Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump github.com/elastic/elastic-agent-libs from 0.7.2 to 0.7.3 #37544

Merged
merged 3 commits into from
Jan 4, 2024
Merged

build(deps): bump github.com/elastic/elastic-agent-libs from 0.7.2 to 0.7.3 #37544

merged 3 commits into from
Jan 4, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 4, 2024

Bumps github.com/elastic/elastic-agent-libs from 0.7.2 to 0.7.3.

Release notes

Sourced from github.com/elastic/elastic-agent-libs's releases.

v0.7.3

What's Changed

Full Changelog: elastic/elastic-agent-libs@v0.7.2...v0.7.3

Commits
  • b5d3e40 Rename api/npipe/listerner_posix.go -> api/npipe/listener_posix.go (#173)
  • 23962aa Bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#172)
  • 4ca6f31 [updatecli][githubrelease] Bump version to 1.20.12 (#167)
  • ba07173 Add a method to expose http.Server.Shutdown to allow graceful shutdowns (#168)
  • 5c526ac update-bk-bot-settings (#170)
  • b200fb1 Update TLS certificates in tests (#169)
  • 7f2c636 refactor: replace go-multierror with stdlib methods (#164)
  • 73fc009 Buildkite: add test for macos (#163)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump github.com/elastic/elastic-agent-libs
623d4f8 
Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.7.2 to 0.7.3.
- [Release notes](https://github.com/elastic/elastic-agent-libs/releases)
- [Commits](elastic/elastic-agent-libs@v0.7.2...v0.7.3)

---
updated-dependencies:
- dependency-name: github.com/elastic/elastic-agent-libs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner January 4, 2024 10:43
@dependabot dependabot bot added automation dependabot GitHub Dependabot labels Jan 4, 2024
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Jan 4, 2024
@mergify Mergify
Copy link
Contributor

mergify bot commented Jan 4, 2024

This pull request does not have a backport label.
If this is a bug or security fix, could you label this PR @dependabot[bot]? 🙏.
For such, you'll need to label your PR with:

  • The upcoming major version of the Elastic Stack
  • The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)

To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-v8./d.0 is the label to automatically backport to the 8./d branch. /d is the digit

@elasticmachine
Copy link
Collaborator

❕ Build Aborted

There is a new build on-going so the previous on-going builds have been aborted.

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Start Time: 2024-01-04T10:44:02.976+0000

  • Duration: 6 min 50 sec

Steps errors 1

Expand to view the steps failures

Error signal
  • Took 0 min 0 sec . View more details here
  • Description: tar: step failed with error null

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@cmacknz cmacknz added Team:Elastic-Agent Label for the Agent team backport-v8.12.0 Automated backport with mergify labels Jan 4, 2024
@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Jan 4, 2024
@elasticmachine
Copy link
Collaborator

❕ Build Aborted

There is a new build on-going so the previous on-going builds have been aborted.

