search

elastic / integrations

Elastic Integrations
https://www.elastic.co/integrations
Other
199 stars 429 forks source link

[Fortinet FortiGate Firewall Logs]: rcvddelta and sentdelta are keywords as opposed to integers #11433

Open lillesvin opened 4 days ago

lillesvin commented 4 days ago

Integration Name

Fortinet FortiGate Firewall Logs [fortinet_fortigate]

Dataset Name

fortinet_fortigate.log

Integration Version

1.25.8

Agent Version

8.15.2

Agent Output Type

elasticsearch

Elasticsearch Version

8.15.2

OS Version and Architecture

Ubuntu 20.04.6 LTS (x86_64) (Official Elastic container image)

Software/API Version

No response

Error Message

No response

Event Original

No response

What did you do?

Was trying to create a traffic graph based on Fortigate logs.

What did you see?

fortinet.firewall.rcvddelta and fortinet.firewall.sentdelta are mapped as keyword values.

What did you expect to see?

fortinet.firewall.rcvddelta and fortinet.firewall.sentdelta mapped as numerics in order to be able to do math on them easily.

Anything else?

No response

elasticmachine commented 4 days ago

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)