Update Hotfixes Inventory Format

wazuh / wazuh-agent

Wazuh agent, the Wazuh agent for endpoints.

GNU Affero General Public License v3.0

32 stars 18 forks source link

Update Hotfixes Inventory Format #298

Closed vikman90 closed 2 days ago

vikman90 commented 1 week ago

Parent Issue: #292

Description

Update the hotfixes inventory format to comply with the Elastic Common Schema (ECS).

Data Fields

Field	Type	Example
agent.groups	keyword
agent.id	keyword
package.hotfix.name	keyword

Tasks

Map and update all fields in the hotfixes inventory according to ECS guidelines.

References

Common schema definitions: Wazuh Indexer Plugins
ECS documentation: Elastic ECS Documentation

cborla commented 2 days ago

{
    "id": "aW52ZW50b3J5OmhvdGZpeGVzOktCMTIzNDU2Nzg=",
    "module": "inventory",
    "operation": "create",
    "type": "hotfixes"
}
{
    "package":
    {
        "hotfix":
        {
            "name": "KB12345678"
        }
    }
}