1:1 mapping + rebase

CHANGELOG.next.asciidoc

@@ -190,7 +190,6 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
 - Processor `add_cloud_metadata` adds fields `cloud.account.id` and `cloud.image.id` for AWS EC2. {pull}12307[12307]
 - Add configurable bulk_flush_frequency in kafka output. {pull}12254[12254]
 - Add `decode_base64_field` processor for decoding base64 field. {pull}11914[11914]
-- Add `decode_base64_fields` processor for decoding base64 fields. {pull}11914[11914]
 
 *Auditbeat*
 

libbeat/docs/processors-using.asciidoc

@@ -214,7 +214,7 @@ ifdef::has_decode_csv_fields_processor[]
  * <<decode-csv-fields,`decode_csv_fields`>>
 endif::[]
  * <<decode-json-fields,`decode_json_fields`>>
- * <<decode-base64-fields,`decode_base64_fields`>>
+ * <<decode-base64-field,`decode_base64_field`>>
  * <<dissect, `dissect`>>
  * <<extract-array,`extract_array`>>
  * <<processor-dns, `dns`>>
@@ -865,38 +865,30 @@ is treated as if the field was not set at all.
 exist in the event are overwritten by keys from the decoded JSON object. The
 default value is false.
 
-[[decode-base64-fields]]
+[[decode-base64-field]]
 === Decode Base64 fields
 
-The `decode_base64_fields` processor specifies a list of fields to base64 decode.
-Under the `fields` key each entry contains a `from: old-key` and a `to: new-key` pair. `from` is
+The `decode_base64_field` processor specifies a field to base64 decode.
+The `field` key contains a `from: old-key` and a `to: new-key` pair. `from` is
 the origin and `to` the target name of the field.
 
-Rename fields cannot be used to overwrite fields. To overwrite fields either
-first rename the target field or use the `drop_fields` processor to drop the
-field and then rename the field.
+To overwrite fields either first rename the target field or use the `drop_fields`
+processor to drop the field and then rename the field.
 
 [source,yaml]
 -------
 processors:
-- decode_base64_fields:
-    fields:
-     - from: "field1"
-       to: "field2"
-     - from: "field3"
-       to: "field3"
-     - from: "field4"
-       to: ""
+- decode_base64_field:
+    from: "field1"
+    to: "field2"
     ignore_missing: false
     fail_on_error: true
 -------
 
 In the example above:
     - field1 is decoded in field2
-    - field3 is decoded in field3
-    - field4 is decoded in field4
 
-The `decode_base64_fields` processor has the following configuration settings:
+The `decode_base64_field` processor has the following configuration settings:
 
 `ignore_missing`:: (Optional) If set to true, no error is logged in case a key
 which should be base64 decoded is missing. Default is `false`.

libbeat/processors/actions/decode_base64_field.go

@@ -31,19 +31,19 @@ import (
 )
 
 const (
-	processorName = "decode_base64_fields"
+	processorName = "decode_base64_field"
 )
 
-type decodeBase64Fields struct {
+type decodeBase64Field struct {
 	log *logp.Logger
 
 	config base64Config
 }
 
 type base64Config struct {
-	Fields        []fromTo `config:"fields"`
-	IgnoreMissing bool     `config:"ignore_missing"`
-	FailOnError   bool     `config:"fail_on_error"`
+	fromTo        `config:"field"`
+	IgnoreMissing bool `config:"ignore_missing"`
+	FailOnError   bool `config:"fail_on_error"`
 }
 
 var (
@@ -56,11 +56,11 @@ var (
 func init() {
 	processors.RegisterPlugin(processorName,
 		checks.ConfigChecked(NewDecodeBase64Field,
-			checks.RequireFields("fields"),
-			checks.AllowedFields("fields", "when")))
+			checks.RequireFields("field"),
+			checks.AllowedFields("field", "when")))
 }
 
-// NewDecodeBase64Field construct a new decode_base64_fields processor.
+// NewDecodeBase64Field construct a new decode_base64_field processor.
 func NewDecodeBase64Field(c *common.Config) (processors.Processor, error) {
 	config := defaultBase64Config
 
@@ -71,38 +71,36 @@ func NewDecodeBase64Field(c *common.Config) (processors.Processor, error) {
 		return nil, fmt.Errorf("fail to unpack the %s configuration: %s", processorName, err)
 	}
 
-	return &decodeBase64Fields{
+	return &decodeBase64Field{
 		log:    log,
 		config: config,
 	}, nil
 }
 
-func (f *decodeBase64Fields) Run(event *beat.Event) (*beat.Event, error) {
+func (f *decodeBase64Field) Run(event *beat.Event) (*beat.Event, error) {
 	var backup common.MapStr
 	// Creates a copy of the event to revert in case of failure
 	if f.config.FailOnError {
 		backup = event.Fields.Clone()
 	}
 
