github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

[logging] Upgrade ECS to 8.0 (#113662)

Browse source
This commit is contained in:
Luke Elmers 2021-10-06 12:37:43 -06:00 committed by GitHub
parent 3a9aa78458
commit f030960c98
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
50 changed files with 143 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

2
packages/kbn-logging/src/ecs/agent.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-agent.html
* https://www.elastic.co/guide/en/ecs/master/ecs-agent.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/autonomous_system.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-as.html
* https://www.elastic.co/guide/en/ecs/master/ecs-as.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/base.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-base.html
* https://www.elastic.co/guide/en/ecs/master/ecs-base.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/client.ts
View file

@ -17,7 +17,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-client.html
* https://www.elastic.co/guide/en/ecs/master/ecs-client.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/cloud.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-cloud.html
* https://www.elastic.co/guide/en/ecs/master/ecs-cloud.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/code_signature.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-code_signature.html
* https://www.elastic.co/guide/en/ecs/master/ecs-code_signature.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/container.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-container.html
* https://www.elastic.co/guide/en/ecs/master/ecs-container.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/data_stream.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-data_stream.html
* https://www.elastic.co/guide/en/ecs/master/ecs-data_stream.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/destination.ts
View file

@ -17,7 +17,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-destination.html
* https://www.elastic.co/guide/en/ecs/master/ecs-destination.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/dll.ts
View file

@ -17,7 +17,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-dll.html
* https://www.elastic.co/guide/en/ecs/master/ecs-dll.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/dns.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-dns.html
* https://www.elastic.co/guide/en/ecs/master/ecs-dns.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/elf.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-elf.html
* https://www.elastic.co/guide/en/ecs/master/ecs-elf.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/error.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-error.html
* https://www.elastic.co/guide/en/ecs/master/ecs-error.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/event.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-event.html
* https://www.elastic.co/guide/en/ecs/master/ecs-event.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/file.ts
View file

@ -21,7 +21,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-file.html
* https://www.elastic.co/guide/en/ecs/master/ecs-file.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/geo.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-geo.html
* https://www.elastic.co/guide/en/ecs/master/ecs-geo.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/group.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-group.html
* https://www.elastic.co/guide/en/ecs/master/ecs-group.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/hash.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-hash.html
* https://www.elastic.co/guide/en/ecs/master/ecs-hash.html
*
* @internal
*/

5
packages/kbn-logging/src/ecs/host.ts
View file

@ -8,17 +8,14 @@
import { EcsGeo } from './geo';
import { EcsOs } from './os';
import { EcsNestedUser } from './user';
interface NestedFields {
geo?: EcsGeo;
os?: EcsOs;
/** @deprecated */
user?: EcsNestedUser;
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-host.html
* https://www.elastic.co/guide/en/ecs/master/ecs-host.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/http.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-http.html
* https://www.elastic.co/guide/en/ecs/master/ecs-http.html
*
* @internal
*/

6
packages/kbn-logging/src/ecs/index.ts
View file

@ -48,13 +48,13 @@ export { EcsEventCategory, EcsEventKind, EcsEventOutcome, EcsEventType } from '.
interface EcsField {
/**
* These typings were written as of ECS 1.12.0.
* These typings were written as of ECS 8.0.0.
* Don't change this value without checking the rest
* of the types to conform to that ECS version.
*
* https://www.elastic.co/guide/en/ecs/1.12/index.html
* https://www.elastic.co/guide/en/ecs/master/index.html
*/
version: '1.12.0';
version: '8.0.0';
}
/**

2
packages/kbn-logging/src/ecs/interface.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-interface.html
* https://www.elastic.co/guide/en/ecs/master/ecs-interface.html
*
* @internal
*/

4
packages/kbn-logging/src/ecs/log.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-log.html
* https://www.elastic.co/guide/en/ecs/master/ecs-log.html
*
* @internal
*/
@ -16,8 +16,6 @@ export interface EcsLog {
level?: string;
logger?: string;
origin?: Origin;
/** @deprecated - use `event.original` instead */
original?: string;
syslog?: Syslog;
}

