Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Auditbeat system module fields to fields.ecs.yml #9318

Closed
cwurm opened this issue Nov 30, 2018 · 2 comments
Closed

Add Auditbeat system module fields to fields.ecs.yml #9318

cwurm opened this issue Nov 30, 2018 · 2 comments
Labels
Auditbeat ecs

Comments

@cwurm
Copy link
Contributor

cwurm commented Nov 30, 2018
edited
Loading

New fields used in the Auditbeat system module that need to be added to fields.ecs.yml:

  1. network.type (used in the socket metricset)
  2. process.start and process.working_directory (used in the process metricset)
  3. event.kind (everywhere)
@elasticmachine
Copy link
Collaborator

Pinging @elastic/secops

@cwurm cwurm mentioned this issue Nov 30, 2018
Closed
21 tasks
@cwurm cwurm changed the title Add network.type to fields.ecs.yml Add Auditbeat system module fields to fields.ecs.yml Dec 4, 2018
@cwurm cwurm mentioned this issue Dec 4, 2018
Merged
3 tasks
@ruflin ruflin mentioned this issue Dec 5, 2018
Closed
@cwurm cwurm mentioned this issue Dec 11, 2018
Merged
@cwurm
Copy link
Contributor Author

cwurm commented Dec 18, 2018

All of these have been added in #9121.

@cwurm cwurm closed this as completed Dec 18, 2018
@cwurm cwurm mentioned this issue Dec 18, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Auditbeat ecs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cwurm @elasticmachine