Open taylor-swanson opened 2 weeks ago
Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)
Is #6768 relevant for squid after the rewrite? If not, can you amend that issue to make this clear.
(I was checking to see if there were any open issues tagged with squid.)
Is #6768 relevant for squid after the rewrite? If not, can you amend that issue to make this clear.
(I was checking to see if there were any open issues tagged with squid.)
Good question. For right now, I don't think so. The timestamp in Squid's access log is a UTC unix timestamp, so a separate time zone config isn't necessary.
EDIT: Just read closer and that referred to the add_locale processor specifically. Let me check... EDIT2: add_locale is no longer, so no action needed here.
The Squid integration was rewritten to use ingest pipelines in #10770. There are a few more tasks needing to be done:
Acceptance Criteria