We have refined the index data model for the commands index. We need to update the index definition and the index template in the Command Manager plugin with the following changes:
[x] Add agents.group.
[x] The command.target field becomes an object with the following fields:
command.target.type, replacing command.type.
command.target.id, replacing command.target.
[x] command.action.type is renamed to command.action.name
Description
Related issue: https://github.com/wazuh/wazuh-indexer/issues/349
We have refined the index data model for the
commandsindex. We need to update the index definition and the index template in the Command Manager plugin with the following changes:agents.group.command.targetfield becomes an object with the following fields:command.target.type, replacingcommand.type.command.target.id, replacingcommand.target.command.action.typeis renamed tocommand.action.nameSee https://github.com/wazuh/wazuh-indexer-plugins/issues/42#issuecomment-2358745436