diff --git a/code/go/internal/validator/semantic/validate_agent_version.go b/code/go/internal/validator/semantic/validate_agent_version.go new file mode 100644 index 000000000..a30c526b6 --- /dev/null +++ b/code/go/internal/validator/semantic/validate_agent_version.go @@ -0,0 +1,59 @@ +// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one +// or more contributor license agreements. Licensed under the Elastic License; +// you may not use this file except in compliance with the Elastic License. + +package semantic + +import ( + "errors" + "fmt" + + "github.com/Masterminds/semver/v3" + + "github.com/elastic/package-spec/v3/code/go/internal/fspath" + "github.com/elastic/package-spec/v3/code/go/internal/pkgpath" + "github.com/elastic/package-spec/v3/code/go/pkg/specerrors" +) + +var ( + errInvalidAgentVersionCondition = fmt.Errorf("invalid agent.version condition") + errAgentVersionIncorrectType = fmt.Errorf("manifest agent version is not a string") +) + +// ValidateMinimumAgentVersion checks that the package manifest includes the agent.version condition. +func ValidateMinimumAgentVersion(fsys fspath.FS) specerrors.ValidationErrors { + manifest, err := readManifest(fsys) + if err != nil { + return specerrors.ValidationErrors{specerrors.NewStructuredError(err, specerrors.UnassignedCode)} + } + + agentVersionCondition, err := getAgentVersionCondition(*manifest) + if err != nil { + return specerrors.ValidationErrors{specerrors.NewStructuredError(err, specerrors.UnassignedCode)} + } + + if agentVersionCondition != "" { + if _, err := semver.NewConstraint(agentVersionCondition); err != nil { + return specerrors.ValidationErrors{specerrors.NewStructuredError(errors.Join(err, errInvalidAgentVersionCondition), specerrors.UnassignedCode)} + } + } + + return nil +} + +func getAgentVersionCondition(manifest pkgpath.File) (string, error) { + val, err := manifest.Values("$.conditions[\"agent.version\"]") + if err != nil { + val, err = manifest.Values("$.conditions.agent.version") + if err != nil { + return "", nil + } + } + + sVal, ok := val.(string) + if !ok { + return "", errAgentVersionIncorrectType + } + + return sVal, nil +} diff --git a/code/go/internal/validator/semantic/validate_agent_version_test.go b/code/go/internal/validator/semantic/validate_agent_version_test.go new file mode 100644 index 000000000..1276bde20 --- /dev/null +++ b/code/go/internal/validator/semantic/validate_agent_version_test.go @@ -0,0 +1,87 @@ +// Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one +// or more contributor license agreements. Licensed under the Elastic License; +// you may not use this file except in compliance with the Elastic License. + +package semantic + +import ( + "os" + "path/filepath" + "testing" + + "github.com/stretchr/testify/require" + + "github.com/elastic/package-spec/v3/code/go/internal/fspath" +) + +func TestValidateMinimumAgentVersion(t *testing.T) { + cases := []struct { + title string + manifestYAML string + expectedErr error + }{ + { + title: "valid - agent.version condition is present", + manifestYAML: ` +name: test-package +version: 1.0.0 +conditions: + agent: + version: "^8.0.0" +`, + expectedErr: nil, + }, + { + title: "invalid - agent.version condition is missing", + manifestYAML: ` +name: test-package +version: 1.0.0 +conditions: + some.other.condition: "value" +`, + expectedErr: nil, + }, + { + title: "invalid - agent.version condition is not a string", + manifestYAML: ` +name: test-package +version: 1.0.0 +conditions: + agent.version: + min: "^8.0.0" +`, + expectedErr: errAgentVersionIncorrectType, + }, + { + title: "invalid - agent.version condition is not a constraint", + manifestYAML: ` +name: test-package +version: 1.0.0 +conditions: + agent.version: test +`, + expectedErr: errInvalidAgentVersionCondition, + }, + } + + for _, c := range cases { + t.Run(c.title, func(t *testing.T) { + tempDir := t.TempDir() + + manifestPath := filepath.Join(tempDir, "manifest.yml") + err := os.WriteFile(manifestPath, []byte(c.manifestYAML), 0644) + require.NoError(t, err) + + fsys := fspath.DirFS(tempDir) + errs := ValidateMinimumAgentVersion(fsys) + + if c.expectedErr != nil { + require.Len(t, errs, 1) + require.ErrorIs(t, errs[0], c.expectedErr) + } else { + require.Empty(t, errs) + } + }) + } + +} diff --git a/code/go/internal/validator/spec.go b/code/go/internal/validator/spec.go index d6dd2ca90..123eb7c6d 100644 --- a/code/go/internal/validator/spec.go +++ b/code/go/internal/validator/spec.go @@ -218,6 +218,7 @@ func (s Spec) rules(pkgType string, rootSpec spectypes.ItemSpec) validationRules {fn: semantic.ValidateDeploymentModes, types: []string{"integration"}}, {fn: semantic.ValidateDurationVariables, since: semver.MustParse("3.5.0")}, {fn: semantic.ValidateInputPackagesPolicyTemplates, types: []string{"input"}}, + {fn: semantic.ValidateMinimumAgentVersion}, } var validationRules validationRules diff --git a/code/go/pkg/validator/validator_test.go b/code/go/pkg/validator/validator_test.go index f56b802e5..154628808 100644 --- a/code/go/pkg/validator/validator_test.go +++ b/code/go/pkg/validator/validator_test.go @@ -317,6 +317,12 @@ func TestValidateFile(t *testing.T) { "policy template \"sql_query\" references template_path \"\": template_path is required for input type packages", }, }, + "bad_agent_version_v3": { + "manifest.yml", + []string{ + "field conditions.agent: version is required", + }, + }, } for pkgName, test := range tests { diff --git a/spec/changelog.yml b/spec/changelog.yml index 4bb7d273f..591e8e0b6 100644 --- a/spec/changelog.yml +++ b/spec/changelog.yml @@ -12,6 +12,9 @@ - description: Add support for semantic_text field definition. type: enhancement link: https://github.com/elastic/package-spec/pull/807 + - description: Require defining agent version constraints in input and integration packages. + type: breaking-change + link: https://github.com/elastic/package-spec/pull/999 - version: 3.5.1-next changes: - description: Input packages don't require to define fields. @@ -23,6 +26,9 @@ - description: Input packages require to define template_path in manifest. type: enhancement link: https://github.com/elastic/package-spec/pull/1000 + - description: Allow to define agent version constrains in input and integration packages. + type: enhancement + link: https://github.com/elastic/package-spec/pull/999 - version: 3.5.0 changes: - description: Add `duration` variable data type with `min_duration` and `max_duration` validation properties. diff --git a/spec/content/manifest.spec.yml b/spec/content/manifest.spec.yml index e3812013a..8aead08fe 100644 --- a/spec/content/manifest.spec.yml +++ b/spec/content/manifest.spec.yml @@ -66,7 +66,14 @@ spec: categories: $ref: "../integration/manifest.spec.yml#/definitions/categories" conditions: - $ref: "../integration/manifest.spec.yml#/definitions/conditions" + description: Conditions under which this package can be installed. + type: object + additionalProperties: false + properties: + elastic: + $ref: "../integration/manifest.spec.yml#/definitions/conditions/properties/elastic" + kibana: + $ref: "../integration/manifest.spec.yml#/definitions/conditions/properties/kibana" discovery: $ref: "#/definitions/discovery" icons: diff --git a/spec/input/manifest.spec.yml b/spec/input/manifest.spec.yml index ecce958dc..227ea0179 100644 --- a/spec/input/manifest.spec.yml +++ b/spec/input/manifest.spec.yml @@ -120,9 +120,14 @@ spec: - version - type - owner + - conditions # JSON patches for newer versions should be placed on top versions: + - before: 3.6.0 + patch: + - op: remove + path: "/required/7" # removes requirement for conditions # Reserve otelcol input name before 3.5.0. - before: 3.5.0 patch: diff --git a/spec/integration/manifest.spec.yml b/spec/integration/manifest.spec.yml index 38c233d56..be75cbde3 100644 --- a/spec/integration/manifest.spec.yml +++ b/spec/integration/manifest.spec.yml @@ -217,6 +217,20 @@ spec: description: Kibana versions compatible with this package. examples: - ">=7.9.0" + agent: + description: Elastic Agent conditions + type: object + additionalProperties: false + properties: + version: + type: string + description: Elastic Agent versions compatible with this package. + examples: + - "^9.5.0" + required: + - version + required: + - agent description: description: > A longer description of the package. It should describe, at least all the kinds of @@ -670,6 +684,7 @@ spec: - version - type - owner + - conditions allOf: - if: properties: @@ -692,6 +707,14 @@ spec: # JSON patches for newer versions should be placed on top versions: + - before: 3.6.0 + patch: + - op: remove + path: "/required/7" # removes requirement for conditions + - op: remove + path: "/definitions/conditions/required/0" # removes requirement for agent + - op: remove + path: "/definitions/conditions/properties/agent/required/0" # removes requirement for version - before: 3.3.2 patch: - op: remove diff --git a/test/packages/bad_agent_version_v3/LICENSE.txt b/test/packages/bad_agent_version_v3/LICENSE.txt new file mode 100644 index 000000000..d64569567 --- /dev/null +++ b/test/packages/bad_agent_version_v3/LICENSE.txt @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/test/packages/bad_agent_version_v3/NOTICE.txt b/test/packages/bad_agent_version_v3/NOTICE.txt new file mode 100644 index 000000000..c76edc139 --- /dev/null +++ b/test/packages/bad_agent_version_v3/NOTICE.txt @@ -0,0 +1,2 @@ +Elastic package-spec +Copyright 2021 Elasticsearch B.V. \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/_dev/build/build.yml b/test/packages/bad_agent_version_v3/_dev/build/build.yml new file mode 100644 index 000000000..fcd61c363 --- /dev/null +++ b/test/packages/bad_agent_version_v3/_dev/build/build.yml @@ -0,0 +1,4 @@ +dependencies: + ecs: + reference: git@v8.6.0 + import_mappings: true diff --git a/test/packages/bad_agent_version_v3/_dev/build/docs/README.md b/test/packages/bad_agent_version_v3/_dev/build/docs/README.md new file mode 100644 index 000000000..1a9dfb44c --- /dev/null +++ b/test/packages/bad_agent_version_v3/_dev/build/docs/README.md @@ -0,0 +1 @@ +This is a template for the package README. \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/_dev/deploy/tf/.terraform.lock.hcl b/test/packages/bad_agent_version_v3/_dev/deploy/tf/.terraform.lock.hcl new file mode 100644 index 000000000..fbb6f39c1 --- /dev/null +++ b/test/packages/bad_agent_version_v3/_dev/deploy/tf/.terraform.lock.hcl @@ -0,0 +1,8 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/google" { +} + +provider "registry.terraform.io/hashicorp/local" { +} diff --git a/test/packages/bad_agent_version_v3/_dev/deploy/tf/data.json b/test/packages/bad_agent_version_v3/_dev/deploy/tf/data.json new file mode 100644 index 000000000..7d70546a9 --- /dev/null +++ b/test/packages/bad_agent_version_v3/_dev/deploy/tf/data.json @@ -0,0 +1,3 @@ +{ + "a": "data file containing json" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/_dev/deploy/tf/main.tf b/test/packages/bad_agent_version_v3/_dev/deploy/tf/main.tf new file mode 100644 index 000000000..f6a81b458 --- /dev/null +++ b/test/packages/bad_agent_version_v3/_dev/deploy/tf/main.tf @@ -0,0 +1 @@ +# A Terraform file diff --git a/test/packages/bad_agent_version_v3/_dev/deploy/tf/template.tftpl b/test/packages/bad_agent_version_v3/_dev/deploy/tf/template.tftpl new file mode 100644 index 000000000..d9e45e2a0 --- /dev/null +++ b/test/packages/bad_agent_version_v3/_dev/deploy/tf/template.tftpl @@ -0,0 +1 @@ +A Terraform template file diff --git a/test/packages/bad_agent_version_v3/_dev/shared/base-fields.yml b/test/packages/bad_agent_version_v3/_dev/shared/base-fields.yml new file mode 100644 index 000000000..a3e80e3a5 --- /dev/null +++ b/test/packages/bad_agent_version_v3/_dev/shared/base-fields.yml @@ -0,0 +1,9 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. diff --git a/test/packages/bad_agent_version_v3/_dev/test/config.yml b/test/packages/bad_agent_version_v3/_dev/test/config.yml new file mode 100644 index 000000000..0f3692043 --- /dev/null +++ b/test/packages/bad_agent_version_v3/_dev/test/config.yml @@ -0,0 +1,13 @@ +system: + parallel: true + skip: + reason: ignoring all system tests + link: https://github.com/elastic/package-spec/issues/1 +pipeline: + parallel: false +asset: + parallel: false +policy: + parallel: false +static: + parallel: false diff --git a/test/packages/bad_agent_version_v3/changelog.yml b/test/packages/bad_agent_version_v3/changelog.yml new file mode 100644 index 000000000..b87e10200 --- /dev/null +++ b/test/packages/bad_agent_version_v3/changelog.yml @@ -0,0 +1,31 @@ +- version: 1.0.1 + changes: + - description: Add kibana configuration links + type: enhancement + link: https://github.com/elastic/package-spec/pull/834 +- version: 1.0.0 + changes: + - description: LTS version + type: enhancement + link: https://github.com/elastic/package-spec/pull/256 +- version: 1.0.0-next + changes: + - description: release candidate + type: enhancement + link: https://github.com/elastic/package-spec/pull/172 +- version: 0.1.1 + changes: + - description: Change A + type: enhancement + link: https://github.com/elastic/package-spec/pull/193 + - description: Change B + type: enhancement + link: https://github.com/elastic/package-spec/pull/193 + - description: Change C + type: enhancement + link: https://github.com/elastic/package-spec/pull/193 +- version: 0.1.2 + changes: + - description: initial release + type: enhancement + link: https://github.com/elastic/package-spec/pull/131 diff --git a/test/packages/bad_agent_version_v3/data_stream/agent_settings/_dev/test/system/test-default-config.yml b/test/packages/bad_agent_version_v3/data_stream/agent_settings/_dev/test/system/test-default-config.yml new file mode 100644 index 000000000..dd8ddef14 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/agent_settings/_dev/test/system/test-default-config.yml @@ -0,0 +1,20 @@ +wait_for_data_timeout: 10m +vars: ~ +agent: + runtime: docker + base_image: complete + user: root + pid_mode: host + linux_capabilities: + - AUDIT_CONTROL + ports: + - 127.0.0.0:8000:8000 + - 8888:8888 + provisioning_script: + language: bash + contents: | + mkdir -p /testfolder/ + pre_start_script: + language: sh + contents: | + export PATH=${PATH}:/testfolder/ diff --git a/test/packages/bad_agent_version_v3/data_stream/agent_settings/agent/stream/stream.yml.hbs b/test/packages/bad_agent_version_v3/data_stream/agent_settings/agent/stream/stream.yml.hbs new file mode 100644 index 000000000..5845510de --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/agent_settings/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths as |path i|}} + - {{path}} +{{/each}} +exclude_files: [".gz$"] +processors: + - add_locale: ~ diff --git a/test/packages/bad_agent_version_v3/data_stream/agent_settings/elasticsearch/ingest_pipeline/default.yml b/test/packages/bad_agent_version_v3/data_stream/agent_settings/elasticsearch/ingest_pipeline/default.yml new file mode 100644 index 000000000..1a308fded --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/agent_settings/elasticsearch/ingest_pipeline/default.yml @@ -0,0 +1,10 @@ +--- +description: Pipeline for processing sample logs +processors: +- set: + field: sample_field + value: "1" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/test/packages/bad_agent_version_v3/data_stream/agent_settings/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/agent_settings/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/agent_settings/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/agent_settings/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/agent_settings/manifest.yml new file mode 100644 index 000000000..7e1c929f5 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/agent_settings/manifest.yml @@ -0,0 +1,13 @@ +title: "Agent Settings" +type: logs +streams: + - input: logfile + title: Sample logs + description: Collect sample logs + vars: + - name: paths + type: text + title: Paths + multi: true + default: + - /var/log/*.log diff --git a/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/agent/stream/stream.yml.hbs b/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/agent/stream/stream.yml.hbs new file mode 100644 index 000000000..5845510de --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths as |path i|}} + - {{path}} +{{/each}} +exclude_files: [".gz$"] +processors: + - add_locale: ~ diff --git a/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/elasticsearch/ingest_pipeline/default.yml b/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/elasticsearch/ingest_pipeline/default.yml new file mode 100644 index 000000000..1a308fded --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/elasticsearch/ingest_pipeline/default.yml @@ -0,0 +1,10 @@ +--- +description: Pipeline for processing sample logs +processors: +- set: + field: sample_field + value: "1" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/manifest.yml new file mode 100644 index 000000000..e7dab8a94 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/ecs_import_mappings/manifest.yml @@ -0,0 +1,476 @@ +title: "Includes ECS imported mappings in manifest" +type: logs +streams: + - input: logfile + title: Sample logs + description: Collect sample logs + vars: + - name: paths + type: text + title: Paths + multi: true + default: + - /var/log/*.log +elasticsearch: + index_template: + mappings: + dynamic_templates: + - _embedded_ecs-ecs_timestamp: + mapping: + ignore_malformed: false + type: date + path_match: '@timestamp' + - _embedded_ecs-data_stream_to_constant: + mapping: + type: constant_keyword + path_match: data_stream.