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview

Expand to view the summary

Build stats

  • Start Time: 2024-01-04T10:45:07.701+0000

  • Duration: 308 min 15 sec

Test stats 🧪

Test Results
Failed 12
Passed 28720
Skipped 2015
Total 30747

Test errors 12

Expand to view the tests failures

> Show only the first 10 test failures

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_290_cisco – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['event.end']": {'new_value': '2024-07-15T13:38:47.000-02:00', 'old_value': '2023-07-15T13:38:47.000-02:00'}, "root['event.start']": {'new_value': '2024-07-15T15:38:06.000Z', 'old_value': '2023-07-15T15:38:06.000Z'}}}, full object: 
  {'log.offset': 974, 'log.level': 'informational', 'destination.geo.continent_name': 'Europe', 'destination.geo.region_iso_code': 'GB-ENG', 'destination.geo.city_name': 'London', 'destination.geo.country_iso_code': 'GB', 'destination.geo.country_name': 'United Kingdom', 'destination.geo.location.lon': -0.0931, 'destination.geo.location.lat': 51.5142, 'destination.geo.region_name': 'England', 'destination.address': '81.2.69.142', 'destination.port': 62409, 'destination.ip': '81.2.69.142', 'source.address': 'exp-wait', 'source.port': 62409, 'source.domain': 'exp-wait', 'fileset.name': 'asa', 'tags': ['cisco-asa', 'forwarded'], 'network.transport': 'udp', 'network.iana_number': 17, 'input.type': 'log', 'observer.ingress.interface.name': 'SERVERS', 'observer.hostname': '216.160.83.56', 'observer.product': 'asa', 'observer.vendor': 'Cisco', 'observer.type': 'firewall', 'observer.egress.interface.name': 'outside', 'related.hosts': ['216.160.83.56', 'exp-wait'], 'related.ip': ['81.2.69.142'], 'service.type': 'cisco', 'host.hostname': '216.160.83.56', 'event.severity': 6, 'event.code': 305012, 'event.original': '%ASA-6-305012: Teardown dynamic UDP translation from SERVERS:exp-wait/62409 to outside:81.2.69.142/62409 duration 0:00:41', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cisco', 'event.start': '2024-07-15T15:38:06.000Z', 'event.type': ['connection', 'end'], 'event.duration': 41000000000, 'event.action': 'flow-expiration', 'event.end': '2024-07-15T13:38:47.000-02:00', 'event.category': ['network'], 'event.dataset': 'cisco.asa', 'cisco.asa.destination_interface': 'outside', 'cisco.asa.source_interface': 'SERVERS', 'cisco.asa.message_id': '305012'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['event.end']": {'new_value': '2024-07-15T13:38:47.000-02:00', 'old_value': '2023-07-15T13:38...00-02:00'}, "root['event.start']": {'new_value': '2024-07-15T15:38:06.000Z', 'old_value': '2023-07-15T15:38:06.000Z'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_290_cisco>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_290_cisco>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cisco/asa/test/non-canonical.log'
objects = [{'@timestamp': '2024-07-15T13:38:14.000-02:00', 'agent': {'ephemeral_id': 'a7cb5d9b-db1e-4951-a4ef-cc77365014b5', 'id...ource_interface': 'outside'}}, 'destination': {'address': 'sh-mailgw1', 'domain': 'sh-mailgw1', 'port': 25}, ...}, ...]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['event.end']": {'new_value': '2024-07-15T13:38:47.000-02:00', 'old_value': '2023-07-15T13:38:47.000-02:00'}, "root['event.start']": {'new_value': '2024-07-15T15:38:06.000Z', 'old_value': '2023-07-15T15:38:06.000Z'}}}, full object: 
E             {'log.offset': 974, 'log.level': 'informational', 'destination.geo.continent_name': 'Europe', 'destination.geo.region_iso_code': 'GB-ENG', 'destination.geo.city_name': 'London', 'destination.geo.country_iso_code': 'GB', 'destination.geo.country_name': 'United Kingdom', 'destination.geo.location.lon': -0.0931, 'destination.geo.location.lat': 51.5142, 'destination.geo.region_name': 'England', 'destination.address': '81.2.69.142', 'destination.port': 62409, 'destination.ip': '81.2.69.142', 'source.address': 'exp-wait', 'source.port': 62409, 'source.domain': 'exp-wait', 'fileset.name': 'asa', 'tags': ['cisco-asa', 'forwarded'], 'network.transport': 'udp', 'network.iana_number': 17, 'input.type': 'log', 'observer.ingress.interface.name': 'SERVERS', 'observer.hostname': '216.160.83.56', 'observer.product': 'asa', 'observer.vendor': 'Cisco', 'observer.type': 'firewall', 'observer.egress.interface.name': 'outside', 'related.hosts': ['216.160.83.56', 'exp-wait'], 'related.ip': ['81.2.69.142'], 'service.type': 'cisco', 'host.hostname': '216.160.83.56', 'event.severity': 6, 'event.code': 305012, 'event.original': '%ASA-6-305012: Teardown dynamic UDP translation from SERVERS:exp-wait/62409 to outside:81.2.69.142/62409 duration 0:00:41', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cisco', 'event.start': '2024-07-15T15:38:06.000Z', 'event.type': ['connection', 'end'], 'event.duration': 41000000000, 'event.action': 'flow-expiration', 'event.end': '2024-07-15T13:38:47.000-02:00', 'event.category': ['network'], 'event.dataset': 'cisco.asa', 'cisco.asa.destination_interface': 'outside', 'cisco.asa.source_interface': 'SERVERS', 'cisco.asa.message_id': '305012'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['event.end']": {'new_value': '2024-07-15T13:38:47.000-02:00', 'old_value': '2023-07-15T13:38...00-02:00'}, "root['event.start']": {'new_value': '2024-07-15T15:38:06.000Z', 'old_value': '2023-07-15T15:38:06.000Z'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_294_cisco – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['event.end']": {'new_value': '2024-05-05T17:51:17.000-02:00', 'old_value': '2023-05-05T17:51:17.000-02:00'}, "root['event.start']": {'new_value': '2024-05-05T19:51:17.000Z', 'old_value': '2023-05-05T19:51:17.000Z'}}}, full object: 