2
packages/kbn-logging/src/ecs/network.ts
View file

@ -14,7 +14,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-network.html
* https://www.elastic.co/guide/en/ecs/master/ecs-network.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/observer.ts
View file

@ -29,7 +29,7 @@ interface NestedIngressFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-observer.html
* https://www.elastic.co/guide/en/ecs/master/ecs-observer.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/orchestrator.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-orchestrator.html
* https://www.elastic.co/guide/en/ecs/master/ecs-orchestrator.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/organization.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-organization.html
* https://www.elastic.co/guide/en/ecs/master/ecs-organization.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/os.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-os.html
* https://www.elastic.co/guide/en/ecs/master/ecs-os.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/package.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-package.html
* https://www.elastic.co/guide/en/ecs/master/ecs-package.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/pe.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-pe.html
* https://www.elastic.co/guide/en/ecs/master/ecs-pe.html
*
* @internal
*/

3
packages/kbn-logging/src/ecs/process.ts
View file

@ -21,7 +21,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-process.html
* https://www.elastic.co/guide/en/ecs/master/ecs-process.html
*
* @internal
*/
@ -36,7 +36,6 @@ export interface EcsProcess extends NestedFields {
name?: string;
pgid?: number;
pid?: number;
ppid?: number;
start?: string;
title?: string;
uptime?: number;

2
packages/kbn-logging/src/ecs/registry.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-registry.html
* https://www.elastic.co/guide/en/ecs/master/ecs-registry.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/related.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-related.html
* https://www.elastic.co/guide/en/ecs/master/ecs-related.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/rule.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-rule.html
* https://www.elastic.co/guide/en/ecs/master/ecs-rule.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/server.ts
View file

@ -17,7 +17,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-server.html
* https://www.elastic.co/guide/en/ecs/master/ecs-server.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/service.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-service.html
* https://www.elastic.co/guide/en/ecs/master/ecs-service.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/source.ts
View file

@ -17,7 +17,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-source.html
* https://www.elastic.co/guide/en/ecs/master/ecs-source.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/threat.ts
View file

@ -23,7 +23,7 @@ interface IndicatorNestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-threat.html
* https://www.elastic.co/guide/en/ecs/master/ecs-threat.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/tls.ts
View file

@ -17,7 +17,7 @@ interface NestedServerFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-tls.html
* https://www.elastic.co/guide/en/ecs/master/ecs-tls.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/tracing.ts
View file

@ -12,7 +12,7 @@
* the base fields, we will need to do an intersection with these types at
* the root level.
*
* https://www.elastic.co/guide/en/ecs/1.12/ecs-tracing.html
* https://www.elastic.co/guide/en/ecs/master/ecs-tracing.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/url.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-url.html
* https://www.elastic.co/guide/en/ecs/master/ecs-url.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/user.ts
View file

@ -20,7 +20,7 @@ interface NestedFields {
* placed at the root level, but not if it is nested inside another field like
* `destination`. A more detailed explanation of these nuances can be found at:
*
* https://www.elastic.co/guide/en/ecs/1.12/ecs-user-usage.html
* https://www.elastic.co/guide/en/ecs/master/ecs-user-usage.html
*
* As a result, we need to export a separate `NestedUser` type to import into
* other interfaces internally. This contains the reusable subset of properties

2
packages/kbn-logging/src/ecs/user_agent.ts
View file

@ -13,7 +13,7 @@ interface NestedFields {
}
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-user_agent.html
* https://www.elastic.co/guide/en/ecs/master/ecs-user_agent.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/vlan.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-vlan.html
* https://www.elastic.co/guide/en/ecs/master/ecs-vlan.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/vulnerability.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-vulnerability.html
* https://www.elastic.co/guide/en/ecs/master/ecs-vulnerability.html
*
* @internal
*/

2
packages/kbn-logging/src/ecs/x509.ts
View file

@ -7,7 +7,7 @@
*/
/**
* https://www.elastic.co/guide/en/ecs/1.12/ecs-x509.html
* https://www.elastic.co/guide/en/ecs/master/ecs-x509.html
*
* @internal
*/

10
src/core/server/logging/__snapshots__/logging_system.test.ts.snap generated
View file

