File tree Expand file tree Collapse file tree 5 files changed +136
-11
lines changed
data_stream/result/fields Expand file tree Collapse file tree 5 files changed +136
-11
lines changed Original file line number Diff line number Diff line change 11dependencies :
22 ecs :
3- reference : git@v8.10 .0
3+ reference : git@v9.1 .0
Original file line number Diff line number Diff line change 11# newer versions go on top
2+ - version : " 1.19.0"
3+ changes :
4+ - description : Update osquery to version 5.18.1 and ECS to 9.10.0
5+ type : enhancement
6+ link : https://github.com/elastic/integrations/pull/15321
27- version : " 1.18.0"
38 changes :
49 - description : Adjust result mapping to match action responses
Original file line number Diff line number Diff line change 11# This file is generated with osqgen (https://github.com/aleksmaus/osqgen) tool from the official ECS fields yml
22# To regenerate use:
3- # osqgen --schema "./schema/ecs/fields.ecs_8.10 .0.yml" ecs > ecs.yml
3+ # osqgen --schema "./schema/ecs/fields.ecs_9.1 .0.yml" ecs > ecs.yml
44- external : ecs
55 name : client.as.number
66- external : ecs
497497 name : process.parent.pe.sections.var_entropy
498498- external : ecs
499499 name : process.parent.pe.sections.virtual_size
500- - external : ecs
501- name : process.parent.pgid
502500- external : ecs
503501 name : process.parent.pid
504502- external : ecs
531529 name : process.pe.sections.var_entropy
532530- external : ecs
533531 name : process.pe.sections.virtual_size
534- - external : ecs
535- name : process.pgid
536532- external : ecs
537533 name : process.pid
538534- external : ecs
853849 name : user.risk.static_score
854850- external : ecs
855851 name : user.risk.static_score_norm
852+ - external : ecs
853+ name : volume.removable
854+ - external : ecs
855+ name : volume.size
856+ - external : ecs
857+ name : volume.writable
856858- external : ecs
857859 name : vulnerability.score.base
858860- external : ecs
You can’t perform that action at this time.
0 commit comments