzer.setting" status="200" url="/api/v2/cmdb/log_fortianalyzer/setting?vdom=root" date=2022-02-02 time=15:52:06 eventtime=1643845926762372766 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="system.sandbox" action="connection" status="200" url="/api/v2/monitor/system/sandbox/connection?vdom=root" date=2022-02-02 time=15:52:06 eventtime=1643845926755869998 tz="-0800" logid="0116047301" type="event" subtype="rest-api" level="information" vd="root" logdesc="REST API request success" user="admin" ui="GUI(192.168.1.69)" method="GET" path="system.firmware" status="200" url="/api/v2/monitor/system/firmware?vdom=root" date=2021-12-20 time=16:43:54 eventtime=1640047434839814226 tz="-0800" logid="0100020214" type="event" subtype="system" level="warning" vd="root" logdesc="Locally generated traffic goes to IoC location" srcip=172.16.200.2 srcport=18047 dstip=216.160.83.56 dstport=514 session_id=23563 proto=6 diff --git a/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log-expected.json b/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log-expected.json index 961d74f51f3..b2c109f7690 100644 --- a/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log-expected.json +++ b/packages/fortinet_fortigate/data_stream/log/_dev/test/pipeline/test-fortinet-7-4.log-expected.json @@ -2274,7 +2274,7 @@ "event": { "code": "0116047301", "kind": "event", - "original": "date=2022-02-02 time=15:52:06 eventtime=1643845926764579729 tz=\"-0800\" logid=\"0116047301\" type=\"event\" subtype=\"rest-api\" level=\"information\" vd=\"root\" logdesc=\"REST API request success\" user=\"admin\" ui=\"GUI(192.168.1.69)\" method=\"GET\" path=\"log.fortianalyzer.setting\" status=\"200\" url=\"/api/v2/cmdb/log.fortianalyzer/setting?vdom=root\"", + "original": "date=2022-02-02 time=15:52:06 eventtime=1643845926764579729 tz=\"-0800\" logid=\"0116047301\" type=\"event\" subtype=\"rest-api\" level=\"information\" vd=\"root\" logdesc=\"REST API request success\" user=\"admin\" ui=\"GUI(192.168.1.69)\" method=\"GET\" path=\"log.fortianalyzer.setting\" status=\"200\" url=\"/api/v2/cmdb/log_fortianalyzer/setting?vdom=root\"", "start": "2022-02-02T15:52:06.764-08:00", "timezone": "-0800" }, @@ -2314,8 +2314,7 @@ "preserve_original_event" ], "url": { - "extension": "fortianalyzer/setting", - "path": "/api/v2/cmdb/log.fortianalyzer/setting", + "path": "/api/v2/cmdb/log_fortianalyzer/setting", "query": "vdom=root" } }, diff --git a/packages/fortinet_fortigate/manifest.yml b/packages/fortinet_fortigate/manifest.yml index e9b00932ca2..5ebb22c5f86 100644 --- a/packages/fortinet_fortigate/manifest.yml +++ b/packages/fortinet_fortigate/manifest.yml @@ -1,6 +1,6 @@ name: fortinet_fortigate title: Fortinet FortiGate Firewall Logs -version: "1.25.5" +version: "1.25.6" description: Collect logs from Fortinet FortiGate firewalls with Elastic Agent. type: integration format_version: "3.0.3"