Skip to content

symantec_endpoint: ensure that event.duration is mapped as a long #11504

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 24, 2024
Merged

symantec_endpoint: ensure that event.duration is mapped as a long #11504

merged 1 commit into from
Oct 24, 2024

Conversation

efd6
Copy link
Contributor

@efd6 efd6 commented Oct 24, 2024

Proposed commit message

The event.duration field does not get mapped as a long, even when there is a convert processor in place, potentially resulting in a mapping conflict. So add back a field definition for the field.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

  • [ ]

How to test this PR locally

Related issues

Screenshots

@efd6 efd6 added Integration:symantec_endpoint Symantec Endpoint Protection bugfix Pull request that fixes a bug issue Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations] labels Oct 24, 2024
@efd6 efd6 self-assigned this Oct 24, 2024
@efd6 efd6 force-pushed the s5302-symantec_endpoint branch from 6f40c7c to e1b3f42 Compare October 24, 2024 03:30
@efd6
symantec_endpoint: ensure that event.duration is mapped as a long
dda6b15 
The event.duration field does not get mapped as a long, even when there
is a convert processor in place, potentially resulting in a mapping
conflict. So add back a field definition for the field.
@efd6 efd6 force-pushed the s5302-symantec_endpoint branch from e1b3f42 to dda6b15 Compare October 24, 2024 03:42
@elastic-vault-github-plugin-prod
Copy link

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

@elasticmachine
Copy link

💚 Build Succeeded

History

  • 💔 Build #17522 failed e1b3f422c77c7c182c5d47bca8f9c83825890950

cc @efd6

@efd6 efd6 marked this pull request as ready for review October 24, 2024 04:03
@efd6 efd6 requested a review from a team as a code owner October 24, 2024 04:03
@elasticmachine
Copy link

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@efd6 efd6 merged commit 91177a3 into elastic:main Oct 24, 2024
5 checks passed
@elastic-vault-github-plugin-prod
Copy link

Package symantec_endpoint - 2.16.2 containing this change is available at https://epr.elastic.co/search?package=symantec_endpoint

harnish-elastic pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 4, 2025
@efd6
symantec_endpoint: ensure that event.duration is mapped as a long (el…
4aeea8b 
…astic#11504)

The event.duration field does not get mapped as a long, even when there
is a convert processor in place, potentially resulting in a mapping
conflict. So add back a field definition for the field.
harnish-elastic pushed a commit to chavdaharnish/integrations that referenced this pull request Feb 5, 2025
@efd6
symantec_endpoint: ensure that event.duration is mapped as a long (el…
81e2354 
…astic#11504)

The event.duration field does not get mapped as a long, even when there
is a convert processor in place, potentially resulting in a mapping
conflict. So add back a field definition for the field.
@efd6 efd6 deleted the s5302-symantec_endpoint branch February 5, 2025 21:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ShourieG ShourieG ShourieG approved these changes

Assignees

@efd6 efd6

Labels
bugfix Pull request that fixes a bug issue Integration:symantec_endpoint Symantec Endpoint Protection Team:Security-Service Integrations Security Service Integrations team [elastic/security-service-integrations]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@efd6 @elasticmachine @ShourieG