-
Elastic stack provides a specification https://www.elastic.co/guide/en/ecs/current/ecs-reference.html that defines a common set of fields to be used when storing event data in Elasticsearch.
The fe…
-
Now structured logging built-in support for Elastic Common Schema (ecs), Graylog Extended Log Format (gelf) and Logstash (logstash), any plan to support CSV format? Now DuckDB, DataFusion, ClickHouse…
-
I would suggest migrating to the Elastic Common Schema (ECS) for your output so this data can be integrated with output of other projects like RockNSM that have begun to adopt ECS. I believe ECS begin…
-
**Summary**
Add common network tcp and udp specific fields (eg. window size, ttl, Acknowledgement Number, Sequence Number, UDP length)
**Motivation**:
We receive flowmon and other netflow v10 / I…
-
Hi Wazuh Team,
Are there any plans to support the [Elastic Common Schema](https://www.elastic.co/guide/en/ecs/current/index.html) for JSON output?
-
**A few questions before you begin:**
> Is this an issue related to the [Serilog core project](https://github.com/serilog/serilog) or one of the [sinks](https://github.com/serilog/serilog/wiki/Prov…
-
# Description
The Google Workspace integration within Elastic currently lacks the capability to collect and analyze Chrome log events. These events are critical for security monitoring, as they provid…
-
## Issue
The `consumer` field in our Rules API is a common source of confusion and SDHs. Our current documentation only lists possible values but does not explain their meaning or their purpose. (Som…
-
Recently tried to add a field to the rule saved object for a POC and ended up updating over 7+ different schema types in the code, which seems excessive? Now that we're adding API versioning for the r…
ymao1 updated
3 weeks ago
-
[Elastic Common Schema](https://www.elastic.co/guide/en/ecs/current) defines a set of attributes for vulnerabilities, certificates, process, users, etc that has an intersection with OCSF. It was also …