DO NOT MERGE - troubleshooting CI issue for Keycloak integration #19101
datadog-assets / validate-logs
failed
Jan 13, 2025 in 0s
Validation Results for "logs"
The "logs" assets are not valid.
Details
See individual file annotations for details.
Annotations
datadog-assets / validate-logs
Error in logs
attribute-remapper has a non-standard `name`, please change it to: Map `firstname` to `usr.name`
datadog-assets / validate-logs
Error in logs
Facets are either sorted incorrectly or are missing standard attribute facets. Replace existing `facets` list with:
- groups:
- DNS
name: Question Name
path: dns.question.name
source: log
- groups:
- Web Access
name: Method
path: http.method
source: log
- groups:
- Web Access
name: URL Path
path: http.url
source: log
- groups:
- Web Access
name: URL Host
path: http.url_details.host
source: log
- groups:
- Web Access
name: URL Path
path: http.url_details.path
source: log
- groups:
- Web Access
name: URL Port
path: http.url_details.port
source: log
- groups:
- Web Access
name: URL scheme
path: http.url_details.scheme
source: log
- groups:
- Web Access
name: User-Agent
path: http.useragent
source: log
- groups:
- Web Access
name: Browser
path: http.useragent_details.browser.family
source: log
- groups:
- Web Access
name: Device
path: http.useragent_details.device.family
source: log
- groups:
- Web Access
name: OS
path: http.useragent_details.os.family
source: log
- groups:
- Geoip
name: City Name
path: network.client.geoip.city.name
source: log
- groups:
- Geoip
name: Continent Code
path: network.client.geoip.continent.code
source: log
- groups:
- Geoip
name: Continent Name
path: network.client.geoip.continent.name
source: log
- groups:
- Geoip
name: Country ISO Code
path: network.client.geoip.country.iso_code
source: log
- groups:
- Geoip
name: Country Name
path: network.client.geoip.country.name
source: log
- groups:
- Geoip
name: Subdivision ISO Code
path: network.client.geoip.subdivision.iso_code
source: log
- groups:
- Geoip
name: Subdivision Name
path: network.client.geoip.subdivision.name
source: log
- groups:
- Web Access
name: Client IP
path: network.client.ip
source: log
- groups:
- Web Access
name: Client Port
path: network.client.port
source: log
- groups:
- Geoip
name: City Name
path: network.destination.geoip.city.name
source: log
- groups:
- Geoip
name: Continent Code
path: network.destination.geoip.continent.code
source: log
- groups:
- Geoip
name: Continent Name
path: network.destination.geoip.continent.name
source: log
- groups:
- Geoip
name: Country ISO Code
path: network.destination.geoip.country.iso_code
source: log
- groups:
- Geoip
name: Country Name
path: network.destination.geoip.country.name
source: log
- groups:
- Geoip
name: Subdivision ISO Code
path: network.destination.geoip.subdivision.iso_code
source: log
- groups:
- Geoip
name: Subdivision Name
path: network.destination.geoip.subdivision.name
source: log
- groups:
- Web Access
name: Destination IP
path: network.destination.ip
source: log
- groups:
- User
name: User Email
path: usr.email
source: log
- groups:
- User
name: User ID
path: usr.id
source: log
- groups:
- User
name: User Name
path: usr.name
source: log
datadog-assets / validate-logs
Error in logs
Standard attribute definition must be uniform across all integrations. Replace this definition with:
groups:
- Geoip
name: Destination City Name
path: network.destination.geoip.city.name
source: log
datadog-assets / validate-logs
Error in logs
Standard attribute definition must be uniform across all integrations. Replace this definition with:
groups:
- Geoip
name: Destination Continent Code
path: network.destination.geoip.continent.code
source: log
datadog-assets / validate-logs
Error in logs