* + - _embedded_ecs-resolved_ip_to_ip: + mapping: + type: ip + match: resolved_ip + - _embedded_ecs-forwarded_ip_to_ip: + mapping: + type: ip + match: forwarded_ip + match_mapping_type: string + - _embedded_ecs-ip_to_ip: + mapping: + type: ip + match: ip + match_mapping_type: string + - _embedded_ecs-port_to_long: + mapping: + type: long + match: port + - _embedded_ecs-thread_id_to_long: + mapping: + type: long + path_match: '*.thread.id' + - _embedded_ecs-status_code_to_long: + mapping: + type: long + match: status_code + - _embedded_ecs-line_to_long: + mapping: + type: long + path_match: '*.file.line' + - _embedded_ecs-priority_to_long: + mapping: + type: long + path_match: log.syslog.priority + - _embedded_ecs-code_to_long: + mapping: + type: long + path_match: '*.facility.code' + - _embedded_ecs-code_to_long: + mapping: + type: long + path_match: '*.severity.code' + - _embedded_ecs-bytes_to_long: + mapping: + type: long + match: bytes + path_unmatch: '*.data.bytes' + - _embedded_ecs-packets_to_long: + mapping: + type: long + match: packets + - _embedded_ecs-public_key_exponent_to_long: + mapping: + type: long + match: public_key_exponent + - _embedded_ecs-severity_to_long: + mapping: + type: long + path_match: event.severity + - _embedded_ecs-duration_to_long: + mapping: + type: long + path_match: event.duration + - _embedded_ecs-pid_to_long: + mapping: + type: long + match: pid + - _embedded_ecs-uptime_to_long: + mapping: + type: long + match: uptime + - _embedded_ecs-sequence_to_long: + mapping: + type: long + match: sequence + - _embedded_ecs-entropy_to_long: + mapping: + type: long + match: '*entropy' + - _embedded_ecs-size_to_long: + mapping: + type: long + match: '*size' + - _embedded_ecs-entrypoint_to_long: + mapping: + type: long + match: entrypoint + - _embedded_ecs-ttl_to_long: + mapping: + type: long + match: ttl + - _embedded_ecs-major_to_long: + mapping: + type: long + match: major + - _embedded_ecs-minor_to_long: + mapping: + type: long + match: minor + - _embedded_ecs-as_number_to_long: + mapping: + type: long + path_match: '*.as.number' + - _embedded_ecs-pgid_to_long: + mapping: + type: long + match: pgid + - _embedded_ecs-exit_code_to_long: + mapping: + type: long + match: exit_code + - _embedded_ecs-chi_to_long: + mapping: + type: long + match: chi2 + - _embedded_ecs-args_count_to_long: + mapping: + type: long + match: args_count + - _embedded_ecs-virtual_address_to_long: + mapping: + type: long + match: virtual_address + - _embedded_ecs-io_text_to_wildcard: + mapping: + type: wildcard + path_match: '*.io.text' + - _embedded_ecs-strings_to_wildcard: + mapping: + type: wildcard + path_match: registry.data.strings + - _embedded_ecs-path_to_wildcard: + mapping: + type: wildcard + path_match: '*url.path' + - _embedded_ecs-message_id_to_wildcard: + mapping: + type: wildcard + match: message_id + - _embedded_ecs-command_line_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: wildcard + match: command_line + - _embedded_ecs-error_stack_trace_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: wildcard + match: stack_trace + - _embedded_ecs-http_content_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: wildcard + path_match: '*.body.content' + - _embedded_ecs-url_full_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: wildcard + path_match: '*.url.full' + - _embedded_ecs-url_original_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: wildcard + path_match: '*.url.original' + - _embedded_ecs-user_agent_original_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: wildcard + path_match: user_agent.original + - _embedded_ecs-error_message_to_match_only: + mapping: + type: match_only_text + path_match: error.message + - _embedded_ecs-message_match_only_text: + mapping: + type: match_only_text + path_match: message + - _embedded_ecs-agent_name_to_keyword: + mapping: + type: keyword + path_match: agent.name + - _embedded_ecs-event_original_non_indexed_keyword: + mapping: + type: keyword + index: false + doc_values: false + path_match: 'event.original' + - _embedded_ecs-x509_public_key_exponent_non_indexed_keyword: + mapping: + type: keyword + index: false + doc_values: false + path_match: '*.x509.public_key_exponent' + - _embedded_ecs-service_name_to_keyword: + mapping: + type: keyword + path_match: '*.service.name' + - _embedded_ecs-sections_name_to_keyword: + mapping: + type: keyword + path_match: '*.sections.name' + - _embedded_ecs-resource_name_to_keyword: + mapping: + type: keyword + path_match: '*.resource.name' + - _embedded_ecs-observer_name_to_keyword: + mapping: + type: keyword + path_match: observer.name + - _embedded_ecs-question_name_to_keyword: + mapping: + type: keyword + path_match: '*.question.name' + - _embedded_ecs-group_name_to_keyword: + mapping: + type: keyword + path_match: '*.group.name' + - _embedded_ecs-geo_name_to_keyword: + mapping: + type: keyword + path_match: '*.geo.name' + - _embedded_ecs-host_name_to_keyword: + mapping: + type: keyword + path_match: host.name + - _embedded_ecs-severity_name_to_keyword: + mapping: + type: keyword + path_match: '*.severity.name' + - _embedded_ecs-title_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: keyword + match: title + - _embedded_ecs-executable_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: keyword + match: executable + - _embedded_ecs-file_path_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: keyword + path_match: '*.file.path' + - _embedded_ecs-file_target_path_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: keyword + path_match: '*.file.target_path' + - _embedded_ecs-name_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: keyword + match: name + - _embedded_ecs-full_name_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: keyword + match: full_name + - _embedded_ecs-os_full_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: keyword + path_match: '*.os.full' + - _embedded_ecs-working_directory_to_multifield: + mapping: + fields: + text: + type: match_only_text + type: keyword + match: working_directory + - _embedded_ecs-timestamp_to_date: + mapping: + type: date + match: timestamp + - _embedded_ecs-delivery_timestamp_to_date: + mapping: + type: date + match: delivery_timestamp + - _embedded_ecs-not_after_to_date: + mapping: + type: date + match: not_after + - _embedded_ecs-not_before_to_date: + mapping: + type: date + match: not_before + - _embedded_ecs-accessed_to_date: + mapping: + type: date + match: accessed + - _embedded_ecs-origination_timestamp_to_date: + mapping: + type: date + match: origination_timestamp + - _embedded_ecs-created_to_date: + mapping: + type: date + match: created + - _embedded_ecs-installed_to_date: + mapping: + type: date + match: installed + - _embedded_ecs-creation_date_to_date: + mapping: + type: date + match: creation_date + - _embedded_ecs-ctime_to_date: + mapping: + type: date + match: ctime + - _embedded_ecs-mtime_to_date: + mapping: + type: date + match: mtime + - _embedded_ecs-ingested_to_date: + mapping: + type: date + match: ingested + - _embedded_ecs-start_to_date: + mapping: + type: date + match: start + - _embedded_ecs-end_to_date: + mapping: + type: date + match: end + - _embedded_ecs-score_base_to_float: + mapping: + type: float + path_match: '*.score.base' + - _embedded_ecs-score_temporal_to_float: + mapping: + type: float + path_match: '*.score.temporal' + - _embedded_ecs-score_to_float: + mapping: + type: float + match: '*_score' + - _embedded_ecs-score_norm_to_float: + mapping: + type: float + match: '*_score_norm' + - _embedded_ecs-usage_to_float: + mapping: + scaling_factor: 1000 + type: scaled_float + match: usage + - _embedded_ecs-location_to_geo_point: + mapping: + type: geo_point + match: location + - _embedded_ecs-same_as_process_to_boolean: + mapping: + type: boolean + match: same_as_process + - _embedded_ecs-established_to_boolean: + mapping: + type: boolean + match: established + - _embedded_ecs-resumed_to_boolean: + mapping: + type: boolean + match: resumed + - _embedded_ecs-max_bytes_per_process_exceeded_to_boolean: + mapping: + type: boolean + match: max_bytes_per_process_exceeded + - _embedded_ecs-interactive_to_boolean: + mapping: + type: boolean + match: interactive + - _embedded_ecs-exists_to_boolean: + mapping: + type: boolean + match: exists + - _embedded_ecs-trusted_to_boolean: + mapping: + type: boolean + match: trusted + - _embedded_ecs-valid_to_boolean: + mapping: + type: boolean + match: valid + - _embedded_ecs-go_stripped_to_boolean: + mapping: + type: boolean + match: go_stripped + - _embedded_ecs-coldstart_to_boolean: + mapping: + type: boolean + match: coldstart + - _embedded_ecs-exports_to_flattened: + mapping: + type: flattened + match: exports + - _embedded_ecs-structured_data_to_flattened: + mapping: + type: flattened + match: structured_data + - _embedded_ecs-imports_to_flattened: + mapping: + type: flattened + match: '*imports' + - _embedded_ecs-attachments_to_nested: + mapping: + type: nested + match: attachments + - _embedded_ecs-segments_to_nested: + mapping: + type: nested + match: segments + - _embedded_ecs-elf_sections_to_nested: + mapping: + type: nested + path_match: '*.elf.sections' + - _embedded_ecs-pe_sections_to_nested: + mapping: + type: nested + path_match: '*.pe.sections' + - _embedded_ecs-macho_sections_to_nested: + mapping: + type: nested + path_match: '*.macho.sections' diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/access-event.json b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/access-event.json new file mode 100644 index 000000000..e762b2e45 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/access-event.json @@ -0,0 +1,16 @@ +{ + "events": [ + { + "@timestamp": "2016-10-25T12:49:34.000Z", + "message": "127.0.0.1 - - [07/Dec/2016:11:04:37 +0100] \"GET /test1 HTTP/1.1\" 404 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36\"\n" + }, + { + "@timestamp": "2016-10-25T12:49:34.000Z", + "message": "127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] \"GET /taga HTTP/1.1\" 404 169 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"\n" + }, + { + "@timestamp": "2020-10-25T12:49:34.000Z", + "message": "127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] \"GET /tagb HTTP/1.1\" 404 169 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"\n" + } + ] +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/access-raw.log b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/access-raw.log new file mode 100644 index 000000000..355980356 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/access-raw.log @@ -0,0 +1,12 @@ +127.0.0.1 - - [07/Dec/2016:11:04:37 +0100] "GET /test1 HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +127.0.0.1 - - [07/Dec/2016:11:04:58 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0" +127.0.0.1 - - [07/Dec/2016:11:04:59 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0" +127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] "GET /taga HTTP/1.1" 404 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0" +77.179.66.156 - - [07/Dec/2016:10:34:43 +0100] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [07/Dec/2016:10:34:43 +0100] "GET /favicon.ico HTTP/1.1" 404 571 "http://localhost:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [07/Dec/2016:10:43:18 +0100] "GET /test HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [07/Dec/2016:10:43:21 +0100] "GET /test HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [07/Dec/2016:10:43:23 +0100] "GET /test1 HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [25/Oct/2016:14:49:33 +0200] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36" +77.179.66.156 - - [25/Oct/2016:14:49:34 +0200] "GET /favicon.ico HTTP/1.1" 404 571 "http://localhost:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36" +77.179.66.156 - - [25/Oct/2016:14:50:44 +0200] "GET /adsasd HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36" \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/config.yml b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/config.yml new file mode 100644 index 000000000..30a2b50cf --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/benchmark/pipeline/config.yml @@ -0,0 +1 @@ +num_docs: 10000 diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/docker/docker-compose.d/hi.sh b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/docker/docker-compose.d/hi.sh new file mode 100644 index 000000000..3c7fa7b8e --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/docker/docker-compose.d/hi.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +echo "Hello!" diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/docker/docker-compose.yml b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/docker/docker-compose.yml new file mode 100644 index 000000000..a47c3a7b4 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/docker/docker-compose.yml @@ -0,0 +1,3 @@ +version: '2.3' +services: + hello_world: diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/.terraform.lock.hcl b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/.terraform.lock.hcl new file mode 100644 index 000000000..fbb6f39c1 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/.terraform.lock.hcl @@ -0,0 +1,8 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/google" { +} + +provider "registry.terraform.io/hashicorp/local" { +} diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/data.json b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/data.json new file mode 100644 index 000000000..7d70546a9 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/data.json @@ -0,0 +1,3 @@ +{ + "a": "data file containing json" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/main.tf b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/main.tf new file mode 100644 index 000000000..f6a81b458 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/main.tf @@ -0,0 +1 @@ +# A Terraform file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/some-module.tf b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/some-module.tf new file mode 100644 index 000000000..b6fc4c620 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/some-module.tf @@ -0,0 +1 @@ +hello \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/template.tftpl b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/template.tftpl new file mode 100644 index 000000000..d9e45e2a0 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/deploy/tf/template.tftpl @@ -0,0 +1 @@ +A Terraform template file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-event.json b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-event.json new file mode 100644 index 000000000..e762b2e45 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-event.json @@ -0,0 +1,16 @@ +{ + "events": [ + { + "@timestamp": "2016-10-25T12:49:34.000Z", + "message": "127.0.0.1 - - [07/Dec/2016:11:04:37 +0100] \"GET /test1 HTTP/1.1\" 404 571 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36\"\n" + }, + { + "@timestamp": "2016-10-25T12:49:34.000Z", + "message": "127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] \"GET /taga HTTP/1.1\" 404 169 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"\n" + }, + { + "@timestamp": "2020-10-25T12:49:34.000Z", + "message": "127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] \"GET /tagb HTTP/1.1\" 404 169 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0\"\n" + } + ] +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-event.json-expected.json b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-event.json-expected.json new file mode 100644 index 000000000..8ac18bd4f --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-event.json-expected.json @@ -0,0 +1,121 @@ +{ + "expected": [ + { + "@timestamp": "2016-12-07T10:04:37.000Z", + "nginx": { + "access": { + "remote_ip_list": [ + "127.0.0.1" + ] + } + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 571 + }, + "status_code": 404 + } + }, + "source": { + "address": "127.0.0.1", + "ip": "127.0.0.1" + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2016-10-25T12:49:34.000Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.98" + }, + "url": { + "original": "/test1" + } + }, + { + "@timestamp": "2016-12-07T10:05:07.000Z", + "nginx": { + "access": { + "remote_ip_list": [ + "127.0.0.1" + ] + } + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 169 + }, + "status_code": 404 + } + }, + "source": { + "address": "127.0.0.1", + "ip": "127.0.0.1" + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2016-10-25T12:49:34.000Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Firefox", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0", + "os": { + "name": "Mac OS X", + "version": "10.12", + "full": "Mac OS X 10.12" + }, + "device": { + "name": "Mac" + }, + "version": "49.0." + }, + "url": { + "original": "/taga" + } + }, + null + ] +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log new file mode 100644 index 000000000..355980356 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log @@ -0,0 +1,12 @@ +127.0.0.1 - - [07/Dec/2016:11:04:37 +0100] "GET /test1 HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +127.0.0.1 - - [07/Dec/2016:11:04:58 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0" +127.0.0.1 - - [07/Dec/2016:11:04:59 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0" +127.0.0.1 - - [07/Dec/2016:11:05:07 +0100] "GET /taga HTTP/1.1" 404 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0" +77.179.66.156 - - [07/Dec/2016:10:34:43 +0100] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [07/Dec/2016:10:34:43 +0100] "GET /favicon.ico HTTP/1.1" 404 571 "http://localhost:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [07/Dec/2016:10:43:18 +0100] "GET /test HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [07/Dec/2016:10:43:21 +0100] "GET /test HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [07/Dec/2016:10:43:23 +0100] "GET /test1 HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36" +77.179.66.156 - - [25/Oct/2016:14:49:33 +0200] "GET / HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36" +77.179.66.156 - - [25/Oct/2016:14:49:34 +0200] "GET /favicon.ico HTTP/1.1" 404 571 "http://localhost:8080/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36" +77.179.66.156 - - [25/Oct/2016:14:50:44 +0200] "GET /adsasd HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36" \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log-config.yml b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log-config.yml new file mode 100644 index 000000000..803e93630 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log-config.yml @@ -0,0 +1,8 @@ +fields: + "@timestamp": "2020-04-28T11:07:58.223Z" + ecs.version: "1.5.0" + event.category: + - web +dynamic_fields: + foobar: ".+" + a_numeric_field: "\\d+" diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log-expected.json b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log-expected.json new file mode 100644 index 000000000..4b619857f --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-access-raw.log-expected.json @@ -0,0 +1,910 @@ +{ + "expected": [ + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "127.0.0.1" + ] + } + }, + "source": { + "address": "127.0.0.1", + "ip": "127.0.0.1" + }, + "url": { + "original": "/test1" + }, + "@timestamp": "2016-12-07T10:04:37.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 571 + }, + "status_code": 404 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.98" + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "127.0.0.1" + ] + } + }, + "source": { + "address": "127.0.0.1", + "ip": "127.0.0.1" + }, + "url": { + "original": "/" + }, + "@timestamp": "2016-12-07T10:04:58.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 0 + }, + "status_code": 304 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "success" + }, + "user_agent": { + "name": "Firefox", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0", + "os": { + "name": "Mac OS X", + "version": "10.12", + "full": "Mac OS X 10.12" + }, + "device": { + "name": "Mac" + }, + "version": "49.0." + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "127.0.0.1" + ] + } + }, + "source": { + "address": "127.0.0.1", + "ip": "127.0.0.1" + }, + "url": { + "original": "/" + }, + "@timestamp": "2016-12-07T10:04:59.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 0 + }, + "status_code": 304 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "success" + }, + "user_agent": { + "name": "Firefox", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0", + "os": { + "name": "Mac OS X", + "version": "10.12", + "full": "Mac OS X 10.12" + }, + "device": { + "name": "Mac" + }, + "version": "49.0." + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "127.0.0.1" + ] + } + }, + "source": { + "address": "127.0.0.1", + "ip": "127.0.0.1" + }, + "url": { + "original": "/taga" + }, + "@timestamp": "2016-12-07T10:05:07.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 169 + }, + "status_code": 404 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Firefox", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:49.0) Gecko/20100101 Firefox/49.0", + "os": { + "name": "Mac OS X", + "version": "10.12", + "full": "Mac OS X 10.12" + }, + "device": { + "name": "Mac" + }, + "version": "49.0." + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "77.179.66.156" + ] + } + }, + "source": { + "geo": { + "continent_name": "Europe", + "region_iso_code": "DE-RP", + "city_name": "Germersheim", + "region_name": "Rheinland-Pfalz", + "location": { + "lon": 8.3639, + "lat": 49.2231 + }, + "country_iso_code": "DE" + }, + "as": { + "number": 6805, + "organization": { + "name": "Telefonica Germany" + } + }, + "address": "77.179.66.156", + "ip": "77.179.66.156" + }, + "url": { + "original": "/" + }, + "@timestamp": "2016-12-07T09:34:43.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "77.179.66.156" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 612 + }, + "status_code": 200 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "success" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.98" + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "77.179.66.156" + ] + } + }, + "source": { + "geo": { + "continent_name": "Europe", + "region_iso_code": "DE-RP", + "city_name": "Germersheim", + "region_name": "Rheinland-Pfalz", + "location": { + "lon": 8.3639, + "lat": 49.2231 + }, + "country_iso_code": "DE" + }, + "as": { + "number": 6805, + "organization": { + "name": "Telefonica Germany" + } + }, + "address": "77.179.66.156", + "ip": "77.179.66.156" + }, + "url": { + "original": "/favicon.ico" + }, + "@timestamp": "2016-12-07T09:34:43.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "77.179.66.156" + ] + }, + "http": { + "request": { + "method": "get", + "referrer": "http://localhost:8080/" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 571 + }, + "status_code": 404 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.98" + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "77.179.66.156" + ] + } + }, + "source": { + "geo": { + "continent_name": "Europe", + "region_iso_code": "DE-RP", + "city_name": "Germersheim", + "region_name": "Rheinland-Pfalz", + "location": { + "lon": 8.3639, + "lat": 49.2231 + }, + "country_iso_code": "DE" + }, + "as": { + "number": 6805, + "organization": { + "name": "Telefonica Germany" + } + }, + "address": "77.179.66.156", + "ip": "77.179.66.156" + }, + "url": { + "original": "/test" + }, + "@timestamp": "2016-12-07T09:43:18.