@ -16,7 +16,7 @@ exports[`asLoggerFactory() only allows to create new loggers. 1`] = `
Object {
"@timestamp": "2012-01-30T22:33:22.011-05:00",
"ecs": Object {
"version": "1.12.0",
"version": "8.0.0",
},
"log": Object {
"level": "TRACE",
@ -33,7 +33,7 @@ exports[`asLoggerFactory() only allows to create new loggers. 2`] = `
Object {
"@timestamp": "2012-01-30T17:33:22.011-05:00",
"ecs": Object {
"version": "1.12.0",
"version": "8.0.0",
},
"log": Object {
"level": "INFO",
@ -51,7 +51,7 @@ exports[`asLoggerFactory() only allows to create new loggers. 3`] = `
Object {
"@timestamp": "2012-01-30T12:33:22.011-05:00",
"ecs": Object {
"version": "1.12.0",
"version": "8.0.0",
},
"log": Object {
"level": "FATAL",
@ -68,7 +68,7 @@ exports[`flushes memory buffer logger and switches to real logger once config is
Object {
"@timestamp": "2012-02-01T09:33:22.011-05:00",
"ecs": Object {
"version": "1.12.0",
"version": "8.0.0",
},
"log": Object {
"level": "INFO",
@ -86,7 +86,7 @@ exports[`flushes memory buffer logger and switches to real logger once config is
Object {
"@timestamp": "2012-01-31T23:33:22.011-05:00",
"ecs": Object {
"version": "1.12.0",
"version": "8.0.0",
},
"log": Object {
"level": "INFO",

89
src/core/server/logging/layouts/__snapshots__/json_layout.test.ts.snap generated
View file