Standard attribute definition must be uniform across all integrations. Replace this definition with:
groups:
- Geoip
name: Destination Continent Name
path: network.destination.geoip.continent.name
source: log
datadog-assets / validate-logs
Error in logs
Standard attribute definition must be uniform across all integrations. Replace this definition with:
groups:
- Geoip
name: Destination Country ISO Code
path: network.destination.geoip.country.iso_code
source: log
datadog-assets / validate-logs
Error in logs
Standard attribute definition must be uniform across all integrations. Replace this definition with:
groups:
- Geoip
name: Destination Country Name
path: network.destination.geoip.country.name
source: log
datadog-assets / validate-logs
Error in logs
Standard attribute definition must be uniform across all integrations. Replace this definition with:
groups:
- Geoip
name: Destination Subdivision ISO Code
path: network.destination.geoip.subdivision.iso_code
source: log
datadog-assets / validate-logs
Error in logs
Standard attribute definition must be uniform across all integrations. Replace this definition with:
groups:
- Geoip
name: Destination Subdivision Name
path: network.destination.geoip.subdivision.name
source: log
datadog-assets / validate-logs
Error in logs
Expected sample output:
id: "forcepoint-security-service-edge"
tests:
-
sample: |-
{
"owner" : "abc@xyz.io",
"dlpmatchlocations" : "",
"classifylabels" : "",
"attachments" : "",
"originalfolder" : "",
"filelink" : "https://file_123.com",
"patterns" : "Encypted File (IsLocked: True), Document and PDF Files (FileMatchClassification: pdf)",
"originalpatterns" : "",
"enterprisename" : "",
"createdtime" : "27 Dec 2024 06:18:35",
"filename" : "file_123.pdf",
"folder" : "/My Drive",
"modifiedtime" : "26 Dec 2024 11:09:12",
"size" : "233926",
"application" : "Cloud Apps",
"policyid" : "",
"organization" : "",
"time" : "27 Dec 2024 07:19:17",
"sharedwith" : "",
"syslogheader" : "<110>1 2024-12-27T07:19:17.887066Z api.hostserver.com NILVALUE NILVALUE cloudsummary",
"status" : "Internal, Shared, DLP",
"fileid" : "1fdf5e4f8e4f8er4e8re7e"
}
service: "forcepoint-sse-cloudsummary"
result:
custom:
application: "Cloud Apps"
attachments: ""
classifylabels: ""
createdtime: "27 Dec 2024 06:18:35"
dlpmatchlocations: ""
enterprisename: ""
fileid: "1fdf5e4f8e4f8er4e8re7e"
filelink: "https://file_123.com"
filename: "file_123.pdf"
folder: "/My Drive"
modifiedtime: "26 Dec 2024 11:09:12"
organization: ""
originalfolder: ""
originalpatterns: ""
owner: "abc@xyz.io"
patterns: "Encypted File (IsLocked: True), Document and PDF Files (FileMatchClassification: pdf)"
policyid: ""
sharedwith: ""
size: "233926"
status: "Internal, Shared, DLP"
syslog:
hostname: "api.hostserver.com"
msgid: "cloudsummary"
priority: 110
syslogheader: "<110>1 2024-12-27T07:19:17.887066Z api.hostserver.com NILVALUE NILVALUE cloudsummary"
time: "27 Dec 2024 07:19:17"
message: |-
{
"owner" : "abc@xyz.io",
"dlpmatchlocations" : "",
"classifylabels" : "",
"attachments" : "",
"originalfolder" : "",
"filelink" : "https://file_123.com",
"patterns" : "Encypted File (IsLocked: True), Document and PDF Files (FileMatchClassification: pdf)",
"originalpatterns" : "",
"enterprisename" : "",
"createdtime" : "27 Dec 2024 06:18:35",
"filename" : "file_123.pdf",
"folder" : "/My Drive",
"modifiedtime" : "26 Dec 2024 11:09:12",
"size" : "233926",
"application" : "Cloud Apps",
"policyid" : "",
"organization" : "",
"time" : "27 Dec 2024 07:19:17",
"sharedwith" : "",
"syslogheader" : "<110>1 2024-12-27T07:19:17.887066Z api.hostserver.com NILVALUE NILVALUE cloudsummary",
"status" : "Internal, Shared, DLP",
"fileid" : "1fdf5e4f8e4f8er4e8re7e"
}
service: "forcepoint-sse-cloudsummary"
tags:
- "source:LOGS_SOURCE"
timestamp: 1
Loading