  {'log.offset': 481, 'log.level': 'debug', 'source.address': '192.168.2.2', 'source.ip': '192.168.2.2', 'fileset.name': 'asa', 'tags': ['cisco-asa', 'forwarded'], 'input.type': 'log', 'observer.ingress.interface.name': 'net', 'observer.hostname': 'dev01', 'observer.product': 'asa', 'observer.vendor': 'Cisco', 'observer.type': 'firewall', 'related.hosts': ['dev01'], 'related.ip': ['192.168.2.2'], 'service.type': 'cisco', 'host.hostname': 'dev01', 'event.severity': 7, 'event.code': 609002, 'event.original': '%FTD-7-609002: Teardown local-host net:192.168.2.2 duration 0:00:00', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cisco', 'event.start': '2024-05-05T19:51:17.000Z', 'event.type': ['connection', 'end'], 'event.duration': 0, 'event.action': 'flow-expiration', 'event.end': '2024-05-05T17:51:17.000-02:00', 'event.category': ['network'], 'event.dataset': 'cisco.asa', 'cisco.asa.source_interface': 'net', 'cisco.asa.message_id': '609002'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['event.end']": {'new_value': '2024-05-05T17:51:17.000-02:00', 'old_value': '2023-05-05T17:51...00-02:00'}, "root['event.start']": {'new_value': '2024-05-05T19:51:17.000Z', 'old_value': '2023-05-05T19:51:17.000Z'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_294_cisco>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_294_cisco>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cisco/asa/test/additional_messages.log'
objects = [{'@timestamp': '2024-05-05T17:51:17.000-02:00', 'agent': {'ephemeral_id': 'dea3948b-82d3-4674-9c4d-ec99810d425d', 'id...': '175.16.199.1', 'message_id': '302020'}}, 'destination': {'address': '10.10.10.10', 'ip': '10.10.10.10'}, ...}, ...]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['event.end']": {'new_value': '2024-05-05T17:51:17.000-02:00', 'old_value': '2023-05-05T17:51:17.000-02:00'}, "root['event.start']": {'new_value': '2024-05-05T19:51:17.000Z', 'old_value': '2023-05-05T19:51:17.000Z'}}}, full object: 
E             {'log.offset': 481, 'log.level': 'debug', 'source.address': '192.168.2.2', 'source.ip': '192.168.2.2', 'fileset.name': 'asa', 'tags': ['cisco-asa', 'forwarded'], 'input.type': 'log', 'observer.ingress.interface.name': 'net', 'observer.hostname': 'dev01', 'observer.product': 'asa', 'observer.vendor': 'Cisco', 'observer.type': 'firewall', 'related.hosts': ['dev01'], 'related.ip': ['192.168.2.2'], 'service.type': 'cisco', 'host.hostname': 'dev01', 'event.severity': 7, 'event.code': 609002, 'event.original': '%FTD-7-609002: Teardown local-host net:192.168.2.2 duration 0:00:00', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cisco', 'event.start': '2024-05-05T19:51:17.000Z', 'event.type': ['connection', 'end'], 'event.duration': 0, 'event.action': 'flow-expiration', 'event.end': '2024-05-05T17:51:17.000-02:00', 'event.category': ['network'], 'event.dataset': 'cisco.asa', 'cisco.asa.source_interface': 'net', 'cisco.asa.message_id': '609002'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['event.end']": {'new_value': '2024-05-05T17:51:17.000-02:00', 'old_value': '2023-05-05T17:51...00-02:00'}, "root['event.start']": {'new_value': '2024-05-05T19:51:17.000Z', 'old_value': '2023-05-05T19:51:17.000Z'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_305_cyberarkpas – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:32:56.000-02:00', 'old_value': '2023-03-08T02:32:56.000-02:00'}}}, full object: 
  {'log.offset': 580, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:32:56.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Monitor FW rules start', 'cyberarkpas.audit.message': 'Monitor FW rules start', 'cyberarkpas.audit.issuer': 'Batch', 'cyberarkpas.audit.desc': 'Monitor FW rules start', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '357', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'monitor fw rules start', 'event.dataset': 'cyberarkpas.audit'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:32:56.000-02:00', 'old_value': '2023-03-08T02:32:56.000-02:00'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_305_cyberarkpas>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_305_cyberarkpas>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cyberarkpas/audit/test/357_monitor_fw_rules_start.log'
objects = [{'@timestamp': '2021-03-04T19:10:01.000Z', 'agent': {'ephemeral_id': '75131cdd-8a69-46f3-af69-8e963fadc286', 'id': '4...tor FW rules start', 'issuer': 'Batch', 'message': 'Monitor FW rules start', ...}}, 'ecs': {'version': '1.12.0'}, ...}]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:32:56.000-02:00', 'old_value': '2023-03-08T02:32:56.000-02:00'}}}, full object: 
