Skip to content

Add PIDs by default #2209

New issue
New issue
Closed
#2211
Closed
Add PIDs by default#2209
#2211
Labels
kind/feature
@spyder-kyle

Description

@spyder-kyle
spyder-kyle
opened on Sep 14, 2022

Motivation

The default rules lack a unique identifier for the processes that cause events, making it impossible to merge information with other sources in many cases.

Feature

Adding pid=%proc.pid to the output of all the default rules would be perfect. I could easily create a PR for this if necessary.

Alternatives

One could override all the rules and specify PIDs, or append to all their outputs if that functionality is added, but the number of default rules makes either option not appealing.

Additional context

Activity

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    kind/feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions