Skip to content

Commit

Permalink
infoblox_nios: Add network.protocol for dns and dhcp pipelines (elast…
Browse files Browse the repository at this point in the history 
…ic#12383)

* Add network.protocol for dns and dhcp pipelines
  • Loading branch information
@kcreddy
kcreddy authored Feb 1, 2025
1 parent 3274b4c commit 94d8b50
Show file tree
Hide file tree
Showing 7 changed files with 487 additions and 209 deletions.
5 changes: 5 additions & 0 deletions packages/infoblox_nios/changelog.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "1.26.0"
changes:
- description: Add network.protocol for dns and dhcp pipelines.
type: enhancement
link: https://github.com/elastic/integrations/pull/12383
- version: "1.25.0"
changes:
- description: Do not remove `event.original` in main ingest pipeline.
Expand Down
54 changes: 27 additions & 27 deletions packages/infoblox_nios/data_stream/log/_dev/test/pipeline/test-audit.log-expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
"category": [
"authentication"
],
"created": "2024-03-21T09:53:51.000Z",
"created": "2025-03-21T09:53:51.000Z",
"original": "<29>Mar 21 09:53:51 infoblox.localdomain httpd[]: 2022-03-18 13:24:41.705Z [admin]: Logout - - ip=10.50.0.1 group=admin-group trigger_event=Session\\040Expiration",
"type": [
"end"
Expand Down Expand Up @@ -64,7 +64,7 @@
"category": [
"authentication"
],
"created": "2024-04-13T22:14:36.000Z",
"created": "2025-04-13T22:14:36.000Z",
"original": "<141>Apr 13 22:14:36 ns1.infoblox.localdomain 10.50.1.227 httpd: 2022-04-13 16:44:36.850Z [fefdn\\040wdbj]: Login_Denied - - to=AdminConnector ip=10.50.0.1 info=Local apparently_via=GUI",
"outcome": "failure"
},
Expand Down Expand Up @@ -121,7 +121,7 @@
"category": [
"authentication"
],
"created": "2024-03-21T09:53:51.000Z",
"created": "2025-03-21T09:53:51.000Z",
"original": "<29>Mar 21 09:53:51 infoblox.localdomain 10.0.0.1 httpd: 2022-03-21 08:53:51.087Z [service_account_test]: Login_Allowed - - to=AdminConnector ip=10.0.0.2 auth=LOCAL group=some-Group apparently_via=API",
"outcome": "success",
"type": [
Expand Down Expand Up @@ -182,7 +182,7 @@
"category": [
"authentication"
],
"created": "2024-03-22T14:26:54.000Z",
"created": "2025-03-22T14:26:54.000Z",
"original": "<29>Mar 22 14:26:54 10.0.0.1 httpd: 2011-10-19 19:48:37.299Z [admin]: Login_Allowed - - to=Serial\\040Console apparently_via=Direct auth=Local group=admin-group",
"outcome": "success",
"type": [
Expand Down Expand Up @@ -237,7 +237,7 @@
"category": [
"authentication"
],
"created": "2024-03-22T14:26:54.000Z",
"created": "2025-03-22T14:26:54.000Z",
"original": "<29>Mar 22 14:26:54 10.0.0.1 httpd: 2011-10-19 14:02:32.750Z [admin]: Login_Denied - - to=Serial\\040Console apparently_via=Direct error=invalid\\040login\\040or\\040password",
"outcome": "failure"
},
Expand Down Expand Up @@ -285,7 +285,7 @@
},
"event": {
"action": "first_login",
"created": "2024-03-22T14:26:54.000Z",
"created": "2025-03-22T14:26:54.000Z",
"original": "<29>Mar 22 14:26:54 10.0.0.1 httpd: 2011-10-19 12:43:47.375Z [user]: First_Login - - to=AdminConnector ip=10.0.0.2 auth=LOCAL group=admin-group apparently_via=GUI\\040first\\040login"
},
"host": {
Expand Down Expand Up @@ -335,7 +335,7 @@
},
"event": {
"action": "password_reset_error",
"created": "2024-03-22T14:26:54.000Z",
"created": "2025-03-22T14:26:54.000Z",
"original": "<29>Mar 22 14:26:54 10.0.0.1 httpd: 2011-10-19 13:07:33.343Z [user]: Password_Reset_Error - - to=AdminConnector auth=LOCALgroup=admin-group apparently_via=GUI"