E             {'log.offset': 580, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:32:56.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Monitor FW rules start', 'cyberarkpas.audit.message': 'Monitor FW rules start', 'cyberarkpas.audit.issuer': 'Batch', 'cyberarkpas.audit.desc': 'Monitor FW rules start', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '357', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'monitor fw rules start', 'event.dataset': 'cyberarkpas.audit'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:32:56.000-02:00', 'old_value': '2023-03-08T02:32:56.000-02:00'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_313_cyberarkpas – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T03:10:31.000-02:00', 'old_value': '2023-03-08T03:10:31.000-02:00'}}}, full object: 
  {'log.offset': 604, 'source.address': '10.0.1.20', 'source.ip': '10.0.1.20', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T03:10:31.000-02:00', 'related.ip': ['10.0.1.20'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.safe': 'PasswordManager_workspace', 'cyberarkpas.audit.station': '10.0.1.20', 'cyberarkpas.audit.action': 'Clear Safe History', 'cyberarkpas.audit.message': 'Clear Safe History', 'cyberarkpas.audit.issuer': 'PasswordManager', 'cyberarkpas.audit.desc': 'Clear Safe History', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '59', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'clear safe history', 'event.dataset': 'cyberarkpas.audit'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T03:10:31.000-02:00', 'old_value': '2023-03-08T03:10:31.000-02:00'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_313_cyberarkpas>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_313_cyberarkpas>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cyberarkpas/audit/test/59_clear_safe_history.log'
objects = [{'@timestamp': '2021-03-04T19:25:02.000Z', 'agent': {'ephemeral_id': '7d833346-a05f-4133-b8ae-68f7c84f26e4', 'id': '4...r Safe History', 'iso_timestamp': '2021-03-09T09:00:47Z', 'issuer': 'Batch', ...}}, 'ecs': {'version': '1.12.0'}, ...}]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T03:10:31.000-02:00', 'old_value': '2023-03-08T03:10:31.000-02:00'}}}, full object: 
E             {'log.offset': 604, 'source.address': '10.0.1.20', 'source.ip': '10.0.1.20', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T03:10:31.000-02:00', 'related.ip': ['10.0.1.20'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.safe': 'PasswordManager_workspace', 'cyberarkpas.audit.station': '10.0.1.20', 'cyberarkpas.audit.action': 'Clear Safe History', 'cyberarkpas.audit.message': 'Clear Safe History', 'cyberarkpas.audit.issuer': 'PasswordManager', 'cyberarkpas.audit.desc': 'Clear Safe History', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '59', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'clear safe history', 'event.dataset': 'cyberarkpas.audit'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T03:10:31.000-02:00', 'old_value': '2023-03-08T03:10:31.000-02:00'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_325_cyberarkpas – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:48:07.000-02:00', 'old_value': '2023-03-08T02:48:07.000-02:00'}}}, full object: 
  {'log.offset': 598, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:48:07.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Monitor DR Replication start', 'cyberarkpas.audit.message': 'Monitor DR Replication start', 'cyberarkpas.audit.issuer': 'Batch', 'cyberarkpas.audit.desc': 'Monitor DR Replication start', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '310', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'monitor dr replication start', 'event.dataset': 'cyberarkpas.audit'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:48:07.000-02:00', 'old_value': '2023-03-08T02:48:07.000-02:00'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_325_cyberarkpas>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_325_cyberarkpas>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cyberarkpas/audit/test/310_monitor_dr_replication_start.log'
objects = [{'@timestamp': '2021-03-04T19:10:01.000Z', 'agent': {'ephemeral_id': '6930bba4-e273-4292-9921-e89d805d8aed', 'id': '4...cation start', 'issuer': 'Batch', 'message': 'Monitor DR Replication start', ...}}, 'ecs': {'version': '1.12.0'}, ...}]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:48:07.000-02:00', 'old_value': '2023-03-08T02:48:07.000-02:00'}}}, full object: 
