Update Packages Inventory Format - Githubissues

wazuh / wazuh-agent

Wazuh agent, the Wazuh agent for endpoints.

GNU Affero General Public License v3.0

32 stars 18 forks source link

Update Packages Inventory Format #297

Closed vikman90 closed 1 week ago

vikman90 commented 1 week ago

Parent Issue: #292

Description

Update the packages inventory format to comply with the Elastic Common Schema (ECS).

Data Fields

Field	Type	Example
agent.groups	keyword
agent.id	keyword
package.architecture	keyword
package.description	keyword
package.installed	date
package.name	keyword
package.path	keyword
package.size	long
package.type	keyword
package.version	keyword

Tasks

Map and update all fields in the packages inventory according to ECS guidelines.

References

Common schema definitions: Wazuh Indexer Plugins
ECS documentation: Elastic ECS Documentation