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "77.179.66.156" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 571 + }, + "status_code": 404 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.98" + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "77.179.66.156" + ] + } + }, + "source": { + "geo": { + "continent_name": "Europe", + "region_iso_code": "DE-RP", + "city_name": "Germersheim", + "region_name": "Rheinland-Pfalz", + "location": { + "lon": 8.3639, + "lat": 49.2231 + }, + "country_iso_code": "DE" + }, + "as": { + "number": 6805, + "organization": { + "name": "Telefonica Germany" + } + }, + "address": "77.179.66.156", + "ip": "77.179.66.156" + }, + "url": { + "original": "/test" + }, + "@timestamp": "2016-12-07T09:43:21.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "77.179.66.156" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 571 + }, + "status_code": 404 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.98" + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "77.179.66.156" + ] + } + }, + "source": { + "geo": { + "continent_name": "Europe", + "region_iso_code": "DE-RP", + "city_name": "Germersheim", + "region_name": "Rheinland-Pfalz", + "location": { + "lon": 8.3639, + "lat": 49.2231 + }, + "country_iso_code": "DE" + }, + "as": { + "number": 6805, + "organization": { + "name": "Telefonica Germany" + } + }, + "address": "77.179.66.156", + "ip": "77.179.66.156" + }, + "url": { + "original": "/test1" + }, + "@timestamp": "2016-12-07T09:43:23.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "77.179.66.156" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 571 + }, + "status_code": 404 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.98 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.98" + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "77.179.66.156" + ] + } + }, + "source": { + "geo": { + "continent_name": "Europe", + "region_iso_code": "DE-RP", + "city_name": "Germersheim", + "region_name": "Rheinland-Pfalz", + "location": { + "lon": 8.3639, + "lat": 49.2231 + }, + "country_iso_code": "DE" + }, + "as": { + "number": 6805, + "organization": { + "name": "Telefonica Germany" + } + }, + "address": "77.179.66.156", + "ip": "77.179.66.156" + }, + "url": { + "original": "/" + }, + "@timestamp": "2016-10-25T12:49:33.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "77.179.66.156" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 612 + }, + "status_code": 200 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "success" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.59" + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "77.179.66.156" + ] + } + }, + "source": { + "geo": { + "continent_name": "Europe", + "region_iso_code": "DE-RP", + "city_name": "Germersheim", + "region_name": "Rheinland-Pfalz", + "location": { + "lon": 8.3639, + "lat": 49.2231 + }, + "country_iso_code": "DE" + }, + "as": { + "number": 6805, + "organization": { + "name": "Telefonica Germany" + } + }, + "address": "77.179.66.156", + "ip": "77.179.66.156" + }, + "url": { + "original": "/favicon.ico" + }, + "@timestamp": "2016-10-25T12:49:34.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "77.179.66.156" + ] + }, + "http": { + "request": { + "method": "get", + "referrer": "http://localhost:8080/" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 571 + }, + "status_code": 404 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.59" + } + }, + { + "event.category": [ + "web" + ], + "nginx": { + "access": { + "remote_ip_list": [ + "77.179.66.156" + ] + } + }, + "source": { + "geo": { + "continent_name": "Europe", + "region_iso_code": "DE-RP", + "city_name": "Germersheim", + "region_name": "Rheinland-Pfalz", + "location": { + "lon": 8.3639, + "lat": 49.2231 + }, + "country_iso_code": "DE" + }, + "as": { + "number": 6805, + "organization": { + "name": "Telefonica Germany" + } + }, + "address": "77.179.66.156", + "ip": "77.179.66.156" + }, + "url": { + "original": "/adsasd" + }, + "@timestamp": "2016-10-25T12:50:44.000Z", + "ecs": { + "version": "1.5.0" + }, + "related": { + "ip": [ + "77.179.66.156" + ] + }, + "http": { + "request": { + "method": "get" + }, + "version": "1.1", + "response": { + "body": { + "bytes": 571 + }, + "status_code": 404 + } + }, + "event": { + "category": [ + "web" + ], + "type": [ + "access" + ], + "created": "2020-04-28T11:07:58.223Z", + "kind": "event", + "outcome": "failure" + }, + "user_agent": { + "name": "Chrome", + "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.59 Safari/537.36", + "os": { + "name": "Mac OS X", + "version": "10.12.0", + "full": "Mac OS X 10.12.0" + }, + "device": { + "name": "Mac" + }, + "version": "54.0.2840.59" + } + } + ] +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-common-config.yml b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-common-config.yml new file mode 100644 index 000000000..ae9356ba6 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/pipeline/test-common-config.yml @@ -0,0 +1,6 @@ +multiline: + first_line_pattern: "^(?:[0-9]{1,3}\\.){3}[0-9]{1,3}" +numeric_keyword_fields: + - "foo.code" +string_number_fields: + - "foo.count" diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/policy/test-default.expected b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/policy/test-default.expected new file mode 100644 index 000000000..7d4ecbc69 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/policy/test-default.expected @@ -0,0 +1,34 @@ +inputs: + - data_stream: + namespace: ep + meta: + package: + name: apache + name: test-default-apache + streams: + - data_stream: + dataset: apache.access + type: logs + exclude_files: + - .gz$ + paths: + - /var/logs/apache/access.log* + tags: + - apache-access + type: logfile + use_output: default +output_permissions: + default: + _elastic_agent_checks: + cluster: + - monitor + _elastic_agent_monitoring: + indices: [] + uuid-for-permissions-on-related-indices: + indices: + - names: + - logs-apache.access-ep + privileges: + - auto_configure + - create_doc +secret_references: [] diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/policy/test-default.yml b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/policy/test-default.yml new file mode 100644 index 000000000..0d208e2e9 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/policy/test-default.yml @@ -0,0 +1,4 @@ +data_stream: + vars: + paths: + - "/var/logs/apache/access.log*" diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/system/test-default-config.yml b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/system/test-default-config.yml new file mode 100644 index 000000000..2d756c355 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/_dev/test/system/test-default-config.yml @@ -0,0 +1,4 @@ +wait_for_data_timeout: 10m +skip_ignored_fields: + - error.message +vars: ~ diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/elasticsearch/ingest_pipeline/default.yml b/test/packages/bad_agent_version_v3/data_stream/foo/elasticsearch/ingest_pipeline/default.yml new file mode 100644 index 000000000..dc1f86548 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/elasticsearch/ingest_pipeline/default.yml @@ -0,0 +1,8 @@ +--- +description: Pipeline for Microsoft DHCP + +processors: + - rename: + field: foo + target_field: message + ignore_missing: true diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/fields/base-fields.yml.link b/test/packages/bad_agent_version_v3/data_stream/foo/fields/base-fields.yml.link new file mode 100644 index 000000000..94bff2bac --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/fields/base-fields.yml.link @@ -0,0 +1 @@ +../../../_dev/shared/base-fields.yml 092c60ec1f7725d278aa0564d946f6803736c436239c4ca20049013a4ce8e91c diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/fields/external-fields.yml b/test/packages/bad_agent_version_v3/data_stream/foo/fields/external-fields.yml new file mode 100644 index 000000000..37ac197b9 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/fields/external-fields.yml @@ -0,0 +1,11 @@ +- name: "@timestamp" + external: ecs +- name: event + type: group + description: Event family + fields: + - name: category + external: ecs +- name: timeseries + external: ecs + metric_type: gauge diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/fields/some_fields.yml b/test/packages/bad_agent_version_v3/data_stream/foo/fields/some_fields.yml new file mode 100644 index 000000000..b3bf8d90f --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/fields/some_fields.yml @@ -0,0 +1,96 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 +- name: foobar + type: text + description: A field with a pattern defined + pattern: '^[a-zA-Z]$' + example: abcd +- name: aaa + type: integer + metric_type: gauge + example: 42 +- name: vehicle_type + type: constant_keyword + value: truck +- name: error.message + description: Error message. + type: match_only_text + example: + - "something failed!" + - "panic now" +- name: metric.*_bytes + type: long +- name: a + type: nested + include_in_parent: true +- name: a.b + type: keyword +- name: c + type: nested + include_in_root: true +- name: c.d + type: keyword +- name: name-with-dash + type: keyword +- name: a/b + type: keyword +- name: a/b.c/d + type: keyword +- name: time-with-format + type: date + date_format: yyyy-MM-dd +- name: agg_metric_field + type: aggregate_metric_double + metrics: ["min", "max", "sum", "value_count"] + default_metric: "max" +- name: runtime_boolean + type: boolean + runtime: true +- name: runtime_string + type: keyword + runtime: | + doc['message'].value().doSomething() +- name: metric.a.*.gauge + type: object + object_type: integer + metric_type: gauge +- name: metric.b.*.gauge + type: integer + metric_type: gauge +- name: metric.c.*.gauge + type: aggregate_metric_double + metric_type: gauge + default_metric: max + metrics: + - min + - max +- name: empty_expected_values + type: keyword + expected_values: [] +- name: some_counted_keyword + type: counted_keyword +- name: counted_keyword_non_indexed + type: counted_keyword + index: false diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/lifecycle.yml b/test/packages/bad_agent_version_v3/data_stream/foo/lifecycle.yml new file mode 100644 index 000000000..3fe3776ec --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/lifecycle.yml @@ -0,0 +1 @@ +data_retention: "7d" diff --git a/test/packages/bad_agent_version_v3/data_stream/foo/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/foo/manifest.yml new file mode 100644 index 000000000..4982be628 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/foo/manifest.yml @@ -0,0 +1,86 @@ +title: Nginx access logs +type: logs +streams: + - input: logfile + required_vars: + password: + - name: stream_password + select: + - name: my_select + token_file: + - name: bearer_token_file + vars: + - name: stream_password + type: password + title: Stream Level Secret + show_user: true + secret: true + - name: empty_array + type: text + title: Empty array + multi: true + required: false + show_user: true + default: [] + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/access.log* + - name: server_status_path + type: text + title: Server Status Path + multi: false + required: true + show_user: false + default: /server-status + - name: my_select + type: select + title: My Select + multi: false + required: false + show_user: false + options: + - value: foo + text: Foo + - value: bar + text: Bar + title: Nginx access logs + description: Collect Nginx access logs +dataset_is_prefix: true +elasticsearch: + index_template: + settings: + index: + mapping: + nested_fields: + limit: 80 + total_fields: + limit: 5000 + dimension_fields: + limit: 32 + number_of_shards: 1 + mappings: + dynamic: strict + dynamic_templates: + - histogram: + mapping: + type: histogram + - summary: + mapping: + type: aggregate_metric_double + metrics: + - sum + - value_count + default_metric: value_count + - double: + mapping: + type: double + index: false + ingest_pipeline: + name: foobar + privileges: + indices: [auto_configure, create_doc, monitor] diff --git a/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/fields/some_fields.yml b/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/fields/some_fields.yml new file mode 100644 index 000000000..f9b0e048d --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/fields/some_fields.yml @@ -0,0 +1,14 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 +- name: foobar + type: text + description: A field with a pattern defined + pattern: '^[a-zA-Z]$' diff --git a/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/manifest.yml new file mode 100644 index 000000000..945285c87 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/hidden_data_stream/manifest.yml @@ -0,0 +1,7 @@ +title: Hidden data stream and ilm policy overrride +type: metrics +hidden: true +elasticsearch: + index_template: + mappings: + dynamic: false diff --git a/test/packages/bad_agent_version_v3/data_stream/ilm_policy/elasticsearch/ilm/diagnostics.json b/test/packages/bad_agent_version_v3/data_stream/ilm_policy/elasticsearch/ilm/diagnostics.json new file mode 100644 index 000000000..8d248d82b --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/ilm_policy/elasticsearch/ilm/diagnostics.json @@ -0,0 +1,15 @@ +{ + "policy": { + "phases": { + "hot": { + "min_age": "0ms", + "actions": { + "rollover": { + "max_size": "10gb", + "max_age": "1d" + } + } + } + } + } +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/ilm_policy/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/ilm_policy/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/ilm_policy/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/ilm_policy/fields/some_fields.yml b/test/packages/bad_agent_version_v3/data_stream/ilm_policy/fields/some_fields.yml new file mode 100644 index 000000000..f9b0e048d --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/ilm_policy/fields/some_fields.yml @@ -0,0 +1,14 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 +- name: foobar + type: text + description: A field with a pattern defined + pattern: '^[a-zA-Z]$' diff --git a/test/packages/bad_agent_version_v3/data_stream/ilm_policy/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/ilm_policy/manifest.yml new file mode 100644 index 000000000..985aed3c7 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/ilm_policy/manifest.yml @@ -0,0 +1,7 @@ +title: Hidden data stream and ilm policy overrride +type: metrics +ilm_policy: metrics-good_v3.ilm_policy-diagnostics +elasticsearch: + index_template: + mappings: + dynamic: false diff --git a/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/_dev/deploy/k8s/shell-demo.yaml b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/_dev/deploy/k8s/shell-demo.yaml new file mode 100644 index 000000000..94ed13152 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/_dev/deploy/k8s/shell-demo.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Pod +metadata: + name: shell-demo +spec: + volumes: + - name: shared-data + emptyDir: {} + containers: + - name: nginx + image: nginx + volumeMounts: + - name: shared-data + mountPath: /usr/share/nginx/html + hostNetwork: true + dnsPolicy: Default diff --git a/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/manifest.yml new file mode 100644 index 000000000..9348ebc2d --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream/manifest.yml @@ -0,0 +1,14 @@ +title: Data stream using Kubernetes service deployer for tests +type: logs +streams: + - input: logfile + vars: + - name: server_status_path + type: text + title: Server Status Path + multi: false + required: true + show_user: false + default: /server-status + title: Nginx access logs + description: Collect Nginx access logs diff --git a/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream_no_definitions/_dev/deploy/k8s/.empty b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream_no_definitions/_dev/deploy/k8s/.empty new file mode 100644 index 000000000..e69de29bb diff --git a/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream_no_definitions/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream_no_definitions/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream_no_definitions/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream_no_definitions/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream_no_definitions/manifest.yml new file mode 100644 index 000000000..74a81d713 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/k8s_data_stream_no_definitions/manifest.yml @@ -0,0 +1,14 @@ +title: Data stream using Kubernetes service deployer for tests (without custom definitions) +type: logs +streams: + - input: logfile + vars: + - name: server_status_path + type: text + title: Server Status Path + multi: false + required: true + show_user: false + default: /server-status + title: Nginx access logs + description: Collect Nginx access logs diff --git a/test/packages/bad_agent_version_v3/data_stream/pe/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/pe/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/pe/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/pe/fields/some_fields.yml b/test/packages/bad_agent_version_v3/data_stream/pe/fields/some_fields.yml new file mode 100644 index 000000000..f6cfa585d --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/pe/fields/some_fields.yml @@ -0,0 +1,24 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 diff --git a/test/packages/bad_agent_version_v3/data_stream/pe/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/pe/manifest.yml new file mode 100644 index 000000000..61ae8a0a4 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/pe/manifest.yml @@ -0,0 +1,22 @@ +title: pe sample +type: logs +streams: + - input: logfile + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/access.log* + - name: server_status_path + type: text + title: Server Status Path + multi: false + required: true + show_user: false + default: /server-status + title: Nginx access logs + description: Collect Nginx access logs diff --git a/test/packages/bad_agent_version_v3/data_stream/rename_message/agent/stream/stream.yml.hbs b/test/packages/bad_agent_version_v3/data_stream/rename_message/agent/stream/stream.yml.hbs new file mode 100644 index 000000000..5845510de --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/rename_message/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths as |path i|}} + - {{path}} +{{/each}} +exclude_files: [".gz$"] +processors: + - add_locale: ~ diff --git a/test/packages/bad_agent_version_v3/data_stream/rename_message/elasticsearch/ingest_pipeline/default.yml b/test/packages/bad_agent_version_v3/data_stream/rename_message/elasticsearch/ingest_pipeline/default.yml new file mode 100644 index 000000000..f50b2061f --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/rename_message/elasticsearch/ingest_pipeline/default.yml @@ -0,0 +1,15 @@ +--- +description: Test pipeline with renaming processor +processors: + # cf. https://github.com/elastic/integrations/pull/7026/files#diff-dafc5693f21abb74b294987b502cdc5770f22cccff3c5a8fee0d48510791b811 + - rename: + field: message + target_field: event.original + ignore_missing: true + if: 'ctx.event?.original == null' + description: 'Renames the original `message` field to `event.original` to store a copy of the original message. The `event.original` field is not touched if the document already has one; it may happen when Logstash sends the document.' + - remove: + field: message + ignore_missing: true + if: 'ctx.event?.original != null' + description: 'The `message` field is no longer required if the document has an `event.original` field.' diff --git a/test/packages/bad_agent_version_v3/data_stream/rename_message/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/rename_message/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/rename_message/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/rename_message/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/rename_message/manifest.yml new file mode 100644 index 000000000..f8e8a1e84 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/rename_message/manifest.yml @@ -0,0 +1,13 @@ +title: "Rename Message" +type: logs +streams: + - input: logfile + title: Sample logs + description: Collect sample logs + vars: + - name: paths + type: text + title: Paths + multi: true + default: + - /var/log/*.log diff --git a/test/packages/bad_agent_version_v3/data_stream/root/agent/stream/stream.yml.hbs b/test/packages/bad_agent_version_v3/data_stream/root/agent/stream/stream.yml.hbs new file mode 100644 index 000000000..5845510de --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/root/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths as |path