E             {'log.offset': 598, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:48:07.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Monitor DR Replication start', 'cyberarkpas.audit.message': 'Monitor DR Replication start', 'cyberarkpas.audit.issuer': 'Batch', 'cyberarkpas.audit.desc': 'Monitor DR Replication start', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '310', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'monitor dr replication start', 'event.dataset': 'cyberarkpas.audit'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:48:07.000-02:00', 'old_value': '2023-03-08T02:48:07.000-02:00'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_332_cyberarkpas – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:32:56.000-02:00', 'old_value': '2023-03-08T02:32:56.000-02:00'}}}, full object: 
  {'log.offset': 574, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:32:56.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Monitor FW Rules end', 'cyberarkpas.audit.message': 'Monitor FW Rules end', 'cyberarkpas.audit.issuer': 'Batch', 'cyberarkpas.audit.desc': 'Monitor FW Rules end', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '358', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'monitor fw rules end', 'event.dataset': 'cyberarkpas.audit'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:32:56.000-02:00', 'old_value': '2023-03-08T02:32:56.000-02:00'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_332_cyberarkpas>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_332_cyberarkpas>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cyberarkpas/audit/test/358_monitor_fw_rules_end.log'
objects = [{'@timestamp': '2021-03-04T19:10:01.000Z', 'agent': {'ephemeral_id': 'f1e1783c-8d71-4bcf-8a57-91fbf24bb55e', 'id': '4...Monitor FW Rules end', 'issuer': 'Batch', 'message': 'Monitor FW Rules end', ...}}, 'ecs': {'version': '1.12.0'}, ...}]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:32:56.000-02:00', 'old_value': '2023-03-08T02:32:56.000-02:00'}}}, full object: 
E             {'log.offset': 574, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:32:56.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Monitor FW Rules end', 'cyberarkpas.audit.message': 'Monitor FW Rules end', 'cyberarkpas.audit.issuer': 'Batch', 'cyberarkpas.audit.desc': 'Monitor FW Rules end', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '358', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'monitor fw rules end', 'event.dataset': 'cyberarkpas.audit'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:32:56.000-02:00', 'old_value': '2023-03-08T02:32:56.000-02:00'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_335_cyberarkpas – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T07:46:54.000-02:00', 'old_value': '2023-03-08T07:46:54.000-02:00'}}}, full object: 
  {'log.offset': 760, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T07:46:54.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Error', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Security warning - The Signature Hash Algorithm of the Vault certificate is SHA1.', 'cyberarkpas.audit.message': 'Security warning - The Signature Hash Algorithm of the Vault certificate is SHA1.', 'cyberarkpas.audit.issuer': 'Builtin', 'cyberarkpas.audit.desc': 'Security warning - The Signature Hash Algorithm of the Vault certificate is SHA1.', 'host.name': 'VAULT', 'event.severity': 7, 'event.code': '479', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'security warning - the signature hash algorithm of the vault certificate is sha1.', 'event.type': 'error', 'event.dataset': 'cyberarkpas.audit'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T07:46:54.000-02:00', 'old_value': '2023-03-08T07:46:54.000-02:00'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_335_cyberarkpas>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_335_cyberarkpas>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cyberarkpas/audit/test/479_security_warning_the_signature_hash_algorithm_of_the_vault_certificate_is_sha1.log'
objects = [{'@timestamp': '2021-03-04T19:10:01.000Z', 'agent': {'ephemeral_id': '17fd5446-f639-4e39-9a29-1a9a90b854e3', 'id': '4...y warning - The Signature Hash Algorithm of the Vault certificate is SHA1.', ...}}, 'ecs': {'version': '1.12.0'}, ...}]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T07:46:54.000-02:00', 'old_value': '2023-03-08T07:46:54.000-02:00'}}}, full object: 
E             {'log.offset': 760, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T07:46:54.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Error', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Security warning - The Signature Hash Algorithm of the Vault certificate is SHA1.', 'cyberarkpas.audit.message': 'Security warning - The Signature Hash Algorithm of the Vault certificate is SHA1.', 'cyberarkpas.audit.issuer': 'Builtin', 'cyberarkpas.audit.desc': 'Security warning - The Signature Hash Algorithm of the Vault certificate is SHA1.', 'host.name': 'VAULT', 'event.severity': 7, 'event.code': '479', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'security warning - the signature hash algorithm of the vault certificate is sha1.', 'event.type': 'error', 'event.dataset': 'cyberarkpas.audit'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T07:46:54.000-02:00', 'old_value': '2023-03-08T07:46:54.000-02:00'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_346_cyberarkpas – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T03:41:01.000-02:00', 'old_value': '2023-03-08T03:41:01.000-02:00'}}}, full object: 
