search

elastic / beats

:tropical_fish: Beats - Lightweight shippers for Elasticsearch & Logstash
https://www.elastic.co/products/beats
Other
12.11k stars 4.91k forks source link

Add Auditbeat system module fields to fields.ecs.yml #9318

Closed cwurm closed 5 years ago

cwurm commented 5 years ago

New fields used in the Auditbeat system module that need to be added to fields.ecs.yml:

  1. network.type (used in the socket metricset)
  2. process.start and process.working_directory (used in the process metricset)
  3. event.kind (everywhere)
elasticmachine commented 5 years ago

Pinging @elastic/secops

cwurm commented 5 years ago

All of these have been added in https://github.com/elastic/beats/pull/9121.