i|}} + - {{path}} +{{/each}} +exclude_files: [".gz$"] +processors: + - add_locale: ~ diff --git a/test/packages/bad_agent_version_v3/data_stream/root/elasticsearch/ingest_pipeline/default.yml b/test/packages/bad_agent_version_v3/data_stream/root/elasticsearch/ingest_pipeline/default.yml new file mode 100644 index 000000000..1a308fded --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/root/elasticsearch/ingest_pipeline/default.yml @@ -0,0 +1,10 @@ +--- +description: Pipeline for processing sample logs +processors: +- set: + field: sample_field + value: "1" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/test/packages/bad_agent_version_v3/data_stream/root/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/root/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/root/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/root/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/root/manifest.yml new file mode 100644 index 000000000..c7db650c0 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/root/manifest.yml @@ -0,0 +1,16 @@ +title: "Data Stream with root permissions" +type: logs +streams: + - input: logfile + title: Sample logs + description: Collect sample logs + vars: + - name: paths + type: text + title: Paths + multi: true + default: + - /var/log/*.log +agent: + privileges: + root: true diff --git a/test/packages/bad_agent_version_v3/data_stream/routing_rules/agent/stream/stream.yml.hbs b/test/packages/bad_agent_version_v3/data_stream/routing_rules/agent/stream/stream.yml.hbs new file mode 100644 index 000000000..5845510de --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/routing_rules/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths as |path i|}} + - {{path}} +{{/each}} +exclude_files: [".gz$"] +processors: + - add_locale: ~ diff --git a/test/packages/bad_agent_version_v3/data_stream/routing_rules/elasticsearch/ingest_pipeline/default.yml b/test/packages/bad_agent_version_v3/data_stream/routing_rules/elasticsearch/ingest_pipeline/default.yml new file mode 100644 index 000000000..81221adf3 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/routing_rules/elasticsearch/ingest_pipeline/default.yml @@ -0,0 +1,10 @@ +--- +description: Pipeline for processing sample logs +processors: +- set: + field: sample_field + value: "1" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/routing_rules/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/routing_rules/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/routing_rules/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/routing_rules/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/routing_rules/manifest.yml new file mode 100644 index 000000000..1f4d7dae5 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/routing_rules/manifest.yml @@ -0,0 +1,14 @@ +title: "This data stream contains routing rules definitions" +type: logs +dataset: routing_rules +streams: + - input: logfile + title: Sample logs + description: Collect sample logs + vars: + - name: paths + type: text + title: Paths + multi: true + default: + - /var/log/*.log diff --git a/test/packages/bad_agent_version_v3/data_stream/routing_rules/routing_rules.yml b/test/packages/bad_agent_version_v3/data_stream/routing_rules/routing_rules.yml new file mode 100644 index 000000000..7c995f362 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/routing_rules/routing_rules.yml @@ -0,0 +1,35 @@ +# "Local" routing rules are included under this current dataset, not a special case +- source_dataset: routing_rules + rules: # Route error logs to `routing_rules.error` when they're sourced from an error logfile + - target_dataset: routing_rules.error + if: "ctx?.file?.path?.contains('/var/log/routing_rules/error')" + namespace: + - "{{labels.data_stream.namespace}}" + - default + # Route access logs to `routing_rules.access` when they're sourced from an access logfile + - target_dataset: routing_rules.access + if: "ctx?.file?.path?.contains('/var/log/routing_rules/access')" + namespace: + - "{{labels.data_stream.namespace}}" + - default +# Route K8's container logs to this catch-all dataset for further routing +- source_dataset: k8s.router + rules: + - target_dataset: routing_rules + if: "ctx?.container?.image?.name == 'routing_rules'" + namespace: + - "{{labels.data_stream.namespace}}" + - default +# Route syslog entries tagged with routing_rules to this catch-all dataset +- source_dataset: syslog + rules: + - target_dataset: routing_rules + if: "ctx?.tags?.contains('routing_rules')" + namespace: + - "{{labels.data_stream.namespace}}" + - default +# Route syslog entries without given namespace +- source_dataset: syslog + rules: + - target_dataset: routing_rules + if: "ctx?.tags?.contains('routing_rules')" diff --git a/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/env.txt b/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/env.txt new file mode 100644 index 000000000..cfb8db476 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/env.txt @@ -0,0 +1,59 @@ +[!exec:echo] skip 'Skipping test requiring absent echo command' + +exec echo ${PKG} +stdout '^with_script$' + +exec echo ${PKG_ROOT} +stdout 'github\.com/elastic/elastic-package/test/packages/other/with_script$' + +exec echo ${DATA_STREAM} +stdout '^first$' + +exec echo ${DATA_STREAM_ROOT} +stdout 'github\.com/elastic/elastic-package/test/packages/other/with_script/data_stream/first$' + +exec echo ${CURRENT_VERSION} +stdout '^0\.0\.2$' + +exec echo ${PREVIOUS_VERSION} +stdout '^0\.0\.1$' + +exec echo ${FIELDS_QUERY} +cmp stdout want_query.text + +-- want_query.text -- +{ + "fields": [ + "*" + ], + "runtime_mappings": { + "my_ignored": { + "type": "keyword", + "script": { + "source": "for (def v : params['_fields']._ignored.values) { emit(v); }" + } + } + }, + "aggs": { + "all_ignored": { + "filter": { + "exists": { + "field": "_ignored" + } + }, + "aggs": { + "ignored_fields": { + "terms": { + "size": 100, + "field": "my_ignored" + } + }, + "ignored_docs": { + "top_hits": { + "size": 5 + } + } + } + } + } +} diff --git a/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/noop.txt b/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/noop.txt new file mode 100644 index 000000000..2fb83075b --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/noop.txt @@ -0,0 +1 @@ +# This is a noop test. \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/noop.txtar b/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/noop.txtar new file mode 100644 index 000000000..2b099a371 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/script_tests/_dev/test/scripts/noop.txtar @@ -0,0 +1 @@ +# This is a noop test. diff --git a/test/packages/bad_agent_version_v3/data_stream/script_tests/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/script_tests/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/script_tests/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/script_tests/fields/some_fields.yml b/test/packages/bad_agent_version_v3/data_stream/script_tests/fields/some_fields.yml new file mode 100644 index 000000000..5c0c5687a --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/script_tests/fields/some_fields.yml @@ -0,0 +1,28 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 +- name: foobar + type: text + description: A field with a pattern defined + pattern: '^[a-zA-Z]$' diff --git a/test/packages/bad_agent_version_v3/data_stream/script_tests/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/script_tests/manifest.yml new file mode 100644 index 000000000..eeaac10a6 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/script_tests/manifest.yml @@ -0,0 +1,2 @@ +title: Package with script tests +type: metrics diff --git a/test/packages/bad_agent_version_v3/data_stream/skipped_tests/_dev/test/static/test-default-config.yml b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/_dev/test/static/test-default-config.yml new file mode 100644 index 000000000..37e718215 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/_dev/test/static/test-default-config.yml @@ -0,0 +1,3 @@ +skip: + reason: Test was skipped to test skipped test feature in spec. + link: https://github.com/elastic/integrations/issues/0 diff --git a/test/packages/bad_agent_version_v3/data_stream/skipped_tests/_dev/test/system/test-default-config.yml b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/_dev/test/system/test-default-config.yml new file mode 100644 index 000000000..7dbd2b771 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/_dev/test/system/test-default-config.yml @@ -0,0 +1,9 @@ +skip: + reason: Test was skipped to test skipped test feature in spec. + link: https://github.com/elastic/integrations/issues/520 +input: foo +vars: ~ +data_stream: + vars: + paths: + - "{{SERVICE_LOGS_DIR}}/access.log" diff --git a/test/packages/bad_agent_version_v3/data_stream/skipped_tests/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/skipped_tests/fields/some_fields.yml b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/fields/some_fields.yml new file mode 100644 index 000000000..5c0c5687a --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/fields/some_fields.yml @@ -0,0 +1,28 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 +- name: foobar + type: text + description: A field with a pattern defined + pattern: '^[a-zA-Z]$' diff --git a/test/packages/bad_agent_version_v3/data_stream/skipped_tests/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/manifest.yml new file mode 100644 index 000000000..a45b93e03 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/skipped_tests/manifest.yml @@ -0,0 +1,2 @@ +title: Package with skipped tests +type: metrics diff --git a/test/packages/bad_agent_version_v3/data_stream/subobjects/fields/base-fields.yml b/test/packages/bad_agent_version_v3/data_stream/subobjects/fields/base-fields.yml new file mode 100644 index 000000000..7c798f453 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/subobjects/fields/base-fields.yml @@ -0,0 +1,12 @@ +- name: data_stream.type + type: constant_keyword + description: Data stream type. +- name: data_stream.dataset + type: constant_keyword + description: Data stream dataset. +- name: data_stream.namespace + type: constant_keyword + description: Data stream namespace. +- name: '@timestamp' + type: date + description: Event timestamp. diff --git a/test/packages/bad_agent_version_v3/data_stream/subobjects/fields/some_fields.yml b/test/packages/bad_agent_version_v3/data_stream/subobjects/fields/some_fields.yml new file mode 100644 index 000000000..c5dbc1029 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/subobjects/fields/some_fields.yml @@ -0,0 +1,13 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: a.labels.* + type: object + object_type: keyword + subobjects: false + - name: b.labels + type: object + object_type: keyword + subobjects: false diff --git a/test/packages/bad_agent_version_v3/data_stream/subobjects/manifest.yml b/test/packages/bad_agent_version_v3/data_stream/subobjects/manifest.yml new file mode 100644 index 000000000..32a327683 --- /dev/null +++ b/test/packages/bad_agent_version_v3/data_stream/subobjects/manifest.yml @@ -0,0 +1,26 @@ +title: subojects +type: logs +elasticsearch: + index_template: + mappings: + subobjects: true +streams: + - input: logfile + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/access.log* + - name: server_status_path + type: text + title: Server Status Path + multi: false + required: true + show_user: false + default: /server-status + title: Nginx access logs + description: Collect Nginx access logs diff --git a/test/packages/bad_agent_version_v3/docs/README.md b/test/packages/bad_agent_version_v3/docs/README.md new file mode 100644 index 000000000..1a9dfb44c --- /dev/null +++ b/test/packages/bad_agent_version_v3/docs/README.md @@ -0,0 +1 @@ +This is a template for the package README. \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/docs/knowledge_base/README.md b/test/packages/bad_agent_version_v3/docs/knowledge_base/README.md new file mode 100644 index 000000000..5e5d0214e --- /dev/null +++ b/test/packages/bad_agent_version_v3/docs/knowledge_base/README.md @@ -0,0 +1,12 @@ +# Knowledge Base Directory + +This directory contains markdown files that provide AI assistant context for the integration. + +Markdown files in this directory will be available to AI assistants to provide context when users ask questions about this integration. This helps improve the quality and accuracy of AI-generated responses about the integration. + +## Guidelines for creating knowledge base files + +1. Files must be in markdown format with the `.md` extension +2. Files can have any name, but should be descriptive +3. Nested directories are not allowed +4. Content should be focused on providing helpful context about the integration diff --git a/test/packages/bad_agent_version_v3/docs/knowledge_base/example.md b/test/packages/bad_agent_version_v3/docs/knowledge_base/example.md new file mode 100644 index 000000000..15e044814 --- /dev/null +++ b/test/packages/bad_agent_version_v3/docs/knowledge_base/example.md @@ -0,0 +1,19 @@ +# Example Knowledge Base Content + +This is an example knowledge base article in markdown format for the Elastic integration. + +## Features + +- Provides context to AI assistants +- Supports markdown formatting +- Can include code examples + +```python +def example_function(): + print("This is an example function") + return True +``` + +## Usage + +This knowledge base article can be referenced by AI assistants to help users troubleshoot and understand the integration. diff --git a/test/packages/bad_agent_version_v3/elasticsearch/ingest_pipeline/default.yml b/test/packages/bad_agent_version_v3/elasticsearch/ingest_pipeline/default.yml new file mode 100644 index 000000000..8b82f17ae --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/ingest_pipeline/default.yml @@ -0,0 +1,8 @@ +--- +description: Pipeline for ml model + plugins. +processors: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- terminate: diff --git a/test/packages/bad_agent_version_v3/elasticsearch/ml_model/good_v3_ml_model_abc_1.json b/test/packages/bad_agent_version_v3/elasticsearch/ml_model/good_v3_ml_model_abc_1.json new file mode 100644 index 000000000..9d5e9fc63 --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/ml_model/good_v3_ml_model_abc_1.json @@ -0,0 +1,99 @@ +{ + "model_id": "default", + "version": "8.0.0", + "create_time": 1632242448443, + "estimated_heap_memory_usage_bytes": 365968, + "description": "for api test", + "compressed_definition": "H4sIAAAAAAAA/9S9W5Mc15Gl+1dkeJgndtq+xL6E3goXApAAAgcFEmSPjdHQZJGCDQVqQLB7aG3672d9nlm4VEYscGSaPna6ZZSYkRUZsbdvvy5f/p+3/vbm6m9vfv7u6pdffn7zy60//vf/vPXDm6v/9evV6+9++1b/+Pn7V69/vPVHffrq6qfvb/3x1p2Xb968unpz67NbP1y9fPvrm6tvX7/869X7C9+++3O+8u5Wf335N+7y51f/9vL1yz9cvHrz06vXV/q9dCh1HcvodUl9XVLq7bNbj37+8Ze3L3/5C9/7j5e/Hb/Wak9z5Qtr7Yu+de/yX3R9+9qfrt7e1uNt/uXf//73z/7z1tuXb368evvtX69evv7Ee35/9cPLX396++2/v/zp1ytumMscbUlltlp77uvuUhx/g5/Qba5/8LgQHz5gLi2NJa1dt1xaWZcP323j4tbybHxtY61zXdM6xrJoRdZUrtfC7/jdq1/e6iZ/+/nN24d3z/f9o8t+97958oKnSLn3seQxWhtLmzVrwx7eeX68lEvvLOuUUORZdeny4ou4lNpsc1mXmceipW/1s1vPLo9/lYo2ufRR6tAXah+f3brz/PJ4w5r6XJeV1+6jlvnZredfpRzXShr1w9vqzx7ce3S8o1aolTLaWFet2dSl21/cO17S0n10V93y6Vf3j782U+m5jqm/aovEjQf5cu8ZHz5/fHqzJY255NrXdXY9yWe37j56cLyUa8va1bqUZe29pKLnf5KPz6+HWLSXy1LWtdQqQbx7/fjna3X5p9NzzNbLklvT/o/ZkJQHX9w9Pf1aJBzL0Ju1wnt9+fDJ8coyR269Dm1cL7PoKZ49Pj1FWlJrc+akv516fv3Ug4vT/XSwx5rron2uM+kBv3h22metRSl5lKzX0hlCBC7unu7XdFT1VlqnOUfVAz6+/GZvDS/vfr536elFqqdrI9W1aMu0Y7XoeT+7dfHsKFWlLlq5sRat/ZIXZFFvVk5CkNsiGc36m7XkzHY+vPPFzlvf+9d7e3e88829+3tP+dWznE67mVdJjoStaLNb1vLfvp/21vjei2e7z/jVvdSOj6InaWVqgSWLa9alRw9PIncuw48enO44c85DoiYBHuvQVj9+eNrqrdP5zbNdifvqKDwl96rnapKrdWlr0Ya+uDhqgjIl9lM7UyXBOjVaj8/vPDk94ZqXOnRTPUYrLONXD+/trdTdF3dOh/Ncei4f3dk9S08fPNrbmPuPnx4v9Zr0KLNoEecinaB9efSVuePnu0J3/1oMdL60fpKRooPVE7rgWpVt7Mztzx/uvtzXD49H46OfyieFdbH7JN+8OD5JnVWStdSk904LW3Pn7q6oPrj8avcZJSOnQzN6zzlNvdUykzSATv3XD25/eTob2vBey5CUYEH1h39++PXeMj/74smujN/98vaeon7+5eWuSD5/tLtxXz96fC15esRR3jkmcie+uL2n0P712VFRL2suWUs2xqhjaAMkyc8udh//9pPTOdywGLefXEvJuSI86fes15YCX/X/uppYxztPH+z+2hf3n+y+9u37z3aF68nlo10j+uWjvW17eu/P+792rT43rt15Z6FuKqBvvtx97duPTo8vU6I3aLnJhmbtnJ7j4UkNblivR8+/2LOGl9/c3VGej7+8c7rfUvTSWul1leZa9Bh/+nz/nZ89vLMnj19cnBS8hKePrnMolSZriEZ7/mJ3Xx7febgrPd988697G/Pg9GZZUiofNun5Fp2eUDEv9lXMw5N7sPVulxdf7WmL219+vi9Yzz7fv+XnT3bV1uW9i72lvH95rSzOFMKdR/f2he7pvt69++WzXdV098sdw3zn5ApuKsl7j3df7fZFKvsb/uf9N3h87R+fHZtH91/sKLRHF5e797t/vSIb1+5+fa11z5XMnevnON+Apw++3nXS7n69ryQfPN5dkfv33rlG56v16OHek1zeebQvXBf7onD5+e3dv7tzkcbuIXhyuXvPRxdf73sRD5/vvd3zp/tm/c79L/aF7/LprtK4eHjn8d7BuvdsXzU8fnixe8+7l493n+X2kzR3b/r0xf4p+dPFvv24/+4Ft9bzYv9h7j7aX7Tbl7vPeXHtTGxt0td7135f+uFm0L2RhJCD1bNCv5YmYf0nAnOTizg9q7yXtfW+xMMmPfW7N9y4clqXjSun1dy4ctqDjSunndu4ctrvrbsdpWTrCU7CtXHpJJNbL7T7cCf531qe06nZut3uG52O6MaV08HeXLnnO1dOOmRzFfZ26FpfbVw6qbmtKxd7j3BSqVuL8Ghv5a6199ZzP9hb05Op2LryYO/KnV35OZmyrYd7ur/ae2t6MrVbi7D7BCejvrUGJ19g64/u7S3PyfHYuHJyVrYW4ejhbN1tdxFO3tTmMX6yJyP39kT75O1tXDn5iFvL8+XelZM7unHl5MRu3e3FnpSe/OWNKycne2t/7uzd7eTQb1y5jgK2tu4YO2xpxmPEsfUIX+79zXVos5b24X/6u3hoU/cco6itlXu0Jz2ngG1Lev60J4un0HDrEe7tverz3d85ha5bv3N/76lPYfLmaXiwex53f+fJ3nk8Bf8bV04pg40rpzxDzvJS5JvVnNfSe36Xm9j4k+uExpYg7Br2U/JkU1fs/dApT7Nx5ZTc2Xq465TQaMvIXTG7PH/9S3ufSto6kZd75/uUttqSxWOqi9iIj+YslQLJ8i5BtvV0x6xaznKFS1OsXFuvJb/PxW1pmMs9jXlK+20arl0d92jvTU95yc277e3qKQW6tasv9q6csq0lzbUpiqpzprb2dX2Xot34m1NeNy+py/d+93/zXTJ4UyntncfrvPOWvX2w90enDPfWC12nxc/V3ymbvqktdnXzdeY+9yWPNSddkEeuc/k+4b/lTh7LBLnVufT3/3xXWdg6X493D8SpjFGqgoH1/T+X99WPrRW/uyd1p0LLlnRf7NnCU0ln63ce7J2v6+LRxqVTyWnr8O+a8Mtdo3J3Vz1fV9FuqAWCzFPxbWsVnu96X8/3HuHprl92qihuver+Y3+1K4+nkufWcu+qpstd7/RUkd1SqE+2HZnfW0x+oTj1L1sQgg8u+kLynZ+uXh6r48tapyL9ssp8pNmknJ69fPV659Ldl399+aMe6A8vXr3+fuc7d376+dfvf9u5+ODq5b//9ofPf/5x5/rzv/z6+vurN3/4b3949OrHv7x9HS+/faeXr37auXT56+vX2w/w+1MH75f4PHEwimxtH21tJVN2tttg0gbvn7PMpfZSS6sjkwH64PXOL+2t0cZNPlrt8+sfbNX5xfO9Pv/OO1HZuve1hN289nuk/POfeLW7Vz+9/O35b3+7Opf0G1/w0v7Fz3+Ib/I4XSpKJkPPUpfRqdc9evn2CpDHd29e/vDWffGLi0t3+bTj779yo8jasJMnZMsHX/oYQbEgv1ff/frm1dvfPviSNMWsWsJZyiJ/6nfmwM5X8VyY89LBsYBa6EvAXj6x0k6gzx4816GnXRPZRJ2UurEA+eP/K21jJXXcylhTXylALXm2G5uRy7rqmCetd13SDC9me1c3vvmhdJxd/v3C+vzVX68e/Pzrhlb++LoX1TwOrcsRyutouecldn8rP1oPTb6Szpaed1lmz7vfzFnbkArIGH139v0v6rfbqPLAgNDoT8b+V+Ux6ZeXXKv8P0rgu19tBxAK2jPKvX1d9n+/LAfpiNqp5yf5EmP/prkcJFL6KI+0lDHM25eDTgx1yNlr1W3r/lfrQcvT9F0dt0X/wzzqYZVoUx5ZJJf6j7nrIVUq2yNRCi3D3bXKFZ46iG2tUgdpf/1LPoyWZp9Nby9hMZtaDz21pWphx8z6ut9/hZIyl00Gc2Tz+/OgtdRGTX2pt7QvprontQ0FfyBUpAj2vzoOWqLSZ0m5EaOvTqKBOs4p7ZKkMboV1C6vdOqTLh9r7BdN8oEKSWnaLYoxVlDKQSs0OgLYqz4zj3rQj5eqt09LH4oD9x+gE4SgjaXost5r/6alHbSZrfS+KqbWfrmVksmoUepoSad7f6W6vqnnY5sUfMoWuAct4eg3LVVqeTXndNFBITyTCzZS6u6c6PTrnZZF/6QqnPe/uh5W6smxA3qSaja1HLosNeBOnWy91v77r4chI6XjxH4qAvTKrylg1cEDb7g2I/5I1bqMCkZLZ9qJH6hY8HxSlqPNvn9O50GxFoGyvtdBAhndKwGR2qO2nnI3qkcPKv2UZ9XZbxLCdX/1J6AnSZW8lizNNvalbyFIl4PTgWf2ar6ZZHnWLoGSmyRtttT9JV11onIj4JTL0pK5KcdU9rFo8alhFnPTflhaX3RlTP2XDre7qY6nFMqQS6edHfvnRKoX30+CIsunk9X3v7rKmlO1l0ZLgTEwdl9adC766rIC4nl30/PSK2qyS5WA0h3cybxVP2iDSpdNlZelS26lMNEB7plSveb1dUwHkCAZiqaHc2qiyfJnNn6V5pluU6X6FElI95e86M3MTRM2WgG2Qg7gTMs0xxTVK9PTlx7V97a7puthSodLrKnRD2d4pc72d0ZWCb9hAhvsSJyTtwo2Lp3A8uYIpwPasOnf5erIjpqbopZAoUp/yzWRF+ckQxosKTJJgHKL20U5JUP6Ez9Hxmk4t0BvNQO4Ccw3ZbcA6bDIGkrQtYsTHeG8kkBg62CsiwTK+RpFni5fU+izyjrv71U/dP14rmHFe5tG3ywSjilfp6FDdZydwGXt0NS5GDpIqRnkUpdqSARoEhh5JYuxS+1AGUD6Rv7zKv08jBjLzMjbkVgBxFvdSjX6ShR3JaI4IygSv6qtl5ptiiqNClsPZHqBzqHwR93f+ykvd53AXPVfSzYugZRNOI/yhhS+VRO6lMNUlLk2Cb10vrbVetnxtULuSHG6sd7zkAfuuHTtwjI752XReZef0YuskgyEkyd9LAsrV1cyWN3r1wOARGkS6cXoDnFSQtC/ajmbTKNzCvBzADc3OSbY0WJVqEQZxLl0CifAWSUMomQlt06GxJ3nrF+OApKExciJ3AdKADI0knu0z/5OKciU77j2MmVq5L3uv70OnpSZDKi+z0uZ3U/I6SLB0znNxQWu9WDUskSDWIm6pMKQbhw7KeWxEFBL1WuBmrlpxL9tNO23FF1zFkROwCRTJb1Y2bP939fHYKbk0eaO52L11zrkgKFDZJ4Ug5pvyv1dCVWTLlQrbDq7uCnyUxUqTGOUdNM04nby/uWCurdfSg2PThGFvj6dvGXw/oClI6+RXFStz6W7WfwVu2wcxiInTHsq905PIsVsYpB60L3mXIiDSqf065SoDkWVAk3yOFYjxxJjHTe9mlywpXBGnAGd+hb9Ux2goHl/hYvywxTRSj/V2az9UuRZcR5S1EOMU6Df560Su5VlFPdN3cTUrYqUtKq4bfurr3BBx28S1cp+VecUHQgV5TzIVVTAXsxCSd21BUzrZBMIL82a8vjSS5lutFysrZ20vyhgK/Kv5ds6IyLXQWIie6MnKEZQlve66XwZKxueQeZKyet4VLOP5bAuc61N6rhrH13SRbetc50NKRoyyjaUXvQ9+g30FxL6/ReRHPUqQdYzaD2HUU4oEjIIjeZPRR7F6bHOCZK8U/nRibdZD1LIkvdV9kgX99dqOaxHeHWj262Yb0qPyglZptSjLkigPpF1kQgvOkmyctMlKA54NvLamlSfPnV3lc6R35DDcaN51+o8WhMV90vmZCSMez8OERwuchwWHX2jyeW3gJ8g6UALkQu8SOLJKva00qnr0iMJB4f0mDbJxSsSKRlROQxFYTQH2gXoS5b6TNJ3k1jIrOh1iLiBt9Z2r/T8dVylbFOcB44a1lgHI2UbIkptLtpAqhtyL/bXUDGX7I/8M72rYhqTt1LMIVMpG7uQN1zNwnAqOgmehuulYMqLmhYZXIgMzGjOvBbgIyRO8bt1xeViFblLJcinl/RK15hnlbIZhaLFSjrEpk2x6jKEEzssabM5NoIEGQOMq8J/8/tyBZYZLd7y0LUQzmrIBVO8qWhWLlNyL6WgW6suG6yv63BkXzWQFS4Kzyuvb1OM2p+GtkOLOkt4qB00mDwWWdiyL3zzwNGR/tBp00O4ihUZNpxleSItWAqMb6VTRs5sUms18ZGCPllVHqAQoWWjP2RaZYHHoF4j+2odBplMHTzgUsHS4K2nIn6S1omzsv+kqC+ET0GXotSyThN0HRQXFm3Q7IojZZadayvPKhd6ibSndPS5QF5+igJPvRNb6nzQQlWF9yoUxa0TKPdT/roMiAyetLgLuhVUKOinaqk9239QXHB5LLJypUmVVj2tFSoJfOtrKUnbmkzGpxwk0Yo5O33Wq0tGTvmWjUhSkrWSPjeLWnSSso6nHoH2bSdUM8yRjGyPkqXbVf0q2lERRiGb4eRPFiihfOUuy4I7+9W17JQBFYVSNnVhmI69dKQ0f280o7t4QftEeamuVG1NfmaRQ1LJ7pOOX9O+RtGOTvKXNPx0clnOH2m4lwoVM2UrE4Ovh4Y3RKqV4oKxkcTVmVoJ+dPVVut09jBkWVK3uFdHS8hdlo+F7MnTMl/Nh4Qwk5yjadxVgZZDJX2qTZ8QnZiUS14PbDuvVJtiJSf6sB3o6CmwlZY2fnsFf4BdnGRktVz7S6qjTxInE3zqrDjXTVISRkxvVOQmmCKIfBkd0REhOJQK5qbpQMSg0EvKZKXp2DrjNCTT2K7gP5mwbhwiXqFgWICu7X/z2m88bxpcD+GIZXqvnTMPiBeZJNbVKXZCUWUSOGcDpoPVuCJRAKj6mMhnZCeU/UDX3aKdk5FRAGR25QAwaaRRKS3IYd9f6nSgoICqx/bhT5usAMwNo0Uta3XB1ARhL2WkEzwBkZid1u9TZJaSU6CkGMWuFD49dWZ8YRsiNwWT2mWtpo5vLc1FSDqOi04OvadU/txKLYDNBjEXrqtNLct2A51BhXaXr9X2y2OVi7WsiGV3Wl7fhcokHD2FPeZZZeZ5p0WLoFiZirNRycReU6pmyNmrJmyoB5ejhTdFZ1saMJM1tYEKsB6ZCUUpq6l5SAks8r7knuMIZV9FanhzS2QBFU/Y1JpcNfgyFMvJXXVuVac2RrpQak0C6jb8QF2gFBkVMlvNQAHKBNwFvGod4dW63LY+7Y2UYaekYhYA4G6juJ5ZU+OqDwUKOux6yMhEunobWbhGSWzpRNhe3HtoX20/roWrY4G+U5Sofyfid57ayNTFdAU0UHLul0yw4qiFwszKIXUZKdmJXiDrwFlJTttJy3IypJaBDVht1yfhcQX9OM1hbwf40sirtmGzLMejLrMmDzmAKNb5B1Ur9VkU1hB829ij80oUFeSCWq8KpQSpTNFhzvvbJJcmA6mak0yUqz8kIFDk4Va21EXSUl6SYhSX/OnuFO0MZEejYyqR0HByr/OuILbJHpK2sxrZVYYGx3tSswJba2FUiQgr4hwJXHNFHLnaBJtrJylkMgervB2oaBZgYatxtipLiPXV1gypJePs9cOkrip5UDhK6srWxRQ3SLkTQ8oHcOCkGkgfxULU+LqL88aB4KqADNTXxrRrOrWHCbxdmIT9lRr0kMmBJYOw4q5Zu5pQNWANM3GUfYBlUkFYQokkk3seBxjZmgzYUPhUnWPMAkh+ZRJJs7mStdyK4LDrYNq7yzHyoIuizJWyqFxdY2dlkPIaye8wtT7FJwHBBdO3mxSJy7AmyI/IPEPBlh3es0mqUZ45HrYZbQOCe9AVQdla9t54KyPUjfY9kzvVA1vHPniQqvwSqZNPZOmb4ifK4ArduymThFRHNYV0vj536k5PR9paj7BkW8OVlwX+QyKYkBiXO9GpU7QCZIc4zimfjInTCdBeWWyePldARqZLurSaoALdl2Bj08pLA1Xr43QQqZy8YKO0ZrbJyEmpzFhUW79bUzQcVXjTXAGbxKWWlFoAeZPFWBDwKvDByBhXPAeTY230qVE1ICWFvXVrCp4qU5GVsCyuvKCfLhX7HejgxXU6jEOX8A0g/CPDw2S2n9JGBxg8C+raucPygnHJ5Yri7LpFLbmTOFOwuqCnzVsBnE6EKtIoABnMolYdTgU+EOrCrmZuuoZ2DCAnND7GG9eqJlI9We/WRnKHD1RhDpR/DQPkrPQAggUtoVbUYtrk3svJJvVA3t6Y3iLVByq6pFWax+xTc/4LRZIEEJVajsd2UHvCd5DGpV3LG3D56A0OLSnSYrLfNYCZUkuyovhtHgYv3y/BbdVHNb4yYkmGXCuoIzdckX2lX0EqoQWYbhgVAq4GaQQHDpTJPiesk2NyQylHXw3WWQdX26ucBx1Rt0/U7Gm/IazJLgMKhBFwMxXZTABq7bdiFIm6vHVKEM59AWi50i4yg7LPLUDiawp6A43gHrUfdHjllC3ynHXefb+AdGLCNFXJltOLZZLmqkASqMo7Q6t7ao1axzdKRvZ3yXGpnsn7oIIFxNNlm5cDzpwCnpU8ezb1owqSe4LpJbuTHZJeZ1J3TKSLZlDVuhUkd6//QHYMcNc5Cw0wXgevOW0Xz7E3pUP1Ry+F+33dVf6vDKYkQ2JhOk4K2LBOq13HuzFlTlCD8uhDCeY4cM7/zgonKmD2xio4JSxHkdB4kWdBZsbddOCkSTASxthZK4rgcuoWKcTxibymjJncCT0pvWm+L1C2WvpLBghPyKkPwLLUBFuwtTk/lcYdEt8LC/YuK79REJUBpJNUXiLFq2bc5AEqUwKtTSLd7gAGSX5yxpduZG6mzd3I8lEOptWLpLHJHErJySLo2ppIc1n1ncDfSk4pHcoFNr/fyCBgPyT4rswln7om+PEgK8gW/07mauAjDqp3iw0T5HWthD9ROTNWVmqWO0rqgUFkG9AC2siQdJJgBQlu9pQCgYyxrLak2vUaFrJ8K/58oc5n0Js6z2lGka2RuTMrWqiA6vUVpCaXkArEhhzKSVtoWlwqVoF3B8omZxUpNYmHgUenY0D2geSReSN6AsktR6fl4oo0g7whncBZCiU5lGfFFlX6zesaEEZXtpezMov2qOFQr65IgECDyKRyxvlzeYcBExFl6BK90y7voKBT7zTpNfsEtEefQUIMsr5Np6FTRIkIHY25q7OQMtCZFIFkKlUiJue2AhjSaZJ7SQ+IcxzJ90ikWgLIaDJ0M9ofejQLwA2w//PXK7OFG6Udp0e/2gR1b51k7YZcAilx4HPmq/Uge9kou0uUpfDcO0TeuWE8qnOTEOGF7uNeKCm7YoqUNys49elEedne++gqlS+yKooykDdtYCUTGRU+SA7sOpGElfstQZdcfsLFiBkAKNni2mIoM5LKX6OnG//JrVQhyUWZFQy6jYiluCbuMfNjhqvI6QGkanD6UWM9mQeYpEQq5SEtqT51zT4G0ixfCb0mq06txTorZAAHdlDnJVtNKO1acRDhxZJ6tzmgTplDR5sgyuJEE+iZwNLOAS7Dut90JQNOoOHVJpWlU8ZAv622hR/skFyJSmcynBPVeL/RHQrPAAK/vO8r23TAZpMebDJqFQop226PUMimUUdZHBiS5iI2SkoBRLPL/8u46LQvsld0DFGwt+EPfengSDIlPHs4VzK1idAw4QRbd0WqKTgMMgK9f9cixy7LWyBXHkVwi6iXoICqaIAsm4ULUELCsW/kit2JL4cA2C3AQNbpmvuA7pKiDkioxMVF8JNWbr0RCL7pMXEwM0T7DDTnJls52dXWFQAQ/piSllwb3QuQDDtQDcwORBguQwBbmjspBSxyKgvNlwGqMb9O9o3eXxCGi0tIyf+XPOP9S/qm66JeMCEI6oAWxvjU8wCsOzFaB64Xi+4l3u3oZaoODgmxHBAksCSrxHn4jihOfCZKnbna5HujUXqFQAW/0t+U3DuhZ1nKB4iiDdWDXwPuqbJXPZtsggRPmmwQU9Df5zKqOs207MlvUfwnFWEFSl+j9RoOj+p7NXFvKqwoNThU3Lkb+giIkhx2kPBWnwIzLPQ/6r2MMukH0J2h0bv8LaMiSF2tiXVlegho2/1nTaHPg5AH13p1mLwlnnV0VG+Vvdp3ClcFKxVIW5KfKam2kED9z0mnI+0Iw+kocJZ07s0U8ykcgQm5l1XqMTM+wm5WxfTDspEJgIsDjpNmDdwm/XaSFQeUk58tnyxyreusJlUv2w+kKybxjMWmeYFUkTPUItAkZEIQRWCAoaXTJFQ4x06rHFPRaw3fy5+q33kAaNcl9iUpK1fO2D3qVIgz7ZsQfpg0zUrHBoSgqMHmsLvzIKt8pMSpQXnnRIouXN0O7lKFG9YnLoluckISfcGkiVYYDbRREn6SpCbJHJUDCd5AAukH8DDXlSptHJQPyEa2w6cCEnf0SveAgcRIqUpVFWpVsL6aBITUDzGO7rtS/HbCL9NLFwiZsiIDYBJaRNX0OQMolamapmkE7iwpKZ190AQtmaXC/K0AcgYt7a4YVA9w3BSMOaxgtmGpw1OtgL7TE9pdpkhuF22usnyc6U/08dFuR8K5RXOP8yjAnciPUgwpa2UbXBRDKGokgJZ1ew+8ODe/BeAYVl/+AixWluoHZB/4CMVeLpZaAQk3sDwjk9F1/WrQ63SKIMDmfJNto6CaM7iL7JJPwTMEaSDRmRxUF3Vx4GBcxFfLFkelvQcLN4DSmAwllDSd/vZJ3jUZ/xQkPj0w2hDE3jn80ruK3+htp7nEEexBZSMV2eQmVUrE7q6wDKEmlxEUA5/gIwJaSOJCO+/YuMC46TFp4aUWZ9SJ9r4Dy2iDOHY1ilfRwWwMg8X0yqrsSwmV3UHxrEDi6VoWdM8K4qITQCk0dw4ifXfQ0uh5ae8wb7Qy5jEFMmV1PdElxxg3XGl6/KszUOshcg309S1S/K4DaDkQFy1Ee7XjSrm7ykAcP0/dAQkaZFwrXZL09zv4tRaKdjKp0pEnkaTlgahADYa0Y50ObLXS/jX0caZkno0lkc6VI5/AQ67M3rRIbbqHe4xuxElzXfhgOqNZaIl6kzv4VOMKjUBJytz2VCUo2KjLSvsl45ut8s2k9oY8FJB2Buo2DnRI0vu7hmB7uGyn45Wqdl2awQpIm4AFhcKmT39G9VV4vQBkNjA0RutqpeQ9AiqvXQvlQCzBIZW0o4XeNqd32iEoCLXyOky0KtqAl5aqSmNTKxZupGOaJtG5zv70CdMkdRa1jBJOrLPOKfxIGkUDWeAcCU4fjK4A20HH2qxQI8lZSzCWrpYyUocuQ9lCG6CrYWpX50pyv9ArtzjnPACsco0ztcEGm5n7KuRZHL4FDgzHL5cruAoGD0tbOVzchO9Hjwm5pyu0kxWSNiXTzOBLU/DqByYkJugL9G0HNTxSC8LBM+OmJtwnJdzpEaGxkBjWOQiYxhJabUmW8kjLdKyp8JzJ5S5xTzh8k2lr05Rq2iHpaOYVUm0a6i14ABlRBB/Tjz39LhihQoc+FEQmK9ZBKTVCDZr6prH5hRxrGsH+qSjKmQg5241m2hHUAMtiLPTA56hAztIq/9AVI+gQBDrA2FVubhafXookvQ/QeF1MWEKpRB4fDR3InkmHDzAeNZInEkKHXdWpwy9TELEe6Z/dg7ZIsK4j2mlclxnaFBWp4Il42yleNEShJIwLWR3N4H68EhZhobQ7kvccQPTjM0CdNVw7PPTxDB+SuyjbSc3eSCW4PQpPNTr79l+20rfVCP6pUygWdUEQbCG0DkPwViz4JcDEpL2DU8c694rlqXtpt6sB6VDmZXq1zIZ8geQBHTU4YSeM1Itrsp2HAakepdYWxNA2o5igHZTwQtLjbKFeaekpAPcAIVzVjzo9nQfwlg8TVeqYFVgK5QpK23TXdXFEY64ApOQHVftVqBDoWdO3Kb4ZjCfswRR65QgfHU2X0qmAFJZwshQ62twn4T9ZNWh8anIGViG9tGG0Yi2L6drXN8n6rytWzjWtwSwiweuk3SCQtqSwTGKgFb7T/NGNQI9DjLueIBJAczmMtIJfGOO7/lNWxy2RaeZlwHtndoiT/RREuwzHLkw/8DtKuhmWSMqzDvsSLNMzaklQ85r2HCq5dMHT+k0YbtHcC4kcGqnpDjPw2n6AZFmBSNz6E4zAMrANJ4RozBFz0bHZcCth4Fgk/FZMK1QVGegftHmfaA+C2rBBmdMswUKiSgMWRQIAaY/Fg2gtySnMoIU3yQqJH1mFCmncsjgWHIVsrYKOqmT9nTGJsQmQBI/AKRVjOkHep+gMWePXLVeULIPUs7ZKcio1bAP23Ci7w+HlZ1bIqY9OskTfrOMAmuBGKoAheBtcabzBLCK/Mg+oI1zZES563koXITKzKdIVUWJqQ2WYkwsswr0YENJRpvSF+UElixCUoRnOFVuhSJFDtIAgsIU0Np6ucsrj7pDgNMnq0RMYA0ZcsiAvvBMpGB1qS9sNOq/DWAm5h/t5OddHrswEabujdWEOACMldEQp+nsAA2UxqSfdGvSlR5EuK5kHOR1YNNubRZs04KYePNbO7JPvlF9fKL14OYHpGjFpkDuaoHoeYhbOAjHyUs02LYeFPmkyOjp7xfiQVMbkvEZLBa6kC6n1XdL9GMfo13eB3QCPG7SWsOc5Bhgpx4ZmZmRDsy5PpStTXl9GRuikc486SVRINS0DwIuBcByOviF08KCjba8hdHdUEBUMORirVMQoZJ8gFGvGkLCi0D3joMmbtA4vaAu+NhOtSo78qpRj80QPZtdsSXWm5IROA5oX3n9ziz+807SbqKNScHayl+U8DIINhbbFRE8LjYYKfRU60UHqAuCF1gXg0E0PTL+Mi5XlFowFglE5fe85IjZgITxqilZPyWqzEEy6bDO0NAto1W4n5UyYmle9O5gHi8s9EvLDWyPXyFY8QjOT8loTXqf5deBwMrcg0WghNpYE9AxTcsh/uMpUgnpJIeaKHi1QBZubFgjUMsW2RefJjnSJfDfFM+gMLZWczgeNT1EWdIyxFDqhG5S9aQw5sGwSKUH8QDu2DqF1ISVPdIbB5VgcIETGWe4w5FA0CFqUFRyfBbo1kt8uPb1Q5pWbS0KA9h4XE9HfGnDqo2/mXkknA/QAv93dkKDBuLaSYjsjWeYWn6QJJEvQPrteGBLZGFz6bBkFYeLMyUgROmtyhhLfqdJJ5gnIBolXT0ALNwmAJWqNTp70+YoinQzTmXbu0BGHmpu8csi5XINLUfgGNdqAtYDtMm8PB1Lw0sGg4+nhoEUPzmmyyc4xAQMAFHCAsRwesApmg5yRvANCMyN95L+0AMzyWlyCiRaT2mJaB+RnDjRGwlXSUWI4sqOW6FB2gSGHSE1y7YIsOoYYmTA5zyYZMg9aeUiwZjQhmr4+WOQg2oZplpSUu6cWnRaGSvtyNzTNcNNDmCbHnWKH8aBwNOVgk5dfANc5sDRdleBrGjjoxcgoPY1U+dqERijbm3LuF/gcWvQnmxBzJXSSmWUALlBM8/MVsBTsOMwR774zZA0KRbLOzDu0hoSiDKAN8N8GBpQOlKwpngbxt0Fh0agJAAyqp5aTbY2IgcnrgPucwR0+uVegblVcROnerD6j2YIOGLw+44zMk2orCYmoS/T3dd6t/Hdj1sE66djSqbJdEpK9RP0IuJKddkbXqSxDpyUc7maXhYT9DpLRxn87npbgz6TGu0LdW8yarvDOL8CFCh3x/pQMMIhjQrcI0bIXPgDQjNSBMsFqM8LB1qJLodvhVGSi5ELmYCTQI1uPhyqHhFnvpQexBJDkAhisxLg9+foO2giqlwzrEigLJ9SlMoBHoSu8Ts2BcTBRNPAr4CQV5Jx4UNgMP1povUnGiWXWqPTkglOcbZs2zn6DaIA5glTcXEBeYe2GwhTAvOnX65GJghQNb3tauHzk1+DdrNARu2FdkO/Q/aEgnwZ0F+wg/4OxpAtjbB2jFxCfHBEZE1SyL+LhlxYqnY0ss6f9p5Of/wxKs6fzt0FvH03dlVF3sP80R59QQles0F61cL2NM6MFYNgiiAAgs9aRjrOU6HWDwHFf/0VUrp0CNsAUJMsowOQSpuIEvNaeFBkTKGnpQVkpWjjrp1VSjEnJcEQOxZkKuo6o99Ph4OArZI8UmdQMCFZK0LIXktuEAFWCrQ20SZljhxYuZWmWKWwNphXYj8CluX7LGGEyFGyCClKA5uxfgncUj77TguSSCDEYBk1BvwJU0+auzPyD7SWmn3iiBji6Bnj9khylBSOr6JamPF1pBjEIihyc7FMBNHUoj5hdud8iHyT6MIysMmyHIRmA6+GbdKZCagqaa4Je4G7Wo4T9Avz5ZLSdH+2WoqeI0LM7AwwDQo7YhAlb5udTtHWABlwGlE3mqDLwk8l/OGCAOJz6gZ8Jm4oPQLeGyV6SZZMvG5SkqyPFJnVNNxu03PBFWPMPQAANvBB0mZhbFhU3YcIz2qsLZcEDjqiBp2O/glso8jIMe4WU3fp0TKIOYD1m8hP9hPCzBJ8jBtgZStDy9Org1WbYwZ3yAebRmZueKW5atoQWU2HlhDFgw2SEcan7sS29kh31fapYuhotnc0hfOn95czpOMlXdoyWGMoVxioojeWFuZQw3ZYTJGRMrzL0G+AqPphfZjMeZEUyxHNLdXxEgfXJ0FHJsKVibjoBhFHX64manb9nwASw1HQK+QGMRIcdnm65Fa5ukCNxryNNmOAHTpFGGHDxUxWxlZiYLzGYiU5l1bmy0p+D0AvZGybhgCkh5KK0CD+kM2UMrqdNqdHQnY3XD+lOIcklvdPw/9zaI2/yDyewNY9UoLR0pKJqw1UtRkxRgk0mD0apusQ1nib/Lu1MmcEdZSh7c0AKplPPcM4nZn7CU7c64whob4HZjc9HdpyDjTZ6eTBH1l5HD08vFTM48E47yEn7+4TvwQ7iZ7Yxh68d+bqZ7WiTGA5Bgzmm3sVM9cQ4Mhu6F2YvZlBB01UfFDlNTEIHbwHTv9vEmKKIc4Wtc5UvUrsSXWaKx9ctf4qcJikvea3ytk0ekBkH0b1EeAErlZMi8H00WyxM03Akk3onSRyNU4xDtiFW0LgHNx5gYtfGQNMe02mAnCfrCjM1l/gCpKh7ec4aoHAtU0KCXZlEDjiA+6wlGi4BLs29MgEaCgzFoo53BTBtZywMc4n0EE4lMt5BqynLCdTDpiyCVzgagtPqktr6vBPTEN8WO16aQWuMsQRlhFRbhRyCDNkjPpbzbsO+F3KVfNH1TYaY4IdhEBWKOTQrtKGpMOMClJ2xHSByKowNLSp/droGcLDgHyG596lBIPIsgHtkonsTsrcDvIwVGlySoM54EQgwmhRikWi2c73QTBkokbCmPcjnF3OMFpGVywzUsa+VGIfHCDWa0h2CiJoa0EUqb8z/9BxBg/Hu2tzOQAPrkigGDHmF5tVZ5TVm2eBj0Ua1WibJkfQZQxipP1mCW9jaMnRGpDedg93g4WAoBuT81icIJmbwCeQWUWq+8M0sWdI0UqrDhbcgWaDnp0kixrruf5VWS6Yog+aADdDFgnLHSAtRggFOY3UqJDBUjGBUcpAbnJdSqdLB8WMbt6GKpttD95wOxATcqilYprt6mQ72r59HUTBprzHPdhhMJGgCgBEwVE0HesDTGiVO86AGYzvTGj4mlofD6oSPuEpaPSjAmbfnqYgXgLYxyc9TARCygzdTdENvmgvuqQL0Sc5Ut3ZT4SaVXFleQMm2N6dA8EGDQmOcr1SKazaMzacMBxu2Cxml0yvNDmBeaAdw4QhNMbS70djga1CYfirVJAuH8fqWQ+GUylQ0imaurNdncJVzFdfdwrZ13DrJIlnp1ZsJJjssR5ok+dnF5FYUOihmYZowyaLpyWoha+k5RqMVB/eavFYiWdFpy7NECGvQwkn7T3tLPafM+YTEF3/GoGHlTaQUgIc6ZPfdtDEUL0Oo8Gh60OG4r5IsLHRiKNKzbb4BiKV7mUIpUxucnBIEA42B3sIRMS4HZglEmyGBlmcqRjcOaGAb0HXnIAOQIL6cFXNqpI88HXAXGKQZI+ooI4hWg1Z5WVyEq3eSG89cQsYNusa08HsGLx7NZo4CdZCsZBr8Woqsr0kqL4c6SNZU2q2mq7+sB9Bw8JBWWLD8lE/YAuhtL0BUbPZ3IYDIoCepwbkzkkrIfZ40ZjokS0wAZp5G/URj0XoAcBK0AUGL6LriQCLi88nogJVwZ4TgoEpGg1TWNQVyV2CTzJBvjviNc0c9ZaWayGiDTzhHWqeC00320UUnK6TtPQi7mkNa9gMTFhktiBPZjcddDkPvzvgHALYOachscDDjjXmILTXXVyTZq1CEw5YKQMmyh+YYlQ2WZl2bR3xBs05rIqBM50boEzyDSq5KMbIfsllKNOHIODb386us80L7wWDEmStSLLLOsI5LWIBTeVQirdK/Z+B6Jgk31hiOVIvr6INNO7gEIUAZjnc7DBlT9zqlh+rn4wQRKlBPMoAGY4wdZ/AJqzoplnq4XcF7qjHF3pKEQU/TgyujOYdngbiVxpsYjrNYGQWSxAzATAbpE9O4jpxv0djuks8LeNgWjkQCZ+3yUcyGlA3FOaQZwhk8vGyKjXKlVjdGinPHt0rMVXeuARMrgm8cJgpZPI8fTNAlNMA5WixzmpnZ2uE9A3ewunnVeikiZyZAgOJzbEq00tKlF7hUP1SehHopUPSsMQXZYjKJiYjcmEDuqhkL+ecJgz9tn9PmGLNisobWUwwHNNBpU6DDM+a5r0GGYN24oGaVxZs4CNY+0zEeVJLyuY3eH4x1h6cFetzlPZniJsCegQvgsig+JYuMJMUKix2NLXYUX0adwSYmTwLOXZeP1ZmH7xKObLIyTv6Zd7UEhrQkN5tNYRnUCkzUXD6ZFItZQ8FSiGKz7AqDXFAhJpYCNns6Di1Gy3RYnhcn/7CpD45oUPNmx22iWLvQrtJJXTRMlUv0rNIpMMkyNDW7/GWS4a0QykMElF2mB36HshA+ZJombAEEJmpKRFqu1U7Skj3BSAWEAefc2bOUGOMHNHVOy5U0ItFNVAQy3KG3SR4yQgIondyU1eQv5J+CDIFqt4aPYl5fVg+uXyYUQtXnXNkKpdhgqKnWrBtNTVJWMTwDH+ksdfB5mLH19toC4sjqt6pBGU4vv55gmkRTgVWKhp3YsMUxXCSchMK0eqY4FhfGkZXnMUl1owls25C8CEbOpUFDffdhhyw1xZgJ4tE1n0c9G+LJSv+/7IVbgYr8AaaNSXKOiiUxTSsoAikXLyYztLIDjNBOaEuHegHzA5GBPkuYFudVwD3EdHvS/aur0S/6fMGcBElwMT/fwR00GKMK4+CN64lNizl6jUp1dxGaVAUUaEyzXmGXsUO/CSC1AJO2NccrBuKKcddRofeJ1hR5Y5k9xXwtuyminWAiy1cIiIzLCtKv2JsCv5VBzNn1SVccReBmMfRtGBQh/ZrQr0UihxjZrJPislmhsFeY7mqh7QDJOMmzHNljF0nKOarB2gPld/Nj3Qbt18yml8VspvoO+x6xYYzomI6BCh6elWpogm98OlY3iIwZu8Fgt+z6amHKiobqDltXs/ScxDIExywC6Ub39gvMzJEfKPQCm30KoOEkJQv0xEEPgkoADiaaYB2EtMhLoduf1u+yNDfEXqp/YcQwMwSYzuVqvMeaYeEsy7Mz8WE+BPEcg6KjFdXSfwEfWqjyyVFzlVNG3Xa6SqOv3bIb0QiZGQobKQ/HmNSOE38UdaZoAvXl6CWG7fSo2rnh6wpnJsR/kRFvpsBP4FfWSCQBUrKOX+RPyE0VJlkm1znWAJvK3DD4fUxHrhQYcoZqY5+A031igC/paOLO5MavS51r/zMksjRcuMivHmLGtNR/5FwsLp4G/awFkDpPBlsC5AundwAGSYtNjjAmMnpyPOUGAj1GJ0hopbryXlBuAO+N0SF9cc1TiiXo/CachsfDduuidIO6nSkeVplmWoQ7iFSiH4sIZhobEFryTQ7ljSWHFwPlw0gEy0CGgtIegcqTQnDbRB8K3GM1TIQlsMY1CHIaequNjgQP3muiaj4AmlrCHQC2M+q1a/1ENxwOLJDQBcp1OzimrDFkKwhnHHIbbhR9KNdU0aQzj5RiZBxB5eHvWK3P4KxMPWDC0+DbkWhRl35U5Kk9sPTlCoqAG6bw5R0eOtgUoxOgxvB6X7aiBDyoLjJv1hwoeoWhCWTI++LwwIqNB914MneAjf00dliM2E9AGDKS5pjC0jhh0eXe1Y9qmmh++scYdoHfZ3MOvcToykHE73OocMINuBLwO7w670DXO2XTYLEz+6pId2mMMYuhKKYUniLpURb6y1O1Det4vYSRMn7BVOHCY/wjHT6gvB4duQBgZWq0lG+16IJ6CF9bbiLVSwt0X0B35Zj3NktxxLsdBOIKjVGGXcBCi+BZGjW6Ahk16r5KLaIA2WMglKkHyplBTwbL4VLsnh5nV8a/NGan242S2FHtGdHk7cwUzROVAE1GoFVnUwhPwvDJ7aB1xLL5Su8o2iTeRbW4sYBrNLkU8DKxAjY4lC8ru1YDPOLXf1JdzzHqww+FqMG3xLCbxXFex0yYddAxXTgDdhQtrFQ0buUgDHGLj37StrKwjLuxWTQEmfUvESbtf1WCkoBMLFhKHVXPqkHnUnQiMWnFLT5dsPJ85CBUF3OsNOOtcruYS4GvtvtNSMwZr0Wn4qBtym4o4wZ7pFqLi3hDR0E/ENwfNt0PWlXBwRLDW5sFwBY6kODtpNBsUPHAECKEkkEBU+uzYjk4KhoTni3l0yHH0KAS/LzsqTf9Cxx7PUhljUAje7TLRfMCNL0WCYF4xjAikBMuLbcc4OPU5wzwcGlJWVMqLRkswOp7cSreZAaoS03iE6luSBkb4xFLdeyBDdLYwNTSNFQtCQR4uiODeRpu98m2KIKiWX+FZdLUuGEuDb4IuEAZYmEdZApsGV58+ECthgR0jctPhdsUxQqp9gg5GNllydYOlEzk9SVyQvDrOm+uAz6ErAR6JM8DQL6BQXmdFI0riYXLHXXmVO3U2EoXILqHLkxX5IwZTFr5eoS/7t8SOhfKMDGFrxkZoa8QfjmaWpkbYxELUjWyoAw27HKRnWsiaQNJuh7bcSzuXGs+AgsAz6I5yzTrUVtfYFns7iw1wPTRVxqIfscpgA9LnCMfTqfKmmZ+Hrg/zDvNf7XCwUxBXJpXIuhw5xDY0e0BV8PaXNOHIh7GgBAYgSqzjZXSo1CrJmao2o4bEl3cjZ1VEL243OmBU6Rob83BbO3bGSrgFpQJuXbT1Q0cgJS9QkTQp65dUaY0MTTmSM3tENrwv5Qg72utRS+6Dc9o110BqkLCYKr8NQjfmTlMUsjlr+jHwoNjMHDtDq6GiYADmRkOdcz36M8tXgFIbz6gu7elW/wNxmlOrJpngMmJt8KNyqXs8xpkNxt3UilCi7Lm0xwO9oYgDN7hBojaWQWA+IDjBj6+gaZCzkD/jv6VLKDRN/JzIIpFgQNjN4YOup/ZE8AHUkcOJtEg7wqqjYlPYFcbGRvQMygWcpN61gNeANAweGEc87PMQgOhAl0pG+NKSqQpE3WFwBub8AawK7RxbbLVrqoA+2vGZ6chjiY3y/IFoSgEiFBK+/wSGMJ1Bc0y5Dt4uhOaVOW16t+dApOTk5G9prCZlkQneMAjmCMvV8j6OA1KLvjyyEVB72j8thZuIwRvMSLNOU49YuXO9I/uOanoDqYXA3Cma7BZga4vC8Ufohs7mW5do1WzM5zQD3FlKHKAyejZK7YNE+5fYPaQ2TfLPCxFQxYCpo2FkqYbZ7WvkRhMVKDgqvRKOnQvfKtrC3qrMuwgSgj+cX5hrFgYJuT2MDO+iKxfTJCxHCCAvJgFFhyRDhHHyM4YVzkjTWAGI0FdvknOuiUajU70sgaIxBJ2MTSWyi0EG59om08HHV/8RKbBSTvb3m25KwAXmVznHHUQAQxPa8FB5YrXIKYLDKWhF7udtmPJuvHJoCdjYJrZmRVwvraa+sIkhnSPVnJe5ReCwnJA+vANgmixwb9vXhcROnIjQNmdjBZi+B9thlpBUDXG/rVwtyazwhQ3o2LsXuM+QHMaQxUt/ijaEqJi5+ZehPxC7Yr5rbbzPwfcNzCyjqR9wAwCqW401DtovGJM0m+VnvFabfGxBZgLWrbFTTQrkHZmwCzQ8tFv4pJLazAcoqnLJ+o6sNfAHwWQ31XTo8UAPt95hPHbKE9htb636m9cKxhqmm7lBdQzs0mdgiHtu0CKgSZ05eyMN0EOkNF7ydHOL9gTmDPB07jhOQyzYzyaXqcAunRYhsHhoA9r6rgZoYsRCvBwQl3ZHJKC7DsVQpmNshI7ePoShcEYVJIrrkzJTJyF3tOldOaeOcZ/HR/GjQW5bnMtsOUwoDZDgeBJGT4YuR3gVwhvY1iWRRGx9DI/DNnJ74fHnhvsfoiRFPQ3yVNyrJkI/kDdMGSmu3WiFQoWOQU4+PvdKZwOiJAZZa1Q1bFkUIm8ju48KOebEWVSt52WOYD5zAm0qUp4b1GhC2wVLq3a4SJsdJcyZ8nx49OuWiO61TL5GV3UiGl9B26YDOCmkylm6BcBJqMkvXuIq8BowuAycSE7RS9a0SAXJJSwqMQYBUz2O9kJ55CmsU3E4EwccE7YSka3xahlW/csLQZXR0Gf/KI1oUG5AdUM+RDH6MF0wMIkLgj2mlPmCXY1mW65lTov2QWmkFYdydVGjH21hQJQ8VXnTw+brC6Xp4wDoWAjQLRWSdDoQQ6oOLWbDsyt1PNBgRU96DYFA/EJaMeFC36ExwqpGezPcvAt5iMTmbH6GWIJa/MkxzI30Nlb94Xh9iUYeGmvqwZLAJ/EGpRh0vy035u1545rYEfpxLWuI6Rm9FXDfeEI6uWaSJfJK0oSu24z6uVAJYXCD0NZutE7oDeZyqJjh312XS46+aw7QIZoL/TsYrjWOM+KfYbDztegS4QhPPqCLAcndSREb4nRrFadLbAF9sSUN8azOBVNlxWDw+GPcg0pDFIImnQQ9vI57E61Upi4yekbniO+hL/ZYEiCDc+uP82nI0Hb1SyMI9OPwwBfYB/kO9z6gyFL8BgxzdOdqQW2asanEK7bYbsUQErMraag5IjoroWq5HXFSrr+0ihorsHdxRCf5HLQ0qiVgbh6OQZd2WQxA4Ehl6s1xgg59PZohMoyEEBpPeghbrXCFD8WR20sRxruU4WkFFeKQ/lThGFq/KRd2g45Zwzj5KSmYacpzGNaCDa4LqViHH5Sp5SqAM8mi02R9KdoAoL5YSaH8ZeeXJiFVPHRpnM78BD6wnYCCWeAso0zdaho3WQ2j3E68ZAyM6M6AzUs69XCfDMCI+oZi0NmLeA95MPkGKBbbQe8XgQDQeWfqWDmmwxiKgsFb/o8LGHhjLGiTA+W4XcpE/D6KaJ2HSsTamJNcM6lyZi8kGx3SSO7uRaYoSGKdToq5gMEVXVz/n6M42bgRzuiYt3OE2EH5b+c6WGSboDRccrA7DMt1X0z8klMkFlJNTtvVxsOlaoirm7jtwq+PjHbPjEs0J66QXIQUhwo1W0NZg1gs84w/qmxzuSARpBJg8dmFJpHL1FBz1Q96XE0ekynKcGMNuCTtzifTg+q4lykzhSytZ0dXnjYvCHUd/eE7hZCOEqOJrUkWarcLEjmpHbdbtIl0gK0TV+NJbIodJ5RqJLHZ8KMgC/gZgTZFp1qLmEVo60ZydJpRDSnU8c8GvlneDuW8COvjS65tQV3nB1YRn4ww/VEtcQiQqADlPsCdaIjsa80VDUJfKYMlB2TbEyClvqKCmo0lto82AojfwE9o/jA5RWZBxIUlym7xaf9JwiM8bSjqdm8FMTdswUlUvIsodBXTwh/FTzZ1l+K/Z30FkWwKGuadxqZlOqk8dv6GQ2aq8JERyh3F4PXH2BSOjWJhXqqAzeSeyb1itsizexGCCyHxvy3GZhBa+1iKgyQ7RkWyvKIQMdHI2vEJHBJuAVYmYKnoBDWGzeYAV3KnA9aeiC8clqiw03DyFt0hKndFJgHgMrCPKAgyoVP1D8TeDTkZHWzEuXmBrgKuKwd+dyYApeYAM8QAeicrXkitbJEpINKtVmzFQZ9GizoAbRhNo1senutVLMneoG+KjixtFraVjsl9Tj2ls4jbK/b0hg7yyRbWlac8wwHZqXleSbLsEdESiMlUgobral/FkYZjxgzQ1Ru83uwbqxzrBFCe3LZman7MBiFPknn6LZEwlTRVQASrTqNtHaQoSnIstNj6A3sMWmkdjc6Cr8sMYeOaa7JlV/Y0AGHyIyZ29bRZZxnpfxzBO+4bWIKXYwqYbSka5WQiSAenxAouQoA4sQ0oJnBDLpGAeZ2wKvGhCemktiW25hDkWgsAAe+/5iKHEAYrsGTbDuz54E+W6bbddhFXeULdCOkeivDGmn9dApqCVaEaH6pzpHI+njJQb8rAwE/utNlDWwf85l1Qly/P3O7IgcDkUbxczNo/KFFFCDm9MjeBLFpoom62eIX02gYhJAH/EHrJwj+0qAEBO5ndeXRTm82jEwrNje7ua+02/8uZaLnnDjujchAq2XLCmswBa9477ZLjHkBU4FQo6zkMlY08BOxaY8WSqVG5wdQHypEemnBhzloBRMQaBWDFYncoXHO5D1Ef4iUWUxEcHpvwL+8xHslN+KhHTKUpiu3pL7gzj7+KA2/MiRIqtPlILCB/cjtKtaR0uGfNEdjxMlEfWL+ph5VnvEqIbSNZ/PITx4cUsOWKjKsx9H1RFuXZYDVMw4MdDu66GahaHdntlvUVcyTBrdih+ylca7cjtKgGtxBK+M4qjN6TKLTxzO4jpJTUvA0M0MbvhtmLVi6gQIL3pj03IakuByglAOwr0mixbU/SPf+XghHZiQFCUMdQTwZl4ZPwVgqi5tAF9nY7KBIC16MyDF1d/7oOyZzAFgfKl4bGB83npYi2LbcQS2wMTI1jhmX9q46exJrmG21VeSjjAQyU3Iu80jA7/BxEsGqiJdBDvAuOXdiQQSkUyBBpa/JwasjgKbnnMytLapqnwr8STHgz1n0DGGvNpUph522DXes5oKTBm4ZXib3Tl1GagaFGsUNZ/sVcigkVrA1AbMajwYzTTO3vA+4xkwQD36LtteGRVXgY2uAJHlgGdT3oUcyqx/wocq4OEabOqoxec9AH+BHiHEZRvqD4SwBOqKw7DZfclrgTQ2mcBNvdjiJZHiYrDSY1WxzGPhzRIeUqh0qDFIqyFpBeoMMtpFpTD4Af9mLo1GIhSroJzYUwKQ5pz1HM2OHIAH2BedN638XxlQDsLcqlWoaJLQQmw9HIsFswcpUN0AAEn87KLoGbSf+bF5c4/nASs8FMMmAksqP2ZnkJBI9p83Ny2RiaYaYhzCGPtX9t2r6KgaV2R+RHXO/zzcbozLo0Hd99wfaE2X3GGgxixt/QWlHLzQCgdu72VNoS6NBljH1jvRAt2wkMRYogIsbxhTd2eCT6OfSIbBo72BipP1nLvabsJpnpvWSwJif4DohV46eSAH1d7IHchxIAUVwFx1E0VvGLGamuX2nryGhmhvMVS7FDPfzJB3J+D3jSKxApAfURWFMLEM+2pNMIM7RutqJylLeMUsbilEXvxNtgfCX2u8Mi7Pncy2kuKOkpDhin7OyQ8GLKh3QB3XH7ibjCC5sofrPU1g3CvprvVcBJO7omGYQUco3xJHygPwS08Q79beJ1+Fne/WA8eGagFW3j0oheXZ5kxA279+VzC0VjnXCb5g83o6BvpTegxLLcqZG1wrNzvDJ2xB6gWGB0Tg5ZjnZ5FWKGaUx9Mi13CIpiZm1ma4DO3Hn0Jh3Sg6DPGOzhMEdnBfnsy528mYPLybnUcORdb3+HGg6/1AlmXFOzjjSL0XjEEkMTxcYaGDOdMPjN+qkdB2YQUYKSJGZDrF71GAr0F4AgGXSa3b5fGYCky+Qlk/B0OmgvbQOYmLQSg44UhieUDtwmODns8heObcNilZAyw65AlZaWoFhk5XjZplMM1QdTI9s1JVs5aHQXT7g6ljcnGHpZJzFTGU6IiybqySrVWjmm573DJj2LCPR9eDD4ET1lqmdlEcdqQgIK+kECoTRfGZpLbSR5F5iaJEve8ljk0kiVacldfAa2rlibi+w0ezSqnQTBJtcjsc10SKTo3sAu1fwK67m6pw5wndosKWqIvnj/IkY50HkJZXh8q2dSeFQPFK3dfgPnWzGdAc1ymK9GZJTeS7RE5AoYZmEG5WAGI9ExJ9dDpnSWXAgKzaoLosAsCDGz/bZcBRdbpCKDGG8oj0tgpvTC/4khlSQGXKwS9xTkhKwSyc0ttlQegY7hTuYkSzBZD1Ec3xlPgyt6tamU7OblCMDyG+eFLArtasmWWequlsoBn1BtFZTpHGtm0gvu047JNtu85eg64PBaaFv2GQm1sNKMQq2FxjPHGADSAVcK4qMKAqbb4bNeVeKdfQMmRQPTGN0bDl0LqGx3KgxcAFkPOyQXoInWhLGaHDWuygKFsRWow9bX7AdBHJ7igIOCd8yXM+wrH9MXobhrqVPjJ0ZKdQIj7BYauvAHEN70cjkOS7KmKpL9pSp70Wusm05xLYy1Jel7Z7MIuin5U+VCsOkzeLCo0B7F+NgXcMe+nsyJKiBXTGqr0FQoJNPakSRrzvRoaPhJErkRpxDHzINYIE+F09zRdn+w1y/85Lx/KB25mMbJMQs90y3ay4M8nNQMZgYmXtfg5jJZNsC2ySpptJI0t+PUGRwoDSE/iJ1N9mXfFMOVvsU/RkOH13JzUTHr/T/NPkm/ORotejH4RrGcYSPs8i/TKQRZH+dl1UDVaUgca12WnG0TU+meDEY08JrpFMYHVkYe8UkLZtDi4kmSwyeSe6cyB+kdCuPFT6LZoBAAFRzJDtYfuPhxoikmKeB+nO9nfnY5UY1iGSXa1usMVRlYX5ipIZtqwszt+nJgrbY0ZsWOYAxfoTRR+8U71ZTOkpM7xTYw2r79WGCYyZcZdqskabEjE8o6+R0dVBQ7uAxhVQuDGkxmjOcKw4KoaMjYWJzWD0A/IzcYp54pGjc4kOXW+Sf4XVYZoUC+X6AtZh1utgZ6WtfsGUJ7kDnn0ArXfuMFA5hk8uIwxgGEW1Ak90opQPzedhTeliKM1BMT1QsoPgGWJNviWdKiJ6Srq2l28kXhcOUO+vPNCH3TthF/PJGwtHgO+hJybic0rpBhmoC6z7gDqrkbnXuTGqq1ANAOXKDkJFVTwTLzBOy4XAbuyFFEOyRXJd+AjfhWo3GYULUOY60LsM1Y5ZDcJBquYhvbX9v1abqnivM+zQHOacruNdpBV3IDrngAEIPKEAGgykdESKk2sxsHjFwz/lnk0bkhVhdDldzNAvUrWLEIzTU3XHvr4wuZcggjREjuabVcmBeqxQK82P1cr5yQWELgskGz5wF9TGOkWmUMF25ySsVm9sijSgdsLpJizTrjx4IYcZkOJkuR3SVxASHzqE2It/aSQ52glkLLYN/XFYU1ok1gDbm+AfskTIsE24dIcc8Yhwm00GqG2aEd47CbzrToMxM2bzR3Q1BBbkB2KmclYKxuQBmJ8FkpF+eBJKCcya11k1fiLzDUJBaqArXnDvSx4aopp1dcOds+xDZeFrBe9C/e4LHShooKJvlSFtOiRTDybSigE9dsaNHkw8guMZApU8QVg96AvWvw/VZxYT5wN5L8nN3O0UGp8pKwTwCV4fzPJYUpBsKIvRF2ij33woW4k7Njs6T1Y14J4k/l1VqdQ1mOOekwFuTA3YNo7+Dl4wCrTpFubzaUTYx/QA2LwYjZgfChPqKmn3jBOic+B6iSls3w6GYKuDeiYGQhBLaWPx0S6y84HRn+It8Yogu17RS5qWMtLim+RwNsUw+qCnOgTU+sEwOxqsv2ZawgLdJocuiQxdSTF1IkiIVpcOiPSjT5rVhWZp6UNCalBxtaSJHfwAEVI5mEmZ3qsDMfFLo47AQHe7MGWQ2EAsbd67QpUFOhpifNg3LFxKoQkadYq9sj3cD+hwOih7aJDDTkd1gDaio46FtB2bB1gUMqMTfHNLJiAzwWlH7cEx29Mfo3TPTtXGSXKIVdAlOwmhkBquJDUE3TGZIBfa8duvO0aGTOt3gEMvYqbQ5Jg5RY55+kCVc/QyV0D4RnTiHgrQoiTHwQiuazU55njmw2mDGbEco3eiJ6geSP+zYI0VdMbpVWp0Ssh+3ikNHp2e0lDgnEaAYLbaEx54PlM6PQqIzSKbdjHcGeVKzGFDgM5vWeSl0D/4eWvWA9+B0gFyBSnI3Psf1lCmjxbuR7nYvhawwoIaBx8NOvgkG/iWGyPUKzYAVlQ4FETKwmEhe5ryPGC4OgIPsmPt1+OTpkAKx5RIZJAYlJ1I/AHbdlJgCvx2T4wNqMewryUcNwsMGY/hiJz7q45JigGdlFr0D67cDxPfaK+jZ8jSQkBJIpFroVFnlWFkyCoiNE31s8r3eV2U22YqYqHFM4tIhaSfe0UBcgoRbqs2S0UpFQXk4g6NzcULF5zG4O1hgLL5KEjCRP9gTqFDY1HCSO7lARE9MZbslaGsoTD2c2gZbfu6QIRDLUewwVSGGcgeteo48nvG9qMswmBD+M3mffiI81RDmPAd/sTOTcT7gF+j6aDHahx6AEfofey6LYVX6OoOxnF7a5swf0dxQlCQZgzfZdWkFBj8FR5seo9u3KoQIs0WOinkRdqfgt6SeDmGZTbbjTeB7JAAFBojIzD/djjbNARrXDpQie99iSEl1yYQlIDGwRU267oxKUSxPp468zklu0nG21EMckEGnELhq80Y0NKHMqeyvTvcdYkgFXDT0Hn6KhWSi0Vec+mxhNiiShXkScEtbEmFZCWkuUL2jutzgxJOHNyIFjbB7o0mZQfFW0WO6PsYJs3U5phErs9mMgizU14+tP2ARnIGodL2tzBSQ5FmKvq4wF1LqHi6ty3Zm8kHEvBIlp0r0oHR04JzSpOjjDdL2VdYuM53GIqphAMGVyagdw/a7yOOjDCIXCaYuU2KhNbKsZDlrpKashGb45xmiUuH93X97Rk7BYxhU21CxOENGBIEiWRl2N30YVQHWJdyOdVo/ssREi1Xx/tA/3SwbBfGwGjHEjNHhRvLpfClhbGKAp/F5mORVo4lrgdauuoMP08ERq8pQ0NXRDwf6XU4EPE2LfH4bxxHFQDkY9KBO64d7KqvHBnCs3KEaBxlH8NzxT6d6FojtB7PhanB9W1eKVmdaaaG1K27qFK9VYNZCr61OBCEOIdO1BMCmuW57Gtqkd1FAOBTJpNHofcm0EhGlrLahbuLJ06bBkOdPjBxEo9JMETPM3a/DhAIKhi8Wk0Tq4CsztCAFZlqHrWIgtRwe5r3KP3TzYyV9irOLotMj8M0G8oBA5UJWaDddZogp6wz9yzB66u08pR4MUKUDLHb4lnQ4lm6oXTKZ0Zhy1N8SnZSK4u0QuwoMC9ZRfhoX0QWx0N41EuIKAbJlPiTWG/SSVttKJCcOl4TUKSREbkIPzONgIKhHIX/WiwQtTEhAF+9qKmILc3cgyKbA2zwfC2luvVZjQN7qJnge6KGApnCl69SDmzqYegbkwDnrog3GM0UrW46JVtmyN8c0Tqk82KOH63kFXIEqoRjJ1FEfxEqaqPN3EPYWhsM8SuIHfD7XcxzDd5gYThyXulORFFrWoI6JubzOkQPTxTTaBTYcO7kYfnqmrC5ghswpYRY2ri7BQ3FQReANDKNkoAhZYYsrGgxzQTuNWdyEFGiJq6S5hhs33CEhKpNySA1vxlI7HXmJG8E2FEeOi0dmf6XhV/ZWb4WqsL4Erm4mNZq6o34beMcw/NDOlF1juNzTsi4TZDKRnqPHB2a+RkJ2guG2iVZYJGMScYSQNtFChWEGJJpRrpbvNnH49e8yVNbl0NFfZ1DRjGCZt9ErzTSVKY/gmS0ZTJ/HPkYpKUefkKPCvQ753Pqay9wzOjQxCSVQFrgz1pLRjaCDmo+Uhs4+gS6hhRRkowMNtENwMkd5TwfVHqkBhSx2mczVNNtfD3pxRpushIfZwsrSQXoRPZHJnDqCJ2zECvY6R43FyJRcs+M4ZKmAWRyzWj8GfMxkxJcyCcF5SPRbEr2DFTM1e7Kx1PUYSAkTj5/HO0kvUI2Fb9OsKHiiGM+mp1i6UZIK9GdMi5FzpCAt+25H8PYzBgLQZ+IkmoSVdFnv1AN9JZzB6gHTD4yHBSwxbDDiGB7EOdtt9iAaHoFGs2Q4LLs2aWGKmvPOxgEORWqB0lS1m4UKou+YrbMEiaoDANJLuKTjCLECMcG+pDDlF7aq6MrOroszJucSF8LvlqtrPGOrAJfRJ1Dp0rQAyMkY4gR5SafU75JCCYIPRnskJrSYBaAAK6U36aSwNXsAtXJOoy+646Q4c1YZgQGBDhlBh8IiwYhAd6ZRuJsCvYYRhBRb4CWdQgUEpD0qPZKX5vRxnjHNrcXsWhfCDViA6OeEydbZSDke0riFuZiwHBnvVK8PCoKvrtDDutdnVgu08TQ80/jgkl01en0pstAV7RtkCnhyOWiTcUxOpIM9QSaa0qXn7NJqDrQOAyxdM9aMaI9pn2Q63ayjogg2XH146Lhgp0gS4naG8h57b60r+yEOw6NQ5BkyExEUZHYxrNRPy0QcgCWBtpvfX6ObkliS4MzyVnV8A74FK5TN31AEyTMG9jAZ1+UaGIjZmJquI2hiIzQPLy6Xh/mU0yH/KTDKnJJw4LX81PAVFA5EsfCHOWeWFNrA6ZpB2OlTqCmAx2Ags6VOibnRdKYV8I2u8yGIu2jix6NZpIMstinkKSaJVltgZTBrZapeX2PMhlPTnQoMUQrkEK6bKTj0Z6/Atkii2mxPNJYybBLH11SYgrCQ/mAEahSTGQGtmtFnUAgolvPNPFAu40pGftQpP3pJepBvBsuZLxuRkUeu5QXYGXTgupD+QRuwR9ZlvQzFICAz0/bn0YZ8AoqvBEnWTaOHsUjxrjReeqIpWOsy4M6IkB1ir4GBZgrVCmrEUgfRy0AjC0fa4WUVTbX4uBfSM24mNL18DNtDYVQ7FQ/fl1rxpL7dXAWDuANsRYNGgWYqe1cZKobSUmIcjsC/wwgl7580ax82N6Tf11bK8sPh300zHSlpphKz/oHysAcFvCLkRS48y7hIfFSCZsQDpgB16pYK+mBY8koSQC9UdB1yfLOgQXx9pI7JdGp4Iw3FVznOubHJ6xSYAixKocbrhJRGP/oTV9ioHLCrrwp14cbgDLr0LY1UMrxBs5Zw0W3+FEyfzMkEheg5ZTvA00S/diVS8ievM4eSW06HP+4wwkASzgFNrlyv3S8TCFaKnhbrzYEWXOhhS9rS4lKIneEtk0HXU9+3s8VA/sjd1TPQ+2VNhIwoawTTia2wLo1B0PRlL5CGOgeRxnFqzPTJ8PvOQ+IpCaKpRrgiH76MfpxZ0AO4hGUQkYMGBjEPFKrJNjZme4FrStF/4ECdwNQHQTTOcX3PLraBVcuH4NCX7SXd7QdsKiwliRj0/D7bRFsmCUmKd+aUpIgNF+BsddTqUAjExjBWKpbBpjoaNpQ+ujnTIcUAa+t0EUY1/E3SaBaBygGJAQ4L4zvcW8FNHIleOEuHQcCUQwoJpY2yTDdtYURTPEMaQbdZ9NVyiMnQQPvqtEPQcFBG4MogpJFGcfqEObTkRuFDc/0UCiNXaILRUNJBJuKLESstpl/K3XSt5owOaTBmMUKUkTQuOJEXFW1UKWDqVvjWGkWTTIbMNT7AMgXuvOL4U5mwcdTk/WV8GQXsLCQsE1SgU/AbDj8jmUQ/w93IS7r2SHkSFJdpKoDDwc3sGWjzynx36nyLMxJkPBSe0HY3V8mKH08efLHA1SIz7iL+2ei6igYAWzeNSQpAABTw0AJgBbXTScZEGLpTPUyW4uqEvWJUF/GvEJs2EL1oVYfoLuFyrrCmMHE+m5eiFj2jiYv6FWtmfn/oC0uZivkJ5N1EU20QqWF68pnxZxtZC82+jEDUQ3jafb0OcWQb3TLU43ZF60GG1hzv/BMBt/5NSjXA/9bvKYHuygon8+omBMAWHBC0GN1kw/gqN+HIvEQ4293MeVrYoW6bEaEVj6nkoMhOVuLJbLo05MziyxUInWg9sr48AyxSTDeTY+NUVTmQuW/hTC42kpWDTsJJT8lGNQOF6AdaSGNMKGN0LFM72SudJ12k7dC1XTL0gjoHeBGCNPtOeciUJ7AA3eAGZE+lxwal8xX+COefSuhGpe91IaSwzf7wpJNHOsI1repToDWj60Hqx+FEC5QocObJBJB2cDwTdhwIXIolDckneFeXtKGeh7MLVZqjqgtyasJwqiAQu9nKZpWKIRxkMoGb5gfWuIMPA2ss4+CUiJwy+gwgoCIlZculIBnoykhBAeRqwNxuoQyXp97KDUNCM7CNk7Y8gPQ2HI/y28pE+cWRRlTAzssoZKwz8EPPABgjqFYYk9wAskL3aqYfk5miduBvJXQnCT2lH7IDSa1BYw3iCx5r7xUOwAwJXEHTBrikMRBiCH9pH5tGgxa4qugca/DaFDvXi7sC/VgUapOPsUlbWrejf7Uz7sO1xcSMCQYRQSduLWjUVGWWkX2LkE3h7IGh7+C4LYm0/PxC7A5fiLNK5XBEO8o3YJesUwpHaK4QJXbPRJHkP9LeD/SERI+VKPpFqWoFL7untFzGGlMKMxxMbqPKIXKADc88rJM50onMHqSIMKB5vv2AUCZmIxASulBj0uEcPIuLM3VNH9O5yBpJXXgp7QzFlAWBmNny31DUWye4G4r1LhtAVmUNiJ50pW0wJvuKN7bAumtbbACFNqYNK2o0PnaKNWpV7hD3dFzPMBYw66AEgTe0Ke6ISo3LecbBJ8tgRf94mHMMU6ymUj1+NxdmP1B8h/FwkGFxSLoaHX70DGUpXufkEw+SLQ9KRtAqxneaJLgo1+GRUKu2R6/CAENlT6Gb8zTo2+1BI70wvcS2LRfIdxg4DfXrdBOHFwprC3SuFKsWSxkCrRGDBTvNYK4f8OiTMfNXgWN1w2HZAeJ8bDkZXoM4pgaL105pmTSPTS9DzgeHPzBVl7SNYq3szgTSsDIg3EUklZqWIo01Gs2cR5wQVD0mE64sAxWp6EJ/F3MeqtvVLCtBlRYKe4YTmJCo6q2oftWFmSzdDTuhhSfpf4Nmo23cVUEarBkL/fC0mrs2r8wY5wZME8p9Rgg5z5eSYuZ5qUJ7AUhpQIETCCyTkmk0eg0ZXdKXEkKbZJSPKj85AS2RHFjCKn2Cjex0JzlCZzTAh3bKufNL+LtLjNBpdrRkJ1cPXVrB83BuL7Nj6ANdesybt9WdFGQZhJmQSjqtXoAfAVZZmIzty3VMbsA3hubGnSk6AkY46D07pFA4Xkzgg3e2dDs6TDKdIcyYjNuGis1tKdjoSuPmEYLrlGoejLiC9pE5Qp8YdoHekZjm1h355ohReA32tc4Ye5c6QusnprHJY/AdiUzPqKSZSkouHwtpRaLBX8EUORxbNJHvIS8aQgRF5k5NMFkUWqEYNOZgamWRnEDURV/ecKAKkLc48gqMKP86htpOfEjhPdERlFxVWR7qEsTEGT6U7mp7gdQYFe5o0tYWnB/jBxMDwlNxfkrkDojQYWtjCK11VKLbAajkBK1qD0qQGcqdAf9RTeDBZPYRTPbEJ85MwoLUobWg4635dpcMPACyZyZD2GTYmB/SRTmRqpB2AJWo8L+tTlDrYcDLylkNWJu1JzF0euKBzuEYDoKklyJIGwxPcUJFy0Xw6ulIE1T5gVi0xYFqhNDULABjSSa8Pkyg1QZYJusjVWQLfq3F4h8oKMPAQYd5N5NdA6RaYjI7XAB+HByVEI7TCmWhOf0NLl94dRZmjVXHQgQPAfhk+khjGKtdU+oVpFs6U+dddqpFFhp+d5iTbMMTFbtGFgvqb2ujJxiRGrOCPUqNdLF2HiL4YcPOFCDZKK4xJcEVwcHwM2SowPrczYNOZszh+Baa0iy3Bgk/ZixFwW46xh5FvUTFTKwilWi0JCnjFgsl/ZcdSigRS8DNLYNLLdDx1XD2gjKIASbdZcbKYTBHfVDeBS/gB27QP0FjHozbNrtOR5JUCWHSGLbJXMaE9AnOSfFDhnKNCdEKJpvVO/qcqaKAj7Sv1phV5iviyQXsPltjOoKqbFmDBcfQFNJwojieFkZ8aUv2PlMq7NFAk7lUJzW4SfcazCbd9ZhrQ2vKwXUeEzv9dEP5sfIPgwXBzoDVksIRRBsHVVvjyCa4ophTDHt/h6fSkzO36LNtjJd0o+Aq5BIro4ag9pmW/fDYlcVi4SQb3RPdIfoemDcQuOaU4hwBUSLmTSbbth6kH37XOO8cfZbripIiP2MC7gKXMZNScRC1t0aX90OOxH2hi2y4htAoVrVonF3L8gl4Jj6fghN6nhY3AIQsVgdtvKKmhytWt9inqOjCWOSln4E8ieoW1WpL+qw7ydVew/N0FUjQL0xq5PjxsNaSgkyXloAg0Y7LlYpkHEXtOPOtu/5NyExxoxiKtEw7lAjwVwseAn3oMe8LpFZyJuhOGdkOQE4V/GyD56K58RFYcshWA54PCstlUOi/18d94vf40YqQRiQQLXMtn+pKBCdFYX9amj5yqAzBpBEZH9mJdD5wSoLPh7215A4rrGMxI2eRYreJAblxK8lD+BltWkge90JMwuFP2XU8gDiHwTtmksS8VPPVoJ3UYcnhHzk2T2pL3JFyrcE0JAgblhnYI4Jol+4F06BdgiMsxYHZF+lC375UGQD9NTn40UBSaAYvoNWSr0BXZlLQ5QxzjWPIJNupaEM/TII8GwctRQqbNqu1BMGBH7NDaYD0IdT43o/uWJ1ZKjNjrdelswz+oNDD4KB/MReAOWdrwZVPJofPsFrwHB0Gku6AKpQQKtRCJEWkWmzb/tqCP74cg3inUYAGVoVkuLQuJ1QCejTZ0tUdUskz2iGAZ2Cznc9DWAQ1GCOgu2tepGyLnw/znZS1nXGBzmnBzOtqkY24gIRwxjl10yBgn2EGHTR+NO7vZs7//ve/f/aft354c/W/fr16/d1v3+ofP3//6vWPt/6oT19d/fT9rT/eevLm1Y+vXl+8evO3n9+8fXj31me3frh6+fbXN1ffvn7516vzL3z77nZ89d2t//ryb9z19v1TKxP99MCxR/TBrr18duurZzkdH7TDAUcvGaBpAtbPbt355t790x9WuBUkp0TcOi2f3br3r/fiEp2lrdCMCHto7vqrR8+PdywMJJWwwmsHCfVntx7e+WLvQZ49PuWbACIDM6RjsSt00NpePDv9WXSRgKxbmMKedMfLr57s3fHx3RfH58jSmyTK5iqB11PyjM+/PF4b0GpRwhygYLTXesjnj/ce5MEXd49/JgcEuBhdIqBX9Rx/+nLvOe7ee7S3iE8fXhzvx7BuIvQS50YP+Oji692Hv3h45/Heetx79nBXRJ9//ej09Gcg7Ltf3t6747Mvnpy2cwR3R2DpAXi2z279+eHpKemFgoeC3gU8FK3wxRd7P3b7ye4Cf/7s4nQpQ1xMqEc2Tn905+mz4/3o+qLeqEcgZmFBnn51f++37jy/1mvnj/j1o8enV6ORXnEF5EmTmJ5nvK58n9/z6cOTpTp/ysdf3tn7q0fPdxfk8pujWGXmPcHj0gtMnPH8Tx/sSNwX90+Sz/z6NZCJofNZ4Puntdpa/IvrOtWG6D++93h3kZ9/dd0QefYod55f7q3j5bUYkH6GXLtDJabgQYJ1uasnHj+8zoCc79rlN8925fHLh6c1OT800i97j//Fs+d7B/TywcXept178Wz3hH5171pCztXBo4ePdy89ON2SKAMAhrTrgA8cJfLF3mL96Yvbe4Jwcfv/2RWEuy/u7L3153ee7CzVVw/v7W3n5Z1Hu1t28Xx3qW4/OZ7d8/e6+/zFrjBe3N39sccXd/cW8YuLaxGG8pJBbDJadBrr1+5fPtlb4DuP7u0+/uW9i92HvHN3Vy1982LXsN7+Yv+Otz8/afdcm4JFuhGg4ZYHJ7N1fZzOD+H9kxlP8A8VhlCB21mn3u3zFxe7EvL03p9PK5llFzrZjHVIVvUcJzt+fuXOtR08NyQXj49a4qOfgZFEe3b5dPcp7lxcx89n0vj40cO99/rmm3/dNT8PH+391e0Hj3d1y9O7X++u/f17aVdfffPlo70Vuf3o2c4yPr63a6ofX2vUDf195+lJBtpsM3I0EEjVVrHwz3Zdr7tf7on+o/sv9m746OJyV04fXBu0cwv/8NqFOnN5br/YF24ZhLKzVA8uv9r1eO5+fXtHdJ48+3z36R9ffrN73h9ea5ctXfDozu61+4+f7u7a0weP9s31o692JfLrh9/s3vPiywd7Avn8y0e7r/7k8tGe8nzwTiRvruXtL+7t/dGd+9eee+lkWBUeLfBP6TFeXLzY+6tnT+7sK9VrX29jQZ5/ebl77fL5oz0h//rB7Wvn/Uwb/+nzP+/92dOLa9dyI3S6vPv53t89e3hnV87vXyvCjTd4fOfh/ps/ufZuNmTh7qMHuz/4zZMXe2rhX5892Nu723d3F/Py89u7P3Z58dXutT9d7Do4t59c7qiMpy8e756cy8/345b7T/cdkruXj3evPX34fPeeD+88332Wx7cv917u/rPb+wb4wa4QPb6OHDeW68vPd1/g8Z/v7e7As8/v7l57/vRif1Ee7BvGi+tTt6Gcnzy7u/PmxxTJ25dvfrx6++1fr16+/p1Jku+vfnj5609vv/33lz/9esW9M8M0mZfBsCyJ+CfzKMff5Cd1u+sHOGZRTo+bo1WxoAYbfbv13UtuXDktzcaV04JuXDltw8aV0+ZtXDlt+dbfPNz7nZNwbVw5ieTW3Y5yvHHlJP1bv/Nw78rppG09wdO9vzmd6q3febF3t5P+2LhyUjpbv3NUVZtPsLc6J624ceWkSjeunPTv1uo82vuba2W/tUFHG7G1pEfLsiVwR3u09ap390Tk2vZtrenRYm5cubazW7+0e4RONn3jyskT2HqjJ3tvdHI6tu52f08UTu7NxpWTS7Rx5eRHbb7P3pWTy7a1cEdHb+vZHu2J6cmp3JKEx3uScHJgt473xa5Sutx7tpOLvSXaX+8doZMzv6nIjhHA1iK82BP6U7Cx9UPf7F05xTVbV+7vCc8pgtp61WPYtSVwuzru8a5WerwrcKdQckvD7ArcddS6JT139wzXKUTeuvJw74dOwfjWCz3a27rrsH9T5PYE+JRi2Lrdn/Z26JTL2FqEe3ua7JQ12VzTPaV0ys9sPcHne4twygVtLemLvd85ZZ22jve9vbudMlybZmPP3l4n0zYFeNdV2jWRp2zfpvk+vtB8l0jcerc7ezc+pSy3dvHO3rudcqNbL3DMqG7ZvS/2lNopd7ulUR7sndpTlnjrfU655Y1Lp5T01vI82Nv6U/J7S6k93nUzTnn2rR/6Zu8RrnP6W7+0ezQud1XhqeawZWG/2hfMe7vK61QW2bp0f++VTiWYTeW+Z8sv9w3P8121/+WeOF6XojaPzbGCteVPnApfm8u669g93fW3TrW5rSP2bE/uTkXATc2/tw6ncuOWBH2xe5S/3DuWp3Lo1jl6tqeQr0uvm37D3sM93Y3B7u7a88tde/Vg16c5Fa43d3Xvbqci+dYTfLW3pKdy/LbK2DtFD3fN7AkvsLUPJ4wBlOUf/uc9MmFLP54QDZsneUcz/H5Mxourl2//cvVmD5FxuuzxGM//8uvr76/e/OG//eHRqx//8vZ1/JCeioHe4zgreF0KebY7P/386/e/7Vx8cPXy33/7w+c/7/3xg5evftq5dPnr69d7t7378q8v9SY//uHFq9ff7z7X1cs3O9eevXz1evPS/0lW5/0yn+d0GvC6OSozYVKv9RNbYVI67x61TODUlTnFmdTWh294fu18hc6/836Fz6+925iNSx/t6dZjvROI84t7cnXzm8eN+Pn11bd/+fnt79oEvndas9PC3Fjk46fvn+/scnx8tnQ3vvbx1euFuvGl+PCjlbr5hXdXroXxxhfiw3dbdOPi8dOdxbzx3a3vfHpxP/+JL9+9+unlb89/+9vVx8v76OXbqz9cvHrz3ZuXP7z9Q3zp/E++3foWHvnl7l+8v6bv/bz/tetLn36Nu1e/vLUS8sEXzuXj44s70vHhl3Zk48OvbEjGR5fP5eLDyzek4sNLXiY+/OY/JhF3Xr558+rmMt67/Bft8Pur354+UKRx9fa2fu+XD669+0h+yM8//vL25S9/QT7+4+VvH37r7JIe7X9IKb7Rq199/+1ff/7+6id++ur1L1d//befruIZP9Ctutd/v3Xx7z8+f/Xd/7x6+/TNq++Q3o1nYEm2wYkfX/lIN7vd3tjmva3d2NNP7ZC+8UoL8/q7q8evfrriBT44F4/jFg5wua0KvWrb1Gn7euzTekeW8uVvT354cXX1P0OOfn3z7c8/fKvPbmmHv/vp5S+/vPrh1Xcv3776+fW3P738t6ufYjOTvps3vvEfV9yYr6QD/MFrdJJ1Wgjr8lk+pP/xzpa+RYf98cYNbt2QKu4k2//malOm/i/9/tXVt7+8ffPrd/xW/P5rPcq3Wv+r/y27+Nmt17/+9d+0mr+8/Ovf2PU/lpJlRbV9P1x7G/+SDyvjbNOAxBRe9PH3/3F0Y3Ze5XfI2v4uuxOwI5H/Jz91dqhuCP3eidqU1Q+lbed0bp8WL5r/H278L3/76dXbb08bGt87fvJj2Armtw0a00di7Av+1tu/vLn65S8//xQ+YHvvqv509cPbW3/UA1zx2XevfuHFTk/709tbiNgPb7/97i+v+Mv82a03vPL1vxek68PnzRvPq+Dl7HnzjeeFMxB8VXD2QhL0T3rgeuOBl5sPXM4fOFOX/vBg0RjMzCoo12eHwOLmXerGXdZUz167nG3TStspJBb0Ko3xT3rtduO1+80HXjYeeDkXq3rjeWlAGTlpFQA2TZAEHzxvLf+4YI0bT5znzUduG488Rjp75uVsjVMHm8NIu1Ra/yct8c0HPnvevvG8xH8fS1ZrkwaMUnRe25zrzbuMLfkEhXjjrdv5gcorPPkzZv+09k967fXmPqWbTzy3ROtcA/SPHzjR1zwgnolunJw/VlnQ3BwYrAvpBRz5/+Djl5vPX8+ef908Gv3sBcbZii9Mks+yA5jfdf6zdO5NpZvPte6Gmcj1fM3rzTVnbqdU28gnarqPHrkt//Azl5uno5wdj7xhKkBonz30vLHO+UDT1hqTFOmD/6fZtpu2Ip8Zi7xlLco4e+T1TG1KZrN0z5yZWVAfi8Y/rjXLmT0+F40t01TyuTjnGy7EelhW5n/SwA9/wj/LNOWbtimfGae8ZZ3ameqsDP+ilYXpM+PcKOcti5F59Rte84REAr7JRhtuO9PBeUuVp3PLk296NRBVrDHKqEHnk26uYUorlPvwstFUzXv/Y3Jwc03L+ZpuGZL3D/z+HW64KCXmdurZC4jwWj4+bSX/43JwUxOXM02cN0wJZ+djMSgZsDCDE2QdQPSd3WZLo29sX7mpHZlC1SFAXOXSz7X+s45Avalp6rlbuqXR8w3JhX8SdhFGpbUi7/ls18uGkm3nK0hH84SBpEAPfH6XDbW3oajPxX+J7m85aQkk5ZnwzzKZwX5kL1zrP6wFby5nOV/ODS3IEn+8DrBeQi6xjs5MyzOFUjb00nIjCFfQB+dF7ymmXNczaSwbWgmA6cePkgKcGqO1oFc7v8uGSur95l0YjzmBiOvcMrfi7C5bSgEk7I3oRzfJsDj0BDnT2V22jmk6k1WoT2EHn9r0Rqv9uZxtHtRPuo5S4JKhVZK0NgaRpuVjN0YizXCnJUnX0hz9j57am8a2nq1n3Ti1y5mYQUnE/JQMk4gcsHx2m41T29dzaQX5DxPIypufyXzdOLU344/MpOeKH8U8o9bONUjdODlrPhO0mdfcoYZY4Q47j483Ts7N7FViZkWCezjRtzMlbp9KX51ld3fqPP+knK9Lq36YKNpO636Uv/r/US6JaXdrCmqcBOvEDTO4NsZbLkwLnzkK1/9lmaW8tnMrfjMTBk8gTEShAhlr/vHTV9j5IKupbeJI/hfmmcqWDb259p3BXFOBg86Vnr7+VyWItsKGuREFnzlNdHTCoUX9tunJl/+yxMOGjmnLp2PgtGa4puGHW4dE6uYSM60dEYI8Yugr9Lr838kYbXgG/29tZ7eaQAwF4fs+Sy/yc7LZPI1IkUUoWIq+f+ezheKegCG0BW+qLGrck5lPdybF6sYkKboSKjCjTPPxAHgqbk8v2RJLtTbqmbxM6SiD7PTFSqB4WLh4l9w2d5AeCnLqM0gPpKIj0S4mHT/EY6Jnq+bgBjVVJSA5jDLR3brqWUeJZi0sSX55dlUn8YwM5/PBm6k41FQl2bpRdv5ovtA1kDJsGVvmrH0cgK9dWpM6WK+4zYPSHj3S6Har+2kgwdAoxb4niZKEMzuAZ+lN9RbYkckoR8AnpIZ7MPDuRZBt/X/OpcdvqmMY/IAJclEprJByiNW74N54TM+xJuXBmhQknpGd8GdfUYxwoM5AtOhGWaTetZCdSr69tvEhfhPNv4cNWS4Ja02KIKxDEMXr+0UnJQl1VPNC3kewhpkfB+5UMgpeaMpqqa3fEG+3U5H2yGWeC61eIU+fTANspjOWU/Xb7Z7ekju1kDNIll6Nj2qMKcB1+FYDV1inWas2wEW7gKVjsqzS31ZpbCDBegSwJMve/LZIEGkL7LjBOlig59aczyryRdgsgsTzam6v7HEOGUxv13S+pHtzQJYDGAIdtePoCRArNNuTrxuz4ddkU47b9nnajtfT4XK7ftyueLf3yyYDdH476B6tN8vHv39djxzO689NR9HfyxcUO/PXt88BAA==", + "tags": [ + "test-class-01" + ], + "metadata": { + "analytics_config": { + "max_num_threads": 1, + "create_time": 1632242433674, + "model_memory_limit": "24mb", + "allow_lazy_start": false, + "description": "for api test", + "analyzed_fields": { + "excludes": [], + "includes": [ + "AvgTicketPrice", + "Cancelled", + "Carrier", + "DestAirportID", + "DestWeather", + "DistanceMiles", + "FlightDelay", + "FlightDelayMin", + "FlightDelayType", + "FlightTimeHour", + "OriginWeather", + "dayOfWeek", + "hour_of_day", + "OriginAirportID" + ] + }, + "id": "test-class-01", + "source": { + "runtime_mappings": { + "hour_of_day": { + "type": "long", + "script": { + "source": "emit(doc['timestamp'].value.getHour());" + } + } + }, + "query": { + "match_all": {} + }, + "index": [ + "kibana_sample_data_flights" + ] + }, + "dest": { + "index": "test-class-01", + "results_field": "ml" + }, + "analysis": { + "classification": { + "early_stopping_enabled": true, + "randomize_seed": -3456303245926199422, + "dependent_variable": "Cancelled", + "num_top_classes": -1, + "training_percent": 17.0, + "class_assignment_objective": "maximize_minimum_recall", + "num_top_feature_importance_values": 0, + "prediction_field_name": "Cancelled_prediction" + } + }, + "version": "8.0.0" + } + }, + "input": { + "field_names": [ + "AvgTicketPrice", + "Carrier", + "DestAirportID", + "DestWeather", + "DistanceMiles", + "FlightDelay", + "FlightDelayMin", + "FlightDelayType", + "FlightTimeHour", + "OriginAirportID", + "OriginWeather", + "dayOfWeek", + "hour_of_day" + ] + }, + "inference_config": { + "classification": { + "num_top_classes": -1, + "top_classes_results_field": "top_classes", + "results_field": "Cancelled_prediction", + "num_top_feature_importance_values": 0, + "prediction_field_type": "boolean" + } + } +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_abc_1/transform.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_abc_1/transform.yml new file mode 100644 index 000000000..04d328029 --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_abc_1/transform.yml @@ -0,0 +1,31 @@ +source: + index: kibana_sample_data_ecommerce + query: + term: + geoip.continent_name: + value: Asia +pivot: + group_by: + customer_id: + terms: + field: customer_id + aggregations: + max_price: + max: + field: taxful_total_price +description: Maximum priced ecommerce data by customer_id in Asia +dest: + index: kibana_sample_data_ecommerce_transform1 + pipeline: add_timestamp_pipeline + aliases: + - alias: kibana_sample_alias1 + move_on_creation: false +frequency: 5m +sync: + time: + field: order_date + delay: 60s +retention_policy: + time: + field: order_date + max_age: 30d diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_bdc_2/manifest.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_bdc_2/manifest.yml new file mode 100644 index 000000000..2cc4972fc --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_bdc_2/manifest.yml @@ -0,0 +1 @@ +start: false diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_bdc_2/transform.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_bdc_2/transform.yml new file mode 100644 index 000000000..c01eab1e1 --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/good_example_bdc_2/transform.yml @@ -0,0 +1,33 @@ +source: + index: kibana_sample_data_ecommerce + query: + term: + geoip.continent_name: + value: Asia +pivot: + group_by: + customer_id: + terms: + field: customer_id + aggregations: + max_price: + max: + field: taxful_total_price +description: Maximum priced ecommerce data by customer_id in Asia +dest: + index: kibana_sample_data_ecommerce_transform1 + pipeline: add_timestamp_pipeline + aliases: + - alias: kibana_sample_alias1 + move_on_creation: false + - alias: kibana_sample_alias2 + move_on_creation: true +frequency: 5m +sync: + time: + field: order_date + delay: 60s +retention_policy: + time: + field: order_date + max_age: 30d diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/fields/fields.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/fields/fields.yml new file mode 100644 index 000000000..00d5202b6 --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/fields/fields.yml @@ -0,0 +1,198 @@ +- name: '@timestamp' + type: date +- name: updated_at + type: alias + path: event.ingested +- name: Endpoint + type: group + fields: + - name: configuration + type: group + fields: + - name: isolation + type: boolean + null_value: false + - name: policy + type: group + fields: + - name: applied + type: group + fields: + - name: id + type: keyword + ignore_above: 1024 + - name: name + type: keyword + ignore_above: 1024 + - name: status + type: keyword + ignore_above: 1024 + - name: state + type: group + fields: + - name: isolation + type: boolean + null_value: false + - name: status + type: keyword + ignore_above: 1024 + - name: capabilities + type: keyword + ignore_above: 128 + doc_values: false +- name: agent + type: group + fields: + - name: id + type: keyword + ignore_above: 1024 + - name: name + type: keyword + ignore_above: 1024 + - name: type + type: keyword + ignore_above: 1024 + - name: version + type: keyword + ignore_above: 1024 +- name: data_stream + type: group + fields: + - name: dataset + type: constant_keyword + value: endpoint.metadata + - name: namespace + type: keyword + - name: type + type: constant_keyword + value: metrics +- name: ecs + type: group + fields: + - name: version + type: keyword + ignore_above: 1024 +- name: elastic + type: group + fields: + - name: agent + type: group + fields: + - name: id + type: keyword + ignore_above: 1024 +- name: event + type: group + fields: + - name: action + type: keyword + ignore_above: 1024 + - name: category + type: keyword + ignore_above: 1024 + - name: code + type: keyword + ignore_above: 1024 + - name: created + type: date + - name: dataset + type: keyword + ignore_above: 1024 + - name: hash + type: keyword + ignore_above: 1024 + - name: id + type: keyword + ignore_above: 1024 + - name: ingested + type: date + - name: kind + type: keyword + ignore_above: 1024 + - name: module + type: keyword + ignore_above: 1024 + - name: outcome + type: keyword + ignore_above: 1024 + - name: provider + type: keyword + ignore_above: 1024 + - name: sequence + type: long + - name: severity + type: long + - name: type + type: keyword + ignore_above: 1024 +- name: host + type: group + fields: + - name: architecture + type: keyword + ignore_above: 1024 + - name: domain + type: keyword + ignore_above: 1024 + - name: hostname + type: keyword + ignore_above: 1024 + - name: id + type: keyword + ignore_above: 1024 + - name: ip + type: ip + - name: mac + type: keyword + ignore_above: 1024 + - name: name + type: keyword + ignore_above: 1024 + - name: os + type: group + fields: + - name: Ext + type: group + fields: + - name: variant + type: keyword + ignore_above: 1024 + - name: family + type: keyword + ignore_above: 1024 + - name: full + type: keyword + ignore_above: 1024 + multi_fields: + - name: caseless + type: keyword + ignore_above: 1024 + normalizer: lowercase + - name: text + type: text + norms: false + - name: kernel + type: keyword + ignore_above: 1024 + - name: name + type: keyword + ignore_above: 1024 + multi_fields: + - name: caseless + type: keyword + ignore_above: 1024 + normalizer: lowercase + - name: text + type: text + norms: false + - name: platform + type: keyword + ignore_above: 1024 + - name: version + type: keyword + ignore_above: 1024 + - name: type + type: keyword + ignore_above: 1024 + - name: uptime + type: long diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/manifest.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/manifest.yml new file mode 100644 index 000000000..11a817930 --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/manifest.yml @@ -0,0 +1,20 @@ +destination_index_template: + settings: + index: + codec: best_compression + sort: + field: + - "@timestamp" + - agent.id + order: + - desc + - asc + mappings: + dynamic: true + dynamic_templates: + - strings_as_keyword: + match_mapping_type: string + mapping: + ignore_above: 1024 + type: keyword + date_detection: false diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/transform.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/transform.yml new file mode 100644 index 000000000..2834aa84f --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_current/transform.yml @@ -0,0 +1,22 @@ +source: + index: metrics-endpoint.metadata-* + query: + range: + "@timestamp": + gt: now-90d/d +dest: + index: metrics-endpoint.metadata_current_default +latest: + unique_key: + - elastic.agent.id + sort: "@timestamp" +description: Latest Endpoint metadata document per host +_meta: + managed: true +frequency: 1s +sync: + time: + field: event.ingested + delay: 1s +settings: + unattended: true diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/fields/fields.