CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-27 19:33:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6822 from Security-Onion-Solutions/fix/event_fields

Browse Source 
Add event.acknowledged and event.escalated mappings
This commit is contained in:
weslambert
2022-01-10 16:14:45 -05:00
committed by GitHub
parent b7a90a88f9 84f7c6b13b
commit 17509a9231
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
salt/elasticsearch/templates/so/so-common-template.json.jinja
View File

@@ -291,6 +291,14 @@
},
"event": {
"properties": {
"acknowledged": {
"type": "boolean",
"fields": {
"keyword": {
"type": "keyword"
}
}
},
"action": {
"ignore_above": 1024,
"type": "keyword"
@@ -331,6 +339,14 @@
"end": {
"type": "date"
},
"escalated": {
"type": "boolean",
"fields": {
"keyword": {
"type": "keyword"
}
}
},
"hash": {
"ignore_above": 1024,
"type": "keyword"