From 6ee222a6766a18fa07d9c988d1519a7c04bd7b30 Mon Sep 17 00:00:00 2001 From: Shaunak Kashyap Date: Wed, 1 Apr 2020 21:15:01 -0700 Subject: [PATCH] Removing fields not available in 7.6 --- .../audit/test/test-audit-761.log-expected.json | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/filebeat/module/elasticsearch/audit/test/test-audit-761.log-expected.json b/filebeat/module/elasticsearch/audit/test/test-audit-761.log-expected.json index c2bb0468065..969a8f6cd02 100644 --- a/filebeat/module/elasticsearch/audit/test/test-audit-761.log-expected.json +++ b/filebeat/module/elasticsearch/audit/test/test-audit-761.log-expected.json @@ -23,24 +23,17 @@ ], "elasticsearch.node.id": "vvj136QVQ2Ci2aXmrhyi3Q", "event.action": "access_granted", - "event.category": "database", "event.dataset": "elasticsearch.audit", - "event.kind": "event", "event.module": "elasticsearch", - "event.outcome": "success", "event.timezone": "-02:00", "fileset.name": "audit", - "host.id": "vvj136QVQ2Ci2aXmrhyi3Q", "input.type": "log", "log.offset": 0, "message": "{\"@timestamp\":\"2020-04-01T11:21:06,725+0200\", \"node.id\":\"vvj136QVQ2Ci2aXmrhyi3Q\", \"event.type\":\"transport\", \"event.action\":\"access_granted\", \"user.name\":\"logstash_manager\", \"user.realm\":\"native1\", \"user.roles\":[\"logstash_admin\",\"cluster_monitor\"], \"origin.type\":\"rest\", \"origin.address\":\"10.54.25.111:52148\", \"request.id\":\"rLBMfPM2Q9q-DQEB_g30ww\", \"action\":\"indices:data/read/mget[shard]\", \"request.name\":\"MultiGetShardRequest\", \"indices\":[\".logstash\",\".logstash\",\".logstash\",\".logstash\",\".logstash\",\".logstash\",\".logstash\",\".logstash\"]}", - "related.user": [ - "logstash_manager" - ], "service.type": "elasticsearch", "source.address": "10.54.25.111:52148", "source.ip": "10.54.25.111", "source.port": 52148, "user.name": "logstash_manager" } -] \ No newline at end of file +]