-	for _, field := range f.config.Fields {
-		err := f.decodeField(field.From, field.To, event.Fields)
-		if err != nil && f.config.FailOnError {
-			errMsg := fmt.Errorf("failed to decode base64 fields in processor: %v", err)
-			f.log.Debug("decode base64", errMsg.Error())
-			event.Fields = backup
-			_, _ = event.PutValue("error.message", errMsg.Error())
-			return event, err
-		}
+	err := f.decodeField(f.config.From, f.config.To, event.Fields)
+	if err != nil && f.config.FailOnError {
+		errMsg := fmt.Errorf("failed to decode base64 fields in processor: %v", err)
+		f.log.Debug("decode base64", errMsg.Error())
+		event.Fields = backup
+		_, _ = event.PutValue("error.message", errMsg.Error())
+		return event, err
 	}
 
 	return event, nil
 }
 
-func (f decodeBase64Fields) String() string {
-	return fmt.Sprintf("%s=%+v", processorName, f.config.Fields)
+func (f decodeBase64Field) String() string {
+	return fmt.Sprintf("%s=%+v", processorName, f.config.fromTo)
 }
 
-func (f *decodeBase64Fields) decodeField(from string, to string, fields common.MapStr) error {
+func (f *decodeBase64Field) decodeField(from string, to string, fields common.MapStr) error {
 	value, err := fields.GetValue(from)
 	if err != nil {
 		// Ignore ErrKeyNotFound errors

libbeat/processors/actions/decode_base64_field_test.go

@@ -38,8 +38,8 @@ func TestDecodeBase64Run(t *testing.T) {
 		{
 			description: "simple field base64 decode",
 			config: base64Config{
-				Fields: []fromTo{
-					{From: "field1", To: "field2"},
+				fromTo: fromTo{
+					From: "field1", To: "field2",
 				},
 				IgnoreMissing: false,
 				FailOnError:   true,
@@ -56,8 +56,8 @@ func TestDecodeBase64Run(t *testing.T) {
 		{
 			description: "simple field base64 decode To empty",
 			config: base64Config{
-				Fields: []fromTo{
-					{From: "field1", To: ""},
+				fromTo: fromTo{
+					From: "field1", To: "",
 				},
 				IgnoreMissing: false,
 				FailOnError:   true,
@@ -73,8 +73,8 @@ func TestDecodeBase64Run(t *testing.T) {
 		{
 			description: "simple field base64 decode from and to equals",
 			config: base64Config{
-				Fields: []fromTo{
-					{From: "field1", To: "field1"},
+				fromTo: fromTo{
+					From: "field1", To: "field1",
 				},
 				IgnoreMissing: false,
 				FailOnError:   true,
@@ -90,8 +90,8 @@ func TestDecodeBase64Run(t *testing.T) {
 		{
 			description: "simple field bad data - fail on error",
 			config: base64Config{
-				Fields: []fromTo{
-					{From: "field1", To: "field1"},
+				fromTo: fromTo{
+					From: "field1", To: "field1",
 				},
 				IgnoreMissing: false,
 				FailOnError:   true,
@@ -110,8 +110,8 @@ func TestDecodeBase64Run(t *testing.T) {
 		{
 			description: "simple field bad data fail on error false",
 			config: base64Config{
-				Fields: []fromTo{
-					{From: "field1", To: "field2"},
+				fromTo: fromTo{
+					From: "field1", To: "field2",
 				},
 				IgnoreMissing: false,
 				FailOnError:   false,
@@ -127,8 +127,8 @@ func TestDecodeBase64Run(t *testing.T) {
 		{
 			description: "missing field",
 			config: base64Config{
-				Fields: []fromTo{
-					{From: "field2", To: "field3"},
+				fromTo: fromTo{
+					From: "field2", To: "field3",
 				},
 				IgnoreMissing: false,
 				FailOnError:   true,
@@ -147,8 +147,8 @@ func TestDecodeBase64Run(t *testing.T) {
 		{
 			description: "missing field ignore",
 			config: base64Config{
-				Fields: []fromTo{
-					{From: "field2", To: "field3"},
+				fromTo: fromTo{
+					From: "field2", To: "field3",
 				},
 				IgnoreMissing: true,
 				FailOnError:   true,
@@ -168,7 +168,7 @@ func TestDecodeBase64Run(t *testing.T) {
 		t.Run(test.description, func(t *testing.T) {
 			t.Parallel()
 
-			f := &decodeBase64Fields{
+			f := &decodeBase64Field{
 				log:    logp.NewLogger(processorName),
 				config: test.config,
 			}

libbeat/processors/script/javascript/module/processor/processor.go

@@ -54,6 +54,7 @@ var constructors = map[string]processors.Constructor{
 	"CommunityID":           communityid.New,
 	"Convert":               convert.New,
 	"CopyFields":            actions.NewCopyFields,
+	"DecodeBase64Field":     actions.NewDecodeBase64Field,
 	"DecodeCSVField":        decode_csv_fields.NewDecodeCSVField,
 	"DecodeJSONFields":      actions.NewDecodeJSONFields,
 	"Dissect":               dissect.NewProcessor,