Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

Sign up

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

elastic / elasticsearch Public

Notifications
Fork 25.2k
Star 72.5k

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

Add CEF processor to Ingest node #122491

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft

bhapas wants to merge 112 commits into elastic:main

base: main

Choose a base branch

Loading

Loading

from bhapas:cef_processor

+1,724 −0

Conversation 74 Commits 112 Checks 1 Files changed 4

Draft

Add CEF processor to Ingest node #122491

Show file tree

Hide file tree

Changes from all commits

Commits

Show all changes

Select commit Hold shift + click to select a range

Marius base code

bhapas Feb 13, 2025

[CI] Auto commit changes from spotless

elasticsearchmachine Feb 13, 2025

add cef processor test

bhapas Feb 13, 2025

Merge branch 'cef_processor' of github.com:bhapas/elasticsearch into …

bhapas Feb 13, 2025

Modify the parser and add more tests

bhapas Mar 19, 2025

[CI] Auto commit changes from spotless

elasticsearchmachine Mar 19, 2025

Fix parser and add more tests

bhapas Mar 20, 2025

[CI] Auto commit changes from spotless

elasticsearchmachine Mar 20, 2025

Move ecs mapping to root

bhapas Mar 20, 2025

Merge branch 'cef_processor' of github.com:bhapas/elasticsearch into …

bhapas Mar 20, 2025

[CI] Auto commit changes from spotless

elasticsearchmachine Mar 20, 2025

move non-ecs fields under cef.extensions

bhapas Mar 20, 2025

Merge branch 'cef_processor' of github.com:bhapas/elasticsearch into …

bhapas Mar 20, 2025

[CI] Auto commit changes from spotless

elasticsearchmachine Mar 20, 2025

move ecs fields to ingestdocument root

bhapas Mar 21, 2025

Merge branch 'main' into cef_processor

bhapas Mar 21, 2025

[CI] Auto commit changes from spotless

elasticsearchmachine Mar 21, 2025

bhapas Mar 24, 2025

[CI] Auto commit changes from spotless

elasticsearchmachine Mar 24, 2025

Fix commit issues

bhapas Mar 24, 2025

fix negative test

bhapas Mar 24, 2025

Update date time handling

bhapas Mar 26, 2025

fix review comments

bhapas Mar 26, 2025

Merge branch 'main' into cef_processor

bhapas Mar 26, 2025

fix more comments

bhapas Mar 26, 2025

Make parser independent of ingestDocument

bhapas Mar 27, 2025

Pass copy of headerFields to process

bhapas Mar 27, 2025

Merge branch 'main' into cef_processor

bhapas Mar 27, 2025

return fast if type is string

bhapas Mar 27, 2025

Prefer List.of over Arrays.asList

joegallo Mar 27, 2025

Rename this variable

joegallo Mar 27, 2025

Move this definition

joegallo Mar 27, 2025

Do not copy these maps

joegallo Mar 27, 2025

Conserve precious characters

joegallo Mar 27, 2025

joegallo Mar 27, 2025

Silence some warnings from IntelliJ

joegallo Mar 27, 2025

Allocate the immutable set statically

joegallo Mar 27, 2025

There's no need to copy this list

joegallo Mar 27, 2025

Conserve precious characters

joegallo Mar 27, 2025

Implement MACAddress and IP types

bhapas Mar 27, 2025

Change to traditional looping

bhapas Mar 28, 2025

Merge branch 'main' into cef_processor

bhapas Mar 28, 2025

Handle missed keys for different CEF logs

bhapas Mar 29, 2025

Merge branch 'main' into cef_processor

bhapas Mar 29, 2025

Merge branch 'main' into cef_processor

bhapas Mar 29, 2025

Merge branch 'main' into cef_processor

bhapas Mar 31, 2025

Conserve precious characters

joegallo Mar 31, 2025

do not modify collection in getter

bhapas Mar 31, 2025

convert if/else to switch

bhapas Mar 31, 2025

Don't use a default here

joegallo Mar 31, 2025

Reorder these conditions

joegallo Mar 31, 2025

Add extensions only if not empty

bhapas Apr 1, 2025