},
"host": {
Expand Down Expand Up @@ -382,7 +382,7 @@
},
"event": {
"action": "modified",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-21 17:19:02.204Z [admin]: Modified Network 192.168.0.0/24 network_view=default: Changed dhcp_members:[]->[[grid_member=Member:infoblox.localdomain]]"
},
"host": {
Expand Down Expand Up @@ -431,7 +431,7 @@
},
"event": {
"action": "created",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-24 09:37:29.261Z [admin]: Created Network 192.168.0.0/24 network_view=default: Set extensible_attributes=[],address=\"192.168.2.0\",auto_create_reversezone=False,cidr=24,comment=\"\",common_properties=[domain_name_servers=[],routers=[]],dhcp_members=[[grid_member=Member:infoblox.localdomain]],disabled=False,discovery_member=NULL,enable_discovery=False,enable_immediate_discovery=False,network_view=NetworkView:default,use_basic_polling_settings=False,use_member_enable_discovery=False,vlans=[]"
},
"host": {
Expand Down Expand Up @@ -480,7 +480,7 @@
},
"event": {
"action": "modified",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-18 11:46:38.877Z [admin]: Modified MemberDhcp infoblox.localdomain: Changed enable_service:False->True"
},
"host": {
Expand Down Expand Up @@ -529,7 +529,7 @@
},
"event": {
"action": "called",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-29 19:29:20.468Z [admin]: Called - RestartService: Args services=[\"ALL\"],parents=[],force=True,mode=\"GROUPED\""
},
"host": {
Expand Down Expand Up @@ -577,7 +577,7 @@
},
"event": {
"action": "created",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-29 18:30:58.656Z [admin]: Created Ruleset Block: Set comment=\"\",disabled=True,name=\"Block\",type=\"BLACKLIST\""
},
"host": {
Expand Down Expand Up @@ -626,7 +626,7 @@
},
"event": {
"action": "called",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-24 09:28:24.476Z [admin]: Called - TransferTrafficCapture message=Download\\040Traffic\\040capture\\040file: Args message=\"Download Traffic capture file\",members=[Member:infoblox.localdomain]"
},
"host": {
Expand Down Expand Up @@ -674,7 +674,7 @@
},
"event": {
"action": "created",
"created": "2024-03-21T16:08:08.000Z",
"created": "2025-03-21T16:08:08.000Z",
"original": "<29>Mar 21 16:08:08 10.0.0.1 httpd: 2022-03-21 15:08:08.238Z [service_account_test]: Created HostAddress 10.0.0.1 network_view=default: Set address=\"10.0.0.1\",configure_for_dhcp=False,match_option=\"MAC_ADDRESS\",parent=HostRecord:._default.tld.domain.subdomain.hostrecord"
},
"host": {
Expand Down Expand Up @@ -723,7 +723,7 @@
},
"event": {
"action": "created",
"created": "2024-03-21T16:08:08.000Z",
"created": "2025-03-21T16:08:08.000Z",
"original": "<29>Mar 21 16:08:08 10.0.0.1 httpd: 2022-03-21 15:08:08.239Z [service_account_test]: Created HostRecord somerecord.subdomain.domain.tld DnsView=default alias=somealias.subdomain.domain.tld address=10.0.0.1: Set extensible_attributes=[[name=\"NAC-Policy\",value=\"Host\"]],addresses=[address=\"10.0.0.1\"],aliases=[HostAlias:._default.tld.domain.subdomain.somealias.._default.tld.domain.subdomain.somehostrecord],fqdn=\"somerecord.subdomain.domain.tld\""
},
"host": {
Expand Down Expand Up @@ -772,7 +772,7 @@
},
"event": {
"action": "deleted",
"created": "2024-03-21T16:08:48.000Z",
"created": "2025-03-21T16:08:48.000Z",
"original": "<29>Mar 21 16:08:48 10.0.0.1 httpd: 2022-03-21 15:08:48.455Z [service_account_test]: Deleted HostRecord somerecord.subdomain.domain.tld DnsView=default address=10.0.0.0"
},
"host": {
