Open bvader opened 1 year ago
Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale
to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1
. Thank you for your contribution!
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)
The
logs-azure_frontdoor.waf-1.0.0
does not appear to parse messages from Azure Frontdoor WAF correctlyThese are several sample messages from a customer It seems that this pipeline needs to be gone through in detail The following fields appear to be missing / I took a quick pass at fixing
The DNS fields etc are not properly parsed set to ECS Fields There may be other ECS fields as well that I am not familiar with
Here is a sample of my temp fix, this is not intended to be prod code Note: I removed the remove of
event.original
since there is another issue on that