@ -1,13 +1,90 @@
// Jest Snapshot v1, https://goo.gl/fbAQLP
exports[`\`format()\` correctly formats record. 1`] = `"{\\"ecs\\":{\\"version\\":\\"1.12.0\\"},\\"@timestamp\\":\\"2012-02-01T09:30:22.011-05:00\\",\\"message\\":\\"message-1\\",\\"error\\":{\\"message\\":\\"Some error message\\",\\"type\\":\\"Some error name\\",\\"stack_trace\\":\\"Some error stack\\"},\\"log\\":{\\"level\\":\\"FATAL\\",\\"logger\\":\\"context-1\\"},\\"process\\":{\\"pid\\":5355}}"`;
exports[`\`format()\` correctly formats record and includes correct ECS version. 1`] = `
Object {
"@timestamp": "2012-02-01T09:30:22.011-05:00",
"error": Object {
"message": "Some error message",
"stack_trace": "Some error stack",
"type": "Some error name",
},
"log": Object {
"level": "FATAL",
"logger": "context-1",
},
"message": "message-1",
"process": Object {
"pid": 5355,
},
}
`;
exports[`\`format()\` correctly formats record. 2`] = `"{\\"ecs\\":{\\"version\\":\\"1.12.0\\"},\\"@timestamp\\":\\"2012-02-01T09:30:22.011-05:00\\",\\"message\\":\\"message-2\\",\\"log\\":{\\"level\\":\\"ERROR\\",\\"logger\\":\\"context-2\\"},\\"process\\":{\\"pid\\":5355}}"`;
exports[`\`format()\` correctly formats record and includes correct ECS version. 2`] = `
Object {
"@timestamp": "2012-02-01T09:30:22.011-05:00",
"log": Object {
"level": "ERROR",
"logger": "context-2",
},
"message": "message-2",
"process": Object {
"pid": 5355,
},
}
`;
exports[`\`format()\` correctly formats record. 3`] = `"{\\"ecs\\":{\\"version\\":\\"1.12.0\\"},\\"@timestamp\\":\\"2012-02-01T09:30:22.011-05:00\\",\\"message\\":\\"message-3\\",\\"log\\":{\\"level\\":\\"WARN\\",\\"logger\\":\\"context-3\\"},\\"process\\":{\\"pid\\":5355}}"`;
exports[`\`format()\` correctly formats record and includes correct ECS version. 3`] = `
Object {
"@timestamp": "2012-02-01T09:30:22.011-05:00",
"log": Object {
"level": "WARN",
"logger": "context-3",
},
"message": "message-3",
"process": Object {
"pid": 5355,
},
}
`;
exports[`\`format()\` correctly formats record. 4`] = `"{\\"ecs\\":{\\"version\\":\\"1.12.0\\"},\\"@timestamp\\":\\"2012-02-01T09:30:22.011-05:00\\",\\"message\\":\\"message-4\\",\\"log\\":{\\"level\\":\\"DEBUG\\",\\"logger\\":\\"context-4\\"},\\"process\\":{\\"pid\\":5355}}"`;
exports[`\`format()\` correctly formats record and includes correct ECS version. 4`] = `
Object {
"@timestamp": "2012-02-01T09:30:22.011-05:00",
"log": Object {
"level": "DEBUG",
"logger": "context-4",
},
"message": "message-4",
"process": Object {
"pid": 5355,
},
}
`;
exports[`\`format()\` correctly formats record. 5`] = `"{\\"ecs\\":{\\"version\\":\\"1.12.0\\"},\\"@timestamp\\":\\"2012-02-01T09:30:22.011-05:00\\",\\"message\\":\\"message-5\\",\\"log\\":{\\"level\\":\\"INFO\\",\\"logger\\":\\"context-5\\"},\\"process\\":{\\"pid\\":5355}}"`;
exports[`\`format()\` correctly formats record and includes correct ECS version. 5`] = `
Object {
"@timestamp": "2012-02-01T09:30:22.011-05:00",
"log": Object {
"level": "INFO",
"logger": "context-5",
},
"message": "message-5",
"process": Object {
"pid": 5355,
},
}
`;
exports[`\`format()\` correctly formats record. 6`] = `"{\\"ecs\\":{\\"version\\":\\"1.12.0\\"},\\"@timestamp\\":\\"2012-02-01T09:30:22.011-05:00\\",\\"message\\":\\"message-6\\",\\"log\\":{\\"level\\":\\"TRACE\\",\\"logger\\":\\"context-6\\"},\\"process\\":{\\"pid\\":5355}}"`;
exports[`\`format()\` correctly formats record and includes correct ECS version. 6`] = `
Object {
"@timestamp": "2012-02-01T09:30:22.011-05:00",
"log": Object {
"level": "TRACE",
"logger": "context-6",
},
"message": "message-6",
"process": Object {
"pid": 5355,
},
}
`;

10
src/core/server/logging/layouts/json_layout.test.ts
View file

@ -66,15 +66,17 @@ test('`createConfigSchema()` creates correct schema.', () => {
expect(layoutSchema.validate({ type: 'json' })).toEqual({ type: 'json' });
});
test('`format()` correctly formats record.', () => {
test('`format()` correctly formats record and includes correct ECS version.', () => {
const layout = new JsonLayout();
for (const record of records) {
expect(layout.format(record)).toMatchSnapshot();
const { ecs, ...restOfRecord } = JSON.parse(layout.format(record));
expect(ecs).toStrictEqual({ version: '8.0.0' });
expect(restOfRecord).toMatchSnapshot();
}
});
test('`format()` correctly formats record with meta-data and correct ECS version', () => {
test('`format()` correctly formats record with meta-data', () => {
const layout = new JsonLayout();
expect(
@ -94,7 +96,7 @@ test('`format()` correctly formats record with meta-data and correct ECS version
})
)
).toStrictEqual({
ecs: { version: '1.12.0' },
ecs: { version: expect.any(String) },
'@timestamp': '2012-02-01T09:30:22.011-05:00',
log: {
level: 'DEBUG',

2
src/core/server/logging/layouts/json_layout.ts
View file

@ -43,7 +43,7 @@ export class JsonLayout implements Layout {
public format(record: LogRecord): string {
const log: Ecs = {
ecs: { version: '1.12.0' },
ecs: { version: '8.0.0' },
'@timestamp': moment(record.timestamp).format('YYYY-MM-DDTHH:mm:ss.SSSZ'),
message: record.message,
error: JsonLayout.errorToSerializableObject(record.error),