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/fields/fields.yml new file mode 100644 index 000000000..32b4c99bf --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/fields/fields.yml @@ -0,0 +1,363 @@ +- name: agent + type: group + fields: + - name: id + type: keyword + ignore_above: 1024 +- name: united + type: group + fields: + - name: endpoint + type: group + fields: + - name: '@timestamp' + type: date + - name: Endpoint + type: group + fields: + - name: configuration + type: group + fields: + - name: isolation + type: boolean + null_value: false + - name: policy + type: group + fields: + - name: applied + type: group + fields: + - name: id + type: keyword + ignore_above: 1024 + - name: name + type: keyword + ignore_above: 1024 + - name: status + type: keyword + ignore_above: 1024 + - name: state + type: group + fields: + - name: isolation + type: boolean + null_value: false + - name: status + type: keyword + ignore_above: 1024 + - name: capabilities + type: keyword + ignore_above: 128 + doc_values: false + - name: agent + type: group + fields: + - name: id + type: keyword + ignore_above: 1024 + - name: name + type: keyword + ignore_above: 1024 + - name: type + type: keyword + ignore_above: 1024 + - name: version + type: keyword + ignore_above: 1024 + - name: data_stream + type: group + fields: + - name: dataset + type: constant_keyword + value: endpoint.metadata + - name: namespace + type: keyword + - name: type + type: constant_keyword + value: metrics + - name: ecs + type: group + fields: + - name: version + type: keyword + ignore_above: 1024 + - name: elastic + type: group + fields: + - name: agent + type: group + fields: + - name: id + type: keyword + ignore_above: 1024 + - name: event + type: group + fields: + - name: action + type: keyword + ignore_above: 1024 + - name: category + type: keyword + ignore_above: 1024 + - name: code + type: keyword + ignore_above: 1024 + - name: created + type: date + - name: dataset + type: keyword + ignore_above: 1024 + - name: hash + type: keyword + ignore_above: 1024 + - name: id + type: keyword + ignore_above: 1024 + - name: ingested + type: date + - name: kind + type: keyword + ignore_above: 1024 + - name: module + type: keyword + ignore_above: 1024 + - name: outcome + type: keyword + ignore_above: 1024 + - name: provider + type: keyword + ignore_above: 1024 + - name: sequence + type: long + - name: severity + type: long + - name: type + type: keyword + ignore_above: 1024 + - name: host + type: group + fields: + - name: architecture + type: keyword + ignore_above: 1024 + - name: domain + type: keyword + ignore_above: 1024 + - name: hostname + type: keyword + ignore_above: 1024 + - name: id + type: keyword + ignore_above: 1024 + - name: ip + type: ip + - name: mac + type: keyword + ignore_above: 1024 + - name: name + type: keyword + ignore_above: 1024 + - name: os + type: group + fields: + - name: Ext + type: group + fields: + - name: variant + type: keyword + ignore_above: 1024 + - name: family + type: keyword + ignore_above: 1024 + - name: full + type: keyword + ignore_above: 1024 + multi_fields: + - name: caseless + type: keyword + ignore_above: 1024 + normalizer: lowercase + - name: text + type: text + norms: false + - name: kernel + type: keyword + ignore_above: 1024 + - name: name + type: keyword + ignore_above: 1024 + multi_fields: + - name: caseless + type: keyword + ignore_above: 1024 + normalizer: lowercase + - name: text + type: text + norms: false + - name: platform + type: keyword + ignore_above: 1024 + - name: version + type: keyword + ignore_above: 1024 + - name: type + type: keyword + ignore_above: 1024 + - name: uptime + type: long + - name: agent + type: group + fields: + - name: access_api_key_id + type: keyword + - name: action_seq_no + type: integer + index: false + - name: active + type: boolean + - name: agent + type: group + fields: + - name: id + type: keyword + - name: version + type: keyword + - name: default_api_key + type: keyword + - name: default_api_key_id + type: keyword + - name: enrolled_at + type: date + - name: last_checkin + type: date + - name: last_checkin_status + type: keyword + - name: last_updated + type: date + - name: local_metadata + type: group + fields: + - name: elastic + type: group + fields: + - name: agent + type: group + fields: + - name: build + type: group + fields: + - name: original + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 256 + - name: id + type: keyword + - name: log_level + type: keyword + - name: snapshot + type: boolean + - name: upgradeable + type: boolean + - name: version + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 16 + - name: host + type: group + fields: + - name: architecture + type: keyword + - name: hostname + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 256 + - name: id + type: keyword + - name: ip + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 64 + - name: mac + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 17 + - name: name + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 256 + - name: os + type: group + fields: + - name: family + type: keyword + - name: full + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 128 + - name: kernel + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 128 + - name: name + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 256 + - name: platform + type: keyword + - name: version + type: text + multi_fields: + - name: keyword + type: keyword + ignore_above: 32 + - name: packages + type: keyword + - name: policy_coordinator_idx + type: integer + - name: policy_id + type: keyword + - name: policy_output_permissions_hash + type: keyword + - name: policy_revision_idx + type: integer + - name: shared_id + type: keyword + - name: type + type: keyword + - name: unenrolled_at + type: date + - name: unenrolled_reason + type: keyword + - name: unenrollment_started_at + type: date + - name: updated_at + type: date + - name: upgrade_started_at + type: date + - name: upgraded_at + type: date + - name: user_provided_metadata + type: object + enabled: false + - name: other_provided_metadata + type: object + object_type: keyword + enabled: true diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/manifest.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/manifest.yml new file mode 100644 index 000000000..075748d4e --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/manifest.yml @@ -0,0 +1,13 @@ +destination_index_template: + settings: + index: + codec: best_compression + mappings: + dynamic: false + dynamic_templates: + - strings_as_keyword: + match_mapping_type: string + mapping: + ignore_above: 1024 + type: keyword + date_detection: false diff --git a/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/transform.yml b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/transform.yml new file mode 100644 index 000000000..aed5be175 --- /dev/null +++ b/test/packages/bad_agent_version_v3/elasticsearch/transform/metadata_united/transform.yml @@ -0,0 +1,28 @@ +source: + index: + - metrics-endpoint.metadata_current_default* + - ".fleet-agents*" +dest: + index: ".metrics-endpoint.metadata_united_default" +frequency: 1s +sync: + time: + delay: 4s + field: updated_at +pivot: + aggs: + united: + scripted_metric: + init_script: state.docs = [] + map_script: state.docs.add(new HashMap(params['_source'])) + combine_script: return state.docs + reduce_script: def ret = new HashMap(); for (s in states) { for (d in s) { if (d.containsKey('Endpoint')) { ret.endpoint = d } else { ret.agent = d } }} return ret + group_by: + agent.id: + terms: + field: agent.id +description: Merges latest Endpoint and Agent metadata documents +_meta: + managed: true +settings: + unattended: true diff --git a/test/packages/bad_agent_version_v3/img/kibana-system.png b/test/packages/bad_agent_version_v3/img/kibana-system.png new file mode 100644 index 000000000..8741a5662 Binary files /dev/null and b/test/packages/bad_agent_version_v3/img/kibana-system.png differ diff --git a/test/packages/bad_agent_version_v3/img/metricbeat_system_dashboard.png b/test/packages/bad_agent_version_v3/img/metricbeat_system_dashboard.png new file mode 100644 index 000000000..2ff6ad8bd Binary files /dev/null and b/test/packages/bad_agent_version_v3/img/metricbeat_system_dashboard.png differ diff --git a/test/packages/bad_agent_version_v3/img/system.svg b/test/packages/bad_agent_version_v3/img/system.svg new file mode 100644 index 000000000..0aba96275 --- /dev/null +++ b/test/packages/bad_agent_version_v3/img/system.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/alerting_rule_template/apm-anomaly-rule-test.json b/test/packages/bad_agent_version_v3/kibana/alerting_rule_template/apm-anomaly-rule-test.json new file mode 100644 index 000000000..077826de6 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/alerting_rule_template/apm-anomaly-rule-test.json @@ -0,0 +1,24 @@ +{ + "id": "apm-anomaly-rule-test", + "type": "alerting_rule_template", + "attributes": { + "name": "APM Anomaly rule test", + "tags": ["Testing"], + "ruleTypeId": "apm.anomaly", + "schedule": { + "interval": "1m" + }, + "params": { + "windowSize": 30, + "windowUnit": "m", + "anomalySeverityType": "critical", + "anomalyDetectorTypes": ["txLatency", "txThroughput", "txFailureRate"], + "environment": "ENVIRONMENT_ALL" + }, + "alertDelay": { + "active": 1 + } + }, + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "10.1.0" +} diff --git a/test/packages/bad_agent_version_v3/kibana/csp_rule_template/good_v3-csp-rule-template-abc-1.json b/test/packages/bad_agent_version_v3/kibana/csp_rule_template/good_v3-csp-rule-template-abc-1.json new file mode 100644 index 000000000..0603e3cb3 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/csp_rule_template/good_v3-csp-rule-template-abc-1.json @@ -0,0 +1,36 @@ +{ + "attributes": { + "metadata": { + "id": "6664c1b8-05f2-5872-a516-4b2c3c36d2d7", + "name": "Ensure that the API server pod specification file permissions are set to 644 or more restrictive (Automated)", + "profile_applicability": "* Level 1 - Master Node\n", + "description": "Ensure that the API server pod specification file has permissions of `644` or more restrictive.\n", + "rationale": "The API server pod specification file controls various parameters that set the behavior of the API server. You should restrict its file permissions to maintain the integrity of the file. The file should be writable by only the administrators on the system.\n", + "audit": "Run the below command (based on the file location on your system) on the\ncontrol plane node.\nFor example,\n```\nstat -c %a /etc/kubernetes/manifests/kube-apiserver.yaml\n```\nVerify that the permissions are `644` or more restrictive.\n", + "remediation": "Run the below command (based on the file location on your system) on the\ncontrol plane node.\nFor example,\n```\nchmod 644 /etc/kubernetes/manifests/kube-apiserver.yaml\n```\n", + "impact": "None\n", + "default_value": "By default, the `kube-apiserver.yaml` file has permissions of `640`.\n", + "references": "1. [https://kubernetes.io/docs/admin/kube-apiserver/](https://kubernetes.io/docs/admin/kube-apiserver/)\n", + "section": "Control Plane Node Configuration Files", + "version": "1.0", + "tags": [ + "CIS", + "Kubernetes", + "CIS 1.1.1", + "Control Plane Node Configuration Files" + ], + "benchmark": { + "name": "CIS Kubernetes V1.23", + "version": "v1.0.0", + "id": "cis_k8s" + }, + "rego_rule_id": "cis_1_1_1" + } + }, + "id": "good_v3-csp-rule-template-abc-1", + "type": "csp-rule-template", + "migrationVersion": { + "csp-rule-template": "8.7.0" + }, + "coreMigrationVersion": "8.7.0" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/dashboard/good_v3-dashboard-abc-1.json b/test/packages/bad_agent_version_v3/kibana/dashboard/good_v3-dashboard-abc-1.json new file mode 100644 index 000000000..9bf15ccbd --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/dashboard/good_v3-dashboard-abc-1.json @@ -0,0 +1,40 @@ +{ + "id": "good_v3-dashboard-abc-1", + "type": "dashboard", + "attributes": { + "description": "", + "hits": 0, + "panelsJSON": "[]", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "key": "data_stream.dataset", + "negate": false, + "params": { + "query": "good_v3.foo" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "data_stream.dataset": "good_v3.foo" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + } + } + } + } +} diff --git a/test/packages/bad_agent_version_v3/kibana/lens/good_v3-lens-abc-1.json b/test/packages/bad_agent_version_v3/kibana/lens/good_v3-lens-abc-1.json new file mode 100644 index 000000000..7bedb52b3 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/lens/good_v3-lens-abc-1.json @@ -0,0 +1,4 @@ +{ + "id": "good_v3-lens-abc-1", + "type": "lens" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/map/good_v3-map-abc-1.json b/test/packages/bad_agent_version_v3/kibana/map/good_v3-map-abc-1.json new file mode 100644 index 000000000..22d500ab8 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/map/good_v3-map-abc-1.json @@ -0,0 +1,4 @@ +{ + "id": "good_v3-map-abc-1", + "type": "map" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/ml_module/good_v3-ml-module-abc-1.json b/test/packages/bad_agent_version_v3/kibana/ml_module/good_v3-ml-module-abc-1.json new file mode 100644 index 000000000..6803e3950 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/ml_module/good_v3-ml-module-abc-1.json @@ -0,0 +1,403 @@ +{ + "attributes": { + "id": "nginx_ecs", + "title": "Nginx access logs", + "description": "Find unusual activity in HTTP access logs from filebeat (ECS).", + "type": "Web Access Logs", + "logo": { + "icon": "logoNginx" + }, + "defaultIndexPattern": "filebeat-*", + "query": { + "bool": { + "filter": [ + { + "term": { + "event.dataset": "nginx.access" + } + }, + { + "exists": { + "field": "source.address" + } + }, + { + "exists": { + "field": "url.original" + } + }, + { + "exists": { + "field": "http.response.status_code" + } + } + ] + } + }, + "jobs": [ + { + "id": "visitor_rate_ecs", + "config": { + "groups": [ + "nginx" + ], + "description": "HTTP Access Logs: Detect unusual visitor rates (ECS)", + "analysis_config": { + "bucket_span": "15m", + "summary_count_field_name": "dc_source_address", + "detectors": [ + { + "detector_description": "Nginx access visitor rate", + "function": "non_zero_count" + } + ], + "influencers": [] + }, + "analysis_limits": { + "model_memory_limit": "10mb" + }, + "data_description": { + "time_field": "@timestamp", + "time_format": "epoch_ms" + }, + "model_plot_config": { + "enabled": true + }, + "custom_settings": { + "created_by": "ml-module-nginx-access", + "custom_urls": [ + { + "url_name": "Raw data", + "url_value": "discover#/?_g=(time:(from:\u0027$earliest$\u0027,mode:absolute,to:\u0027$latest$\u0027))\u0026_a=(columns:!(_source),filters:!((\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:event.dataset,negate:!f,params:(query:\u0027nginx.access\u0027),type:phrase,value:\u0027nginx.access\u0027),query:(match:(event.dataset:(query:\u0027nginx.access\u0027,type:phrase))))),index:\u0027INDEX_PATTERN_ID\u0027,interval:auto,query:(language:kuery,query:\u0027\u0027),sort:!(\u0027@timestamp\u0027,desc))" + } + ] + } + } + }, + { + "id": "status_code_rate_ecs", + "config": { + "groups": [ + "nginx" + ], + "description": "HTTP Access Logs: Detect unusual status code rates (ECS)", + "analysis_config": { + "bucket_span": "15m", + "detectors": [ + { + "detector_description": "Nginx access status code rate", + "function": "count", + "partition_field_name": "http.response.status_code" + } + ], + "influencers": [ + "http.response.status_code", + "source.address" + ] + }, + "analysis_limits": { + "model_memory_limit": "100mb" + }, + "data_description": { + "time_field": "@timestamp", + "time_format": "epoch_ms" + }, + "model_plot_config": { + "enabled": true + }, + "custom_settings": { + "created_by": "ml-module-nginx-access", + "custom_urls": [ + { + "url_name": "Investigate status code", + "url_value": "dashboards#/view/ml_http_access_explorer_ecs?_g=(time:(from:\u0027$earliest$\u0027,mode:absolute,to:\u0027$latest$\u0027))\u0026_a=(description:\u0027\u0027,filters:!((\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:event.dataset,negate:!f,params:(query:\u0027nginx.access\u0027),type:phrase,value:\u0027nginx.access\u0027),query:(match:(event.dataset:(query:\u0027nginx.access\u0027,type:phrase)))),(\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:http.response.status_code,negate:!f,params:(query:\u0027$http.response.status_code$\u0027),type:phrase,value:\u0027$http.response.status_code$\u0027),query:(match:(http.response.status_code:(query:\u0027$http.response.status_code$\u0027,type:phrase))))),query:(language:kuery,query:\u0027\u0027))" + }, + { + "url_name": "Raw data", + "url_value": "discover#/?_g=(time:(from:\u0027$earliest$\u0027,mode:absolute,to:\u0027$latest$\u0027))\u0026_a=(columns:!(_source),filters:!((\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:event.dataset,negate:!f,params:(query:\u0027nginx.access\u0027),type:phrase,value:\u0027nginx.access\u0027),query:(match:(event.dataset:(query:\u0027nginx.access\u0027,type:phrase)))),(\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:http.response.status_code,negate:!f,params:(query:\u0027$http.response.status_code$\u0027),type:phrase,value:\u0027$http.response.status_code$\u0027),query:(match:(http.response.status_code:(query:\u0027$http.response.status_code$\u0027,type:phrase))))),index:\u0027INDEX_PATTERN_ID\u0027,interval:auto,query:(language:kuery,query:\u0027\u0027),sort:!(\u0027@timestamp\u0027,desc))" + } + ] + } + } + }, + { + "id": "source_ip_url_count_ecs", + "config": { + "groups": [ + "nginx" + ], + "description": "HTTP Access Logs: Detect unusual source IPs - high distinct count of URLs (ECS)", + "analysis_config": { + "bucket_span": "1h", + "detectors": [ + { + "detector_description": "Nginx access source IP high dc URL", + "function": "high_distinct_count", + "field_name": "url.original", + "over_field_name": "source.address" + } + ], + "influencers": [ + "source.address" + ] + }, + "data_description": { + "time_field": "@timestamp", + "time_format": "epoch_ms" + }, + "custom_settings": { + "created_by": "ml-module-nginx-access", + "custom_urls": [ + { + "url_name": "Investigate source IP", + "url_value": "dashboards#/view/ml_http_access_explorer_ecs?_g=(time:(from:\u0027$earliest$\u0027,mode:absolute,to:\u0027$latest$\u0027))\u0026_a=(description:\u0027\u0027,filters:!((\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:event.dataset,negate:!f,params:(query:\u0027nginx.access\u0027),type:phrase,value:\u0027nginx.access\u0027),query:(match:(event.dataset:(query:\u0027nginx.access\u0027,type:phrase)))),(\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:source.address,negate:!f,params:(query:\u0027$source.address$\u0027),type:phrase,value:\u0027$source.address$\u0027),query:(match:(source.address:(query:\u0027$source.address$\u0027,type:phrase))))),query:(language:kuery,query:\u0027\u0027))" + }, + { + "url_name": "Raw data", + "url_value": "discover#/?_g=(time:(from:\u0027$earliest$\u0027,mode:absolute,to:\u0027$latest$\u0027))\u0026_a=(columns:!(_source),filters:!((\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:event.dataset,negate:!f,params:(query:\u0027nginx.access\u0027),type:phrase,value:\u0027nginx.access\u0027),query:(match:(event.dataset:(query:\u0027nginx.access\u0027,type:phrase)))),(\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:source.address,negate:!f,params:(query:\u0027$source.address$\u0027),type:phrase,value:\u0027$source.address$\u0027),query:(match:(source.address:(query:\u0027$source.address$\u0027,type:phrase))))),index:\u0027INDEX_PATTERN_ID\u0027,interval:auto,query:(language:kuery,query:\u0027\u0027),sort:!(\u0027@timestamp\u0027,desc))" + } + ] + } + } + }, + { + "id": "source_ip_request_rate_ecs", + "config": { + "groups": [ + "nginx" + ], + "description": "HTTP Access Logs: Detect unusual source IPs - high request rates (ECS)", + "analysis_config": { + "bucket_span": "1h", + "detectors": [ + { + "detector_description": "Nginx access source IP high count", + "function": "high_count", + "over_field_name": "source.address" + } + ], + "influencers": [ + "source.address" + ] + }, + "data_description": { + "time_field": "@timestamp", + "time_format": "epoch_ms" + }, + "custom_settings": { + "created_by": "ml-module-nginx-access", + "custom_urls": [ + { + "url_name": "Investigate source IP", + "url_value": "dashboards#/view/ml_http_access_explorer_ecs?