  {'log.offset': 0, 'source.address': '10.0.1.20', 'source.ip': '10.0.1.20', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T03:41:01.000-02:00', 'file.path': 'Root\\Policies\\Policy-BusinessWebsite.ini', 'related.ip': ['10.0.1.20'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.message': 'Retrieve File', 'cyberarkpas.audit.issuer': 'PasswordManager', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.file': 'Root\\Policies\\Policy-BusinessWebsite.ini', 'cyberarkpas.audit.safe': 'PasswordManagerShared', 'cyberarkpas.audit.station': '10.0.1.20', 'cyberarkpas.audit.action': 'Retrieve File', 'cyberarkpas.audit.desc': 'Retrieve File', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '51', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'retrieve file', 'event.dataset': 'cyberarkpas.audit'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T03:41:01.000-02:00', 'old_value': '2023-03-08T03:41:01.000-02:00'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_346_cyberarkpas>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_346_cyberarkpas>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cyberarkpas/audit/test/legacysyslog.log'
objects = [{'@timestamp': '2024-03-08T03:41:01.000-02:00', 'agent': {'ephemeral_id': '7a01bad3-3929-4dad-b9c9-6f9284cdebe3', 'id...: 'Root\\Policies\\Policy-BusinessWebsite.ini', 'issuer': 'PasswordManager', ...}}, 'ecs': {'version': '1.12.0'}, ...}]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T03:41:01.000-02:00', 'old_value': '2023-03-08T03:41:01.000-02:00'}}}, full object: 
E             {'log.offset': 0, 'source.address': '10.0.1.20', 'source.ip': '10.0.1.20', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T03:41:01.000-02:00', 'file.path': 'Root\\Policies\\Policy-BusinessWebsite.ini', 'related.ip': ['10.0.1.20'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.message': 'Retrieve File', 'cyberarkpas.audit.issuer': 'PasswordManager', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.file': 'Root\\Policies\\Policy-BusinessWebsite.ini', 'cyberarkpas.audit.safe': 'PasswordManagerShared', 'cyberarkpas.audit.station': '10.0.1.20', 'cyberarkpas.audit.action': 'Retrieve File', 'cyberarkpas.audit.desc': 'Retrieve File', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '51', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'retrieve file', 'event.dataset': 'cyberarkpas.audit'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T03:41:01.000-02:00', 'old_value': '2023-03-08T03:41:01.000-02:00'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_351_cyberarkpas – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:48:07.000-02:00', 'old_value': '2023-03-08T02:48:07.000-02:00'}}}, full object: 
  {'log.offset': 592, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:48:07.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Monitor DR Replication end', 'cyberarkpas.audit.message': 'Monitor DR Replication end', 'cyberarkpas.audit.issuer': 'Batch', 'cyberarkpas.audit.desc': 'Monitor DR Replication end', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '311', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'monitor dr replication end', 'event.dataset': 'cyberarkpas.audit'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:48:07.000-02:00', 'old_value': '2023-03-08T02:48:07.000-02:00'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_351_cyberarkpas>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_351_cyberarkpas>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cyberarkpas/audit/test/311_monitor_dr_replication_end.log'
objects = [{'@timestamp': '2021-03-04T19:10:01.000Z', 'agent': {'ephemeral_id': 'ccd9d7ff-816d-4af5-a354-d643c0c17847', 'id': '4...eplication end', 'issuer': 'Batch', 'message': 'Monitor DR Replication end', ...}}, 'ecs': {'version': '1.12.0'}, ...}]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:48:07.000-02:00', 'old_value': '2023-03-08T02:48:07.000-02:00'}}}, full object: 
E             {'log.offset': 592, 'source.address': '0.0.0.0', 'source.ip': '0.0.0.0', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:48:07.000-02:00', 'related.ip': ['0.0.0.0'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '0.0.0.0', 'cyberarkpas.audit.action': 'Monitor DR Replication end', 'cyberarkpas.audit.message': 'Monitor DR Replication end', 'cyberarkpas.audit.issuer': 'Batch', 'cyberarkpas.audit.desc': 'Monitor DR Replication end', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '311', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'monitor dr replication end', 'event.dataset': 'cyberarkpas.audit'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:48:07.000-02:00', 'old_value': '2023-03-08T02:48:07.000-02:00'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Build&Test / x-pack/filebeat-pythonIntegTest / test_fileset_file_353_cyberarkpas – x-pack.filebeat.tests.system.test_xpack_modules.XPackTest
    Expand to view the error details