Use record for ExtensionMapping

bhapas Apr 1, 2025

bhapas Apr 1, 2025

fix test to match source than each field

bhapas Apr 1, 2025

Use Map.of for small Maps

joegallo Apr 1, 2025

Drop an unnecessary annotation

joegallo Apr 1, 2025

Rename this variable

joegallo Apr 1, 2025

Handle the extensions with processExtensions

joegallo Apr 1, 2025

Drop extensions from CEFEvent entirely

joegallo Apr 1, 2025

Manage the event lifecycle a little more tightly

joegallo Apr 1, 2025

Fuss with the visibility

joegallo Apr 1, 2025

Nest the cef mappings correctly as sub-objects

joegallo Apr 1, 2025

Merge branch 'main' into cef_processor

joegallo Apr 1, 2025

verify tests against the whole document source

bhapas Apr 2, 2025

[CI] Auto commit changes from spotless

elasticsearchmachine Apr 2, 2025

Do not allow escaped pipe in extensions

bhapas Apr 2, 2025

Use a statement lambda

joegallo Apr 2, 2025

Prefer Map.of when it's a one-liner

joegallo Apr 2, 2025

There's no need to have these as variables

joegallo Apr 2, 2025

Add a utility for comparing maps

joegallo Apr 2, 2025

Change exception message

bhapas Apr 3, 2025

Merge branch 'main' into cef_processor

bhapas Apr 3, 2025

One of these things is not like the others

joegallo Apr 3, 2025

This can be static

joegallo Apr 3, 2025

Conserve precious characters

joegallo Apr 3, 2025

Flatten the map structure

joegallo Apr 3, 2025

Tighten up this implementation

joegallo Apr 3, 2025

joegallo Apr 3, 2025

Rename this parameter and some variables

joegallo Apr 3, 2025

Conserve precious characters

joegallo Apr 3, 2025

Reorder these statements

joegallo Apr 3, 2025

The dataType is never null

joegallo Apr 3, 2025

Fix test naming

bhapas Apr 4, 2025

Merge branch 'main' into cef_processor

bhapas Apr 4, 2025

Use the InetAddresses utility for this

joegallo Apr 4, 2025

bhapas Apr 6, 2025

Make Pattern compilation static

bhapas Apr 6, 2025

Merge branch 'main' into cef_processor

bhapas Apr 6, 2025

Merge branch 'main' into cef_processor

bhapas Apr 8, 2025

Throw exception for incomplete CEF header

bhapas Apr 9, 2025

Add doc for Timestamp formats

bhapas Apr 11, 2025

Merge branch 'main' into cef_processor

bhapas Apr 11, 2025

Add appendix details

bhapas Apr 11, 2025

Merge branch 'main' into cef_processor

bhapas Apr 11, 2025

Simplify the list of supported formats

joegallo Apr 11, 2025

Rewrite the header processing to avoid regexes

joegallo Apr 11, 2025

Merge branch 'main' into cef_processor

joegallo Apr 11, 2025

Fix datatypes as per spec

bhapas Apr 14, 2025

Fix reason to lowercase

bhapas Apr 14, 2025

Change label to lowercase

bhapas Apr 14, 2025

Change deviceFacility to String per spec

bhapas Apr 14, 2025

Merge branch 'main' into cef_processor

bhapas Apr 14, 2025

Correct field types according to spec

bhapas Apr 14, 2025

Add CEF spec 1.x fields

bhapas Apr 14, 2025

Remove unnnecessary code

bhapas Apr 14, 2025

Remove unused constant

bhapas Apr 14, 2025

Merge branch 'main' into cef_processor

bhapas Apr 14, 2025

Fix handling of spaces

bhapas Apr 14, 2025

Throw exception on unescaped equals sign

bhapas Apr 14, 2025

Merge branch 'main' into cef_processor

bhapas Apr 14, 2025

Merge branch 'main' into cef_processor

bhapas Apr 14, 2025

File filter

Filter by extension

Filter by extension .java (4) All 1 file type selected

Viewed files

Conversations

Failed to load comments.

Loading

Jump to

Jump to file

Failed to load files.

Loading

Diff view

Unified

Split

Hide whitespace

Diff view

Unified

Split

Hide whitespace

- - CefProcessorTests.java

There are no files selected for viewing

Loading

Oops, something went wrong.

Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.