_g=(time:(from:\u0027$earliest$\u0027,mode:absolute,to:\u0027$latest$\u0027))\u0026_a=(description:\u0027\u0027,filters:!((\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:event.dataset,negate:!f,params:(query:\u0027nginx.access\u0027),type:phrase,value:\u0027nginx.access\u0027),query:(match:(event.dataset:(query:\u0027nginx.access\u0027,type:phrase)))),(\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:source.address,negate:!f,params:(query:\u0027$source.address$\u0027),type:phrase,value:\u0027$source.address$\u0027),query:(match:(source.address:(query:\u0027$source.address$\u0027,type:phrase))))),query:(language:kuery,query:\u0027\u0027))" + }, + { + "url_name": "Raw data", + "url_value": "discover#/?_g=(time:(from:\u0027$earliest$\u0027,mode:absolute,to:\u0027$latest$\u0027))\u0026_a=(columns:!(_source),filters:!((\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:event.dataset,negate:!f,params:(query:\u0027nginx.access\u0027),type:phrase,value:\u0027nginx.access\u0027),query:(match:(event.dataset:(query:\u0027nginx.access\u0027,type:phrase)))),(\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:source.address,negate:!f,params:(query:\u0027$source.address$\u0027),type:phrase,value:\u0027$source.address$\u0027),query:(match:(source.address:(query:\u0027$source.address$\u0027,type:phrase))))),index:\u0027INDEX_PATTERN_ID\u0027,interval:auto,query:(language:kuery,query:\u0027\u0027),sort:!(\u0027@timestamp\u0027,desc))" + } + ] + } + } + }, + { + "id": "low_request_rate_ecs", + "config": { + "groups": [ + "nginx" + ], + "description": "HTTP Access Logs: Detect low request rates (ECS)", + "analysis_config": { + "bucket_span": "15m", + "summary_count_field_name": "doc_count", + "detectors": [ + { + "detector_description": "Nginx access low request rate", + "function": "low_count" + } + ], + "influencers": [] + }, + "analysis_limits": { + "model_memory_limit": "10mb" + }, + "data_description": { + "time_field": "@timestamp", + "time_format": "epoch_ms" + }, + "model_plot_config": { + "enabled": true + }, + "custom_settings": { + "created_by": "ml-module-nginx-access", + "custom_urls": [ + { + "url_name": "Raw data", + "url_value": "discover#/?_g=(time:(from:\u0027$earliest$\u0027,mode:absolute,to:\u0027$latest$\u0027))\u0026_a=(columns:!(_source),filters:!((\u0027$state\u0027:(store:appState),meta:(alias:!n,disabled:!f,index:\u0027INDEX_PATTERN_ID\u0027,key:event.dataset,negate:!f,params:(query:\u0027nginx.access\u0027),type:phrase,value:\u0027nginx.access\u0027),query:(match:(event.dataset:(query:\u0027nginx.access\u0027,type:phrase))))),index:\u0027INDEX_PATTERN_ID\u0027,interval:auto,query:(language:kuery,query:\u0027\u0027),sort:!(\u0027@timestamp\u0027,desc))" + } + ] + } + } + } + ], + "datafeeds": [ + { + "id": "datafeed-visitor_rate_ecs", + "job_id": "visitor_rate_ecs", + "config": { + "job_id": "visitor_rate_ecs", + "indices": [ + "INDEX_PATTERN_NAME" + ], + "query": { + "bool": { + "filter": [ + { + "term": { + "event.dataset": "nginx.access" + } + } + ] + } + }, + "aggregations": { + "buckets": { + "date_histogram": { + "field": "@timestamp", + "fixed_interval": "15m", + "offset": 0, + "order": { + "_key": "asc" + }, + "keyed": false, + "min_doc_count": 0 + }, + "aggregations": { + "@timestamp": { + "max": { + "field": "@timestamp" + } + }, + "dc_source_address": { + "cardinality": { + "field": "source.address" + } + } + } + } + } + } + }, + { + "id": "datafeed-status_code_rate_ecs", + "job_id": "status_code_rate_ecs", + "config": { + "job_id": "status_code_rate_ecs", + "indices": [ + "INDEX_PATTERN_NAME" + ], + "query": { + "bool": { + "filter": [ + { + "term": { + "event.dataset": "nginx.access" + } + } + ] + } + } + } + }, + { + "id": "datafeed-source_ip_url_count_ecs", + "job_id": "source_ip_url_count_ecs", + "config": { + "job_id": "source_ip_url_count_ecs", + "indices": [ + "INDEX_PATTERN_NAME" + ], + "query": { + "bool": { + "filter": [ + { + "term": { + "event.dataset": "nginx.access" + } + } + ] + } + } + } + }, + { + "id": "datafeed-source_ip_request_rate_ecs", + "job_id": "source_ip_request_rate_ecs", + "config": { + "job_id": "source_ip_request_rate_ecs", + "indices": [ + "INDEX_PATTERN_NAME" + ], + "query": { + "bool": { + "filter": [ + { + "term": { + "event.dataset": "nginx.access" + } + } + ] + } + } + } + }, + { + "id": "datafeed-low_request_rate_ecs", + "job_id": "low_request_rate_ecs", + "config": { + "job_id": "low_request_rate_ecs", + "indices": [ + "INDEX_PATTERN_NAME" + ], + "query": { + "bool": { + "filter": [ + { + "term": { + "event.dataset": "nginx.access" + } + } + ] + } + }, + "aggregations": { + "buckets": { + "date_histogram": { + "field": "@timestamp", + "fixed_interval": "15m", + "offset": 0, + "order": { + "_key": "asc" + }, + "keyed": false, + "min_doc_count": 0 + }, + "aggregations": { + "@timestamp": { + "max": { + "field": "@timestamp" + } + } + } + } + } + } + } + ] + }, + "id": "good_v3-ml-module-abc-1", + "migrationVersion": { + "search": "7.9.3" + }, + "references": [], + "type": "ml-module" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/osquery_pack_asset/good_v3-osquery-pack-asset-1.json b/test/packages/bad_agent_version_v3/kibana/osquery_pack_asset/good_v3-osquery-pack-asset-1.json new file mode 100644 index 000000000..77a5751cf --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/osquery_pack_asset/good_v3-osquery-pack-asset-1.json @@ -0,0 +1,135 @@ +{ + "attributes": { + "name": "vuln-management", + "version": 1, + "queries": [ + { + "id": "kernel_info", + "interval": 86400, + "query": "select * from kernel_info;", + "version": "1.4.5" + }, + { + "id": "os_version", + "interval": 86400, + "query": "select * from os_version;", + "version": "1.4.5" + }, + { + "id": "kextstat", + "interval": 86400, + "platform": "darwin", + "query": "select * from kernel_extensions;", + "version": "1.4.5" + }, + { + "id": "kernel_modules", + "interval": 86400, + "platform": "linux", + "query": "select * from kernel_modules;", + "version": "1.4.5" + }, + { + "id": "installed_applications", + "interval": 86400, + "platform": "darwin", + "query": "select * from apps;", + "version": "1.4.5" + }, + { + "id": "browser_plugins", + "interval": 86400, + "platform": "darwin", + "query": "select browser_plugins.* from users join browser_plugins using (uid);", + "version": "1.6.1" + }, + { + "id": "safari_extensions", + "interval": 86400, + "platform": "darwin", + "query": "select safari_extensions.* from users join safari_extensions using (uid);", + "version": "1.6.1" + }, + { + "id": "opera_extensions", + "interval": 86400, + "platform": "darwin,linux", + "query": "select opera_extensions.* from users join opera_extensions using (uid);", + "version": "1.6.1" + }, + { + "id": "chrome_extensions", + "interval": 86400, + "query": "select chrome_extensions.* from users join chrome_extensions using (uid);", + "version": "1.6.1" + }, + { + "id": "firefox_addons", + "interval": 86400, + "platform": "darwin,linux", + "query": "select firefox_addons.* from users join firefox_addons using (uid);", + "version": "1.6.1" + }, + { + "id": "homebrew_packages", + "interval": 86400, + "platform": "darwin", + "query": "select * from homebrew_packages;", + "version": "1.4.5" + }, + { + "id": "package_receipts", + "interval": 86400, + "platform": "darwin", + "query": "select * from package_receipts;", + "version": "1.4.5" + }, + { + "id": "deb_packages", + "interval": 86400, + "platform": "linux", + "query": "select * from deb_packages;", + "version": "1.4.5" + }, + { + "id": "apt_sources", + "interval": 86400, + "platform": "linux", + "query": "select * from apt_sources;", + "version": "1.4.5" + }, + { + "id": "portage_packages", + "interval": 86400, + "platform": "linux", + "query": "select * from portage_packages;", + "version": "2.0.0" + }, + { + "id": "rpm_packages", + "interval": 86400, + "platform": "linux", + "query": "select * from rpm_packages;", + "version": "1.4.5" + }, + { + "id": "unauthenticated_sparkle_feeds", + "interval": 86400, + "platform": "darwin", + "query": "select feeds.*, p2.value as sparkle_version from (select a.name as app_name, a.path as app_path, a.bundle_identifier as bundle_id, p.value as feed_url from (select name, path, bundle_identifier from apps) a, plist p where p.path = a.path || '/Contents/Info.plist' and p.key = 'SUFeedURL' and feed_url like 'http://%') feeds left outer join plist p2 on p2.path = app_path || '/Contents/Frameworks/Sparkle.framework/Resources/Info.plist' where (p2.key = 'CFBundleShortVersionString' OR coalesce(p2.key, '') = '');", + "version": "1.4.5" + }, + { + "id": "backdoored_python_packages", + "interval": 86400, + "platform": "darwin,linux", + "query": "select name as package_name, version as package_version, path as package_path from python_packages where package_name = 'acqusition' or package_name = 'apidev-coop' or package_name = 'bzip' or package_name = 'crypt' or package_name = 'django-server' or package_name = 'pwd' or package_name = 'setup-tools' or package_name = 'telnet' or package_name = 'urlib3' or package_name = 'urllib';", + "version": "1.4.5" + } + ] + }, + "coreMigrationVersion": "8.2.0", + "id": "good_v3-osquery-pack-asset-1", + "references": [], + "type": "osquery-pack-asset" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/osquery_saved_query/good_v3-osquery-saved-query-1.json b/test/packages/bad_agent_version_v3/kibana/osquery_saved_query/good_v3-osquery-saved-query-1.json new file mode 100644 index 000000000..5fb4316b4 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/osquery_saved_query/good_v3-osquery-saved-query-1.json @@ -0,0 +1,19 @@ +{ + "attributes": { + "created_at": "2022-04-05T06:25:25.392Z", + "created_by": "elastic", + "description": "A list of applications configured to launch when a system reboots.", + "id": "Persistence", + "interval": "3600", + "query": "select * from startup_items;", + "updated_at": "2022-04-05T06:25:25.392Z", + "updated_by": "elastic", + "version": "1" + }, + "coreMigrationVersion": "8.3.0", + "id": "good_v3-osquery-saved-query-1", + "references": [], + "type": "osquery-saved-query", + "updated_at": "2022-04-05T06:25:25.395Z", + "version": "Wzc1MSwxXQ==" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/search/good_v3-search-abc-1.json b/test/packages/bad_agent_version_v3/kibana/search/good_v3-search-abc-1.json new file mode 100644 index 000000000..e64af4da3 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/search/good_v3-search-abc-1.json @@ -0,0 +1,4 @@ +{ + "id": "good_v3-search-abc-1", + "type": "search" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/security_rule/000047bb-b27a-47ec-8b62-ef1a5d2c9e19.json b/test/packages/bad_agent_version_v3/kibana/security_rule/000047bb-b27a-47ec-8b62-ef1a5d2c9e19.json new file mode 100644 index 000000000..089fcff8a --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/security_rule/000047bb-b27a-47ec-8b62-ef1a5d2c9e19.json @@ -0,0 +1,41 @@ +{ + "attributes": { + "author": [ + "Elastic" + ], + "description": "Detects attempts to modify a rule within an Okta policy. An adversary may attempt to modify an Okta policy rule in order to weaken an organization's security controls.", + "false_positives": [ + "Consider adding exceptions to this rule to filter false positives if Okta MFA rules are regularly modified in your organization." + ], + "index": [ + "filebeat-*", + "logs-okta*" + ], + "language": "kuery", + "license": "Elastic License v2", + "name": "Attempt to Modify an Okta Policy Rule", + "note": "The Okta Fleet integration or Filebeat module must be enabled to use this rule.", + "query": "event.dataset:okta.system and event.action:policy.rule.update", + "references": [ + "https://help.okta.com/en/prod/Content/Topics/Security/Security_Policies.htm", + "https://developer.okta.com/docs/reference/api/system-log/", + "https://developer.okta.com/docs/reference/api/event-types/" + ], + "risk_score": 21, + "rule_id": "000047bb-b27a-47ec-8b62-ef1a5d2c9e19", + "severity": "low", + "tags": [ + "Elastic", + "Identity", + "Okta", + "Continuous Monitoring", + "SecOps", + "Identity and Access" + ], + "timestamp_override": "event.ingested", + "type": "query", + "version": 5 + }, + "id": "000047bb-b27a-47ec-8b62-ef1a5d2c9e19", + "type": "security-rule" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/slo/good_v3-slo-abc-1.json b/test/packages/bad_agent_version_v3/kibana/slo/good_v3-slo-abc-1.json new file mode 100644 index 000000000..ef42fc270 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/slo/good_v3-slo-abc-1.json @@ -0,0 +1,29 @@ +{ + "attributes": { + "name": "Admin Console Availability", + "description": "", + "indicator": { + "type": "sli.kql.custom", + "params": { + "index": "kbn-data-forge-fake_stack.admin-console-*", + "filter": "", + "good": "http.response.status_code < 500", + "total": "http.response.status_code : *", + "timestampField": "@timestamp" + } + }, + "budgetingMethod": "occurrences", + "timeWindow": { + "duration": "7d", + "type": "rolling" + }, + "objective": { + "target": 0.99 + }, + "tags": [], + "groupBy": "url.domain" + }, + "id": "good_v3-slo-abc-1", + "references": [], + "type": "slo" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/tag/good_v3-tag-abc-1.json b/test/packages/bad_agent_version_v3/kibana/tag/good_v3-tag-abc-1.json new file mode 100644 index 000000000..b6aa7f9ee --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/tag/good_v3-tag-abc-1.json @@ -0,0 +1,11 @@ +{ + "attributes": { + "color": "#e20b7f", + "description": "", + "name": "abc" + }, + "coreMigrationVersion": "7.15.0", + "id": "good_v3-tag-abc-1", + "references": [], + "type": "tag" +} \ No newline at end of file diff --git a/test/packages/bad_agent_version_v3/kibana/tags.yml b/test/packages/bad_agent_version_v3/kibana/tags.yml new file mode 100644 index 000000000..41de686a4 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/tags.yml @@ -0,0 +1,25 @@ +- text: Foo + asset_types: + - alerting_rule_template + - dashboard + - visualization + - search + - map + - lens + - index_pattern + - security_rule + - csp_rule_template + - ml_module + - osquery_pack_asset + - osquery_saved_query +- text: Bar + asset_ids: + - id1 + - id2 + - apm-anomaly-rule-test +- text: myCustomTag + asset_types: + - dashboard + - map + asset_ids: + - id1 diff --git a/test/packages/bad_agent_version_v3/kibana/visualization/good_v3-visualization-abc-1.json b/test/packages/bad_agent_version_v3/kibana/visualization/good_v3-visualization-abc-1.json new file mode 100644 index 000000000..46ae15cb6 --- /dev/null +++ b/test/packages/bad_agent_version_v3/kibana/visualization/good_v3-visualization-abc-1.json @@ -0,0 +1,35 @@ +{ + "type": "visualization", + "id": "good_v3-visualization-abc-1", + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "query": { + "language": "kuery", + "query": "" + } + } + }, + "title": "Placeholder Title", + "uiStateJSON": {}, + "version": 1, + "visState": { + "aggs": [], + "params": { + "fontSize": 12, + "markdown": "# A title", + "openLinksInNewTab": false + }, + "title": "Placeholder Title", + "type": "markdown" + } + }, + "coreMigrationVersion": "8.7.1", + "created_at": "2023-09-22T17:32:48.743Z", + "migrationVersion": { + "visualization": "8.5.0" + }, + "references": [] +} diff --git a/test/packages/bad_agent_version_v3/manifest.yml b/test/packages/bad_agent_version_v3/manifest.yml new file mode 100644 index 000000000..f69494a9c --- /dev/null +++ b/test/packages/bad_agent_version_v3/manifest.yml @@ -0,0 +1,183 @@ +format_version: 3.6.0 +name: good_v3 +title: Good package +description: This package is good for format version 3 +version: 1.0.1 +type: integration +source: + license: "Apache-2.0" +conditions: + kibana: + version: '^8.10.0' + elastic: + subscription: 'basic' + capabilities: + - observability + - security + agent: {} +vars: + - name: package_password + type: password + title: Package Level Secret + show_user: true + secret: true + - name: bearer_token_file + title: A file to a secret, but not a secret itself. + type: text + show_user: true + - name: token_url + title: A URL to get secrets, but not a secret itself. + type: url + show_user: true +policy_templates_behavior: individual_policies +policy_templates: + - name: apache + title: Apache logs and metrics + description: Collect logs and metrics from Apache instances + deployment_modes: + agentless: + enabled: true + is_default: true + organization: elastic + division: observability + team: obs-infraobs-integrations + resources: + requests: + memory: 1024M + cpu: "0.5" + fips_compatible: false + configuration_links: + - title: View Agents + url: "kbn:/app/fleet/agents" + type: next_step + content: "Check your agents in Fleet" + - title: Elastic website + url: "https://www.elastic.co/" + type: action + content: "See more" + - title: See agents + url: "http://localhost:5601/app/fleet/agents" + type: next_step + inputs: + - type: apache/metrics + title: Collect metrics from Apache instances + description: Collecting Apache status metrics + deployment_modes: ['default', 'agentless'] + multi: false + required_vars: + host_password: + - name: hosts + value: localhost + - name: package_password + api_key_host: + - name: api_key + - name: hosts + vars: + - name: input_password + type: password + title: Input Level Secret + show_user: true + secret: true + - name: api_key + type: password + title: Some API key + show_user: true + secret: true + hide_in_deployment_modes: + - default + - name: hosts + type: url + url_allowed_schemes: ['http', 'https'] + title: Hosts + multi: true + show_user: true + default: + - http://127.0.0.1 + hide_in_deployment_modes: + - agentless + - type: httpjson + title: Collect data via HTTP JSON API + description: Collecting data from HTTP JSON API (default only) + deployment_modes: ['default'] + multi: false + vars: + - name: url + type: url + title: API URL + show_user: true + required: true + - name: interval + type: duration + min_duration: 10s + max_duration: 4h3m2s1ms + default: 1m + - name: apache-agentless + title: Apache logs and metrics in agentless + description: Collect logs and metrics from Apache instances in agentless + deployment_modes: + agentless: + enabled: true + organization: security + division: engineering + team: cloud-security + inputs: + - type: apache/metrics + title: Collect metrics in agentless + description: Collecting metrics in agentless mode + multi: false + required_vars: + host_password: + - name: hosts + value: localhost + - name: input_password + vars: + - name: input_password + type: password + title: Input Level Secret + show_user: true + secret: true + - name: hosts + type: url + url_allowed_schemes: ['http', 'https'] + title: Hosts + multi: true + show_user: true + default: + - http://127.0.0.1 + - type: aws/s3 + title: Collect S3 logs (agentless only) + description: Collecting logs from AWS S3 in agentless mode + deployment_modes: ['agentless'] + multi: false + vars: + - name: bucket_name + type: text + title: S3 Bucket Name + show_user: true + required: true +owner: + github: elastic/foobar + type: elastic +screenshots: + - src: /img/kibana-system.png + title: kibana system + size: 1220x852 + type: image/png + - src: /img/metricbeat_system_dashboard.png + title: metricbeat system dashboard + size: 2097x1933 + type: image/png +icons: + - src: /img/system.svg + title: system + size: 1000x1000 + type: image/svg+xml +agent: + privileges: + root: true +# /main is a specific action underneath the monitor privilege. Declaring +# "monitor/main" limits the provided privilege, "monitor", to only the "main" +# action. +elasticsearch: + privileges: + cluster: [monitor/main] diff --git a/test/packages/bad_agent_version_v3/validation.yml b/test/packages/bad_agent_version_v3/validation.yml new file mode 100644 index 000000000..1a9fc84c5 --- /dev/null +++ b/test/packages/bad_agent_version_v3/validation.yml @@ -0,0 +1,3 @@ +errors: + exclude_checks: + - PSR00001 # Allow to use unreleased features in GA package. diff --git a/test/packages/good_v3/manifest.yml b/test/packages/good_v3/manifest.yml index cde55e300..8578d1cba 100644 --- a/test/packages/good_v3/manifest.yml +++ b/test/packages/good_v3/manifest.yml @@ -14,6 +14,8 @@ conditions: capabilities: - observability - security + agent: + version: '^9.1.0' vars: - name: package_password type: password