     AssertionError: The following expected object doesn't match:
   Diff:
  {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:54:46.000-02:00', 'old_value': '2023-03-08T02:54:46.000-02:00'}}}, full object: 
  {'log.offset': 1113, 'source.address': '10.0.1.20', 'source.ip': '10.0.1.20', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:54:46.000-02:00', 'related.ip': ['10.0.1.20'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '10.0.1.20', 'cyberarkpas.audit.action': 'Set Password', 'cyberarkpas.audit.message': 'Set Password', 'cyberarkpas.audit.issuer': 'PVWAGWUser', 'cyberarkpas.audit.desc': 'Set Password', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '88', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'set password', 'event.dataset': 'cyberarkpas.audit'}
assert 1 == 0
 +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:54:46.000-02:00', 'old_value': '2023-03-08T02:54:46.000-02:00'}}})

    Expand to view the stacktrace

     a = (<test_xpack_modules.XPackTest testMethod=test_fileset_file_353_cyberarkpas>,)

    @wraps(func)
    def standalone_func(*a):
>       return func(*(a + p.args), **p.kwargs)

../../../../../../python-env/build/ve/linux/lib/python3.10/site-packages/parameterized/parameterized.py:518: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
../../filebeat/tests/system/test_modules.py:150: in test_fileset_file
    self.run_on_file(
../../filebeat/tests/system/test_modules.py:247: in run_on_file
    self._test_expected_events(test_file, objects)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

self = <test_xpack_modules.XPackTest testMethod=test_fileset_file_353_cyberarkpas>
test_file = '/var/lib/jenkins/workspace/PR-37544-2-4bee2917-2b43-47a2-8672-0b756cf324de/src/github.com/elastic/beats/x-pack/filebeat/module/cyberarkpas/audit/test/88_set_password.log'
objects = [{'@timestamp': '2021-03-04T19:16:19.000Z', 'agent': {'ephemeral_id': 'f3fb953e-7580-4ad3-b26d-a3b3fd208628', 'id': '4...mp': '2021-03-10T09:11:52Z', 'issuer': 'PSMPApp_localhost.localdomain', ...}}, 'ecs': {'version': '1.12.0'}, ...}, ...]

    def _test_expected_events(self, test_file, objects):
    
        # Generate expected files if GENERATE env variable is set
        if os.getenv("GENERATE"):
            with open(test_file + "-expected.json", 'w') as f:
                # Flatten an cleanup objects
                # This makes sure when generated on different machines / version the expected.json stays the same.
                for k, obj in enumerate(objects):
                    objects[k] = self.flatten_object(obj, {}, "")
                    clean_keys(objects[k])
                    for key in objects[k].keys():
                        if isinstance(objects[k][key], list) and key not in array_fields_dont_sort:
                            objects[k][key].sort(key=str)
    
                json.dump(objects, f, indent=4, separators=(
                    ',', ': '), sort_keys=True)
    
        with open(test_file + "-expected.json", "r") as f:
            expected = json.load(f)
    
        assert len(expected) == len(objects), "expected {} events to compare but got {}".format(
            len(expected), len(objects))
    
        # Do not perform a comparison between the resulting and expected documents
        # if the TESTING_FILEBEAT_SKIP_DIFF flag is set.
        #
        # This allows to run a basic check with older versions of ES that can lead
        # to slightly different documents without maintaining multiple sets of
        # golden files.
        if os.getenv("TESTING_FILEBEAT_SKIP_DIFF"):
            return
    
        for idx in range(len(expected)):
            ev = expected[idx]
            obj = objects[idx]
    
            # Flatten objects for easier comparing
            obj = self.flatten_object(obj, {}, "")
            clean_keys(obj)
            clean_keys(ev)
    
            d = DeepDiff(ev, obj, ignore_order=True)
    
>           assert len(
                d) == 0, "The following expected object doesn't match:\n Diff:\n{}, full object: \n{}".format(d, obj)
E           AssertionError: The following expected object doesn't match:
E              Diff:
E             {'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:54:46.000-02:00', 'old_value': '2023-03-08T02:54:46.000-02:00'}}}, full object: 
E             {'log.offset': 1113, 'source.address': '10.0.1.20', 'source.ip': '10.0.1.20', 'fileset.name': 'audit', 'tags': ['cyberarkpas.audit', 'forwarded'], 'input.type': 'log', 'observer.product': 'Vault', 'observer.hostname': 'VAULT', 'observer.vendor': 'Cyber-Ark', 'observer.version': '11.7.0000', '@timestamp': '2024-03-08T02:54:46.000-02:00', 'related.ip': ['10.0.1.20'], 'service.type': 'cyberarkpas', 'cyberarkpas.audit.rfc5424': False, 'cyberarkpas.audit.severity': 'Info', 'cyberarkpas.audit.station': '10.0.1.20', 'cyberarkpas.audit.action': 'Set Password', 'cyberarkpas.audit.message': 'Set Password', 'cyberarkpas.audit.issuer': 'PVWAGWUser', 'cyberarkpas.audit.desc': 'Set Password', 'host.name': 'VAULT', 'event.severity': 2, 'event.code': '88', 'event.timezone': '-02:00', 'event.kind': 'event', 'event.module': 'cyberarkpas', 'event.action': 'set password', 'event.dataset': 'cyberarkpas.audit'}
E           assert 1 == 0
E            +  where 1 = len({'values_changed': {"root['@timestamp']": {'new_value': '2024-03-08T02:54:46.000-02:00', 'old_value': '2023-03-08T02:54:46.000-02:00'}}})

