We have been asked to update the index template and mappings for the wazuh-states-vulnerabilities index with the following changes.
Add 2 new fields to track the publication (published_at) and detection dates (detected_at) of the vulnerabilities.
Remove the @timestamp field
As always, we need to update the mappings, update the events' generator, test the new index template and open a pull request in wazuh/wazuh to update the template.
Description
We have been asked to update the index template and mappings for the
wazuh-states-vulnerabilities
index with the following changes.published_at
) and detection dates (detected_at
) of the vulnerabilities.@timestamp
fieldAs always, we need to update the mappings, update the events' generator, test the new index template and open a pull request in wazuh/wazuh to update the template.