Expand Down Expand Up @@ -821,7 +821,7 @@
},
"event": {
"action": "deleted",
"created": "2024-03-22T14:26:54.000Z",
"created": "2025-03-22T14:26:54.000Z",
"original": "<29>Mar 22 14:26:54 10.0.0.1 httpd: 2022-03-22 13:26:54.596Z [some_admin_account]: Deleted CaaRecord somecaarecord.domain.tld DnsView=default "
},
"host": {
Expand Down Expand Up @@ -870,7 +870,7 @@
},
"event": {
"action": "created",
"created": "2024-03-22T14:26:54.000Z",
"created": "2025-03-22T14:26:54.000Z",
"original": "<29>Mar 22 14:26:54 10.0.0.1 httpd: 2022-03-22 13:26:54.596Z [some_admin_account]: Created HostAddress 192.168.0.0 network_view=default: Set address=\"192.168.0.0\",configure_for_dhcp=True,mac_address=\"01:01:01:01:01:01\",match_option=\"MAC_ADDRESS\",network=Network:192.168.0.0/24\\054network_view\\075default,parent=HostRecord:._default.test.test3,reserved_interface=NULL,use_for_ea_inheritance=True"
},
"host": {
Expand Down Expand Up @@ -919,7 +919,7 @@
},
"event": {
"action": "modified",
"created": "2024-03-22T14:26:54.000Z",
"created": "2025-03-22T14:26:54.000Z",
"original": "<29>Mar 22 14:26:54 10.0.0.1 httpd: 2022-03-22 13:26:54.596Z [some_admin_account]: Modified Network 192.168.0.0/24 network_view=default: Changed dhcp_members:[]->[[grid_member=Member:infoblox.localdomain]]"
},
"host": {
Expand Down Expand Up @@ -968,7 +968,7 @@
},
"event": {
"action": "modified",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-18 12:40:05.241Z [adminuser]: Modified Grid Unibe-DNS-Grid: Changed backup_setting:[password=\"******\",restore_password=\"******\"]->[password=\"******\",restore_password=\"******\"],csp_api_config:[password=\"******\"]->[password=\"******\"],csp_settings:[csp_join_token=\"******\"]->[csp_join_token=\"******\"],download_member_conf:[[interface=\"ANY\",is_online=True,member=\"Member:Grid Master\"]]->[[interface=\"ANY\",is_online=True,member=NULL]],email_setting:[password=\"******\"]->[password=\"******\"],http_proxy_server_setting:NULL->[password=\"******\"],snmp_setting:[snmpv3_queries_users=NULL]->[snmpv3_queries_users=[]],syslog_servers:[[address=\"67.43.156.15\"],[address=\"67.43.156.15\"]]->[[address=\"67.43.156.15\"]]"
},
"host": {
Expand Down Expand Up @@ -1011,12 +1011,12 @@
}
},
{
"@timestamp": "2024-03-18T13:40:05.000Z",
"@timestamp": "2025-03-18T13:40:05.000Z",
"ecs": {
"version": "8.11.0"
},
"event": {
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 syslog: any random text"
},
"host": {
Expand Down Expand Up @@ -1051,7 +1051,7 @@
},
"event": {
"action": "called",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-29 19:29:20.468Z [admin]: Called - RestartService"
},
"host": {
Expand Down Expand Up @@ -1096,7 +1096,7 @@
},
"event": {
"action": "modified",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-21 17:19:02.204Z [admin]: Modified Network"
},
"host": {
Expand Down Expand Up @@ -1141,7 +1141,7 @@
},
"event": {
"action": "created",
"created": "2024-03-18T13:40:05.000Z",
"created": "2025-03-18T13:40:05.000Z",
"original": "<29>Mar 18 13:40:05 10.0.0.1 httpd: 2022-03-29 18:30:58.656Z [admin]: Created Ruleset"
},
"host": {
Expand Down Expand Up @@ -1180,12 +1180,12 @@
}
},
{
"@timestamp": "2024-08-24T19:50:09.000Z",
"@timestamp": "2025-08-24T19:50:09.000Z",
"ecs": {
"version": "8.11.0"
},
"event": {
"created": "2024-08-24T19:50:09.000Z",
"created": "2025-08-24T19:50:09.000Z",
"original": "<46>Aug 24 19:50:09 10.0.0.1 -- MARK --"
},
"host": {
Expand Down
Loading

0 comments on commit 94d8b50

Please sign in to comment.