../../filebeat/tests/system/test_modules.py:292: AssertionError

Steps errors 3

Expand to view the steps failures

x-pack/filebeat-pythonIntegTest - mage pythonIntegTest
  • Took 103 min 5 sec . View more details here
  • Description: mage pythonIntegTest
x-pack/filebeat-pythonIntegTest - mage pythonIntegTest
  • Took 100 min 10 sec . View more details here
  • Description: mage pythonIntegTest
Error signal
  • Took 0 min 0 sec . View more details here
  • Description: Error 'org.jenkinsci.plugins.workflow.steps.FlowInterruptedException'

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@elasticmachine
Copy link
Collaborator

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2024-01-04T15:44:03.265+0000

  • Duration: 167 min 32 sec

Test stats 🧪

Test Results
Failed 0
Passed 28732
Skipped 2015
Total 30747

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages and run the E2E tests.

  • /beats-tester : Run the installation tests with beats-tester.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@cmacknz cmacknz merged commit bcee0e9 into main Jan 4, 2024
7 checks passed
@cmacknz cmacknz deleted the dependabot/go_modules/github.com/elastic/elastic-agent-libs-0.7.3 branch January 4, 2024 18:39
mergify bot pushed a commit that referenced this pull request Jan 4, 2024
@dependabot @mergify
build(deps): bump github.com/elastic/elastic-agent-libs from 0.7.2 to…
86d3f65 
… 0.7.3 (#37544)

* build(deps): bump github.com/elastic/elastic-agent-libs

Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.7.2 to 0.7.3.
- [Release notes](https://github.com/elastic/elastic-agent-libs/releases)
- [Commits](elastic/elastic-agent-libs@v0.7.2...v0.7.3)

---
updated-dependencies:
- dependency-name: github.com/elastic/elastic-agent-libs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update NOTICE.txt

* Add changelog.

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Co-authored-by: Craig MacKenzie <[email protected]>
(cherry picked from commit bcee0e9)

# Conflicts:
#	NOTICE.txt
#	go.mod
#	go.sum
@mergify mergify bot mentioned this pull request Jan 4, 2024
Merged
cmacknz added a commit that referenced this pull request Jan 8, 2024
@mergify @dependabot @cmacknz
[8.12](backport #37544) build(deps): bump github.com/elastic/elastic-…
4ed62e6 
…agent-libs from 0.7.2 to 0.7.3 (#37548)

* build(deps): bump github.com/elastic/elastic-agent-libs from 0.7.2 to 0.7.3 (#37544)

* build(deps): bump github.com/elastic/elastic-agent-libs

Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.7.2 to 0.7.3.
- [Release notes](https://github.com/elastic/elastic-agent-libs/releases)
- [Commits](elastic/elastic-agent-libs@v0.7.2...v0.7.3)

---
updated-dependencies:
- dependency-name: github.com/elastic/elastic-agent-libs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update NOTICE.txt

* Add changelog.

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Co-authored-by: Craig MacKenzie <[email protected]>
(cherry picked from commit bcee0e9)

# Conflicts:
#	NOTICE.txt
#	go.mod
#	go.sum

* Resolve conflicts.

---------

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Craig MacKenzie <[email protected]>
Scholar-Li pushed a commit to Scholar-Li/beats that referenced this pull request Feb 5, 2024
@dependabot @cmacknz @Scholar-Li
build(deps): bump github.com/elastic/elastic-agent-libs from 0.7.2 to…
eb0fa62 
… 0.7.3 (elastic#37544)

* build(deps): bump github.com/elastic/elastic-agent-libs

Bumps [github.com/elastic/elastic-agent-libs](https://github.com/elastic/elastic-agent-libs) from 0.7.2 to 0.7.3.
- [Release notes](https://github.com/elastic/elastic-agent-libs/releases)
- [Commits](elastic/elastic-agent-libs@v0.7.2...v0.7.3)

---
updated-dependencies:
- dependency-name: github.com/elastic/elastic-agent-libs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Update NOTICE.txt

* Add changelog.

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
Co-authored-by: Craig MacKenzie <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cmacknz cmacknz cmacknz approved these changes

Assignees
No one assigned
Labels
automation backport-v8.12.0 Automated backport with mergify dependabot GitHub Dependabot Team:Elastic-Agent Label for the Agent team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@elasticmachine @cmacknz