Merge branch 'kilo' into cogburn/detection_playbooks

2025-12-08 18:22:47 +01:00 · 2024-02-13 14:08:44 -07:00
parent f321e734eb c933627a71
commit a5db9f87dd
10 changed files with 169 additions and 6 deletions
--- a/salt/elasticsearch/templates/component/so/detection-mappings.json
+++ b/salt/elasticsearch/templates/component/so/detection-mappings.json
@@ -47,13 +47,25 @@
            "isCommunity": {
              "type": "boolean"
            },
-            "note": {
+            "tags": {
              "type": "text"
            },
+            "ruleset": {
+              "ignore_above": 1024,
+              "type": "keyword"
+            },
            "engine": {
              "ignore_above": 1024,
              "type": "keyword"
            },
+            "language": {
+              "ignore_above": 1024,
+              "type": "keyword"
+            },
+            "license": {
+              "ignore_above": 1024,
+              "type": "keyword"
+            },
            "overrides": {
              "properties": {
                "type": {
@@ -98,6 +110,24 @@
              }
            }
          }
+        },
+        "so_detectioncomment": {
+          "properties": {
+            "createTime": {
+              "type": "date"
+            },
+            "detectionId": {
+              "ignore_above": 1024,
+              "type": "keyword"
+            },
+            "value": {
+              "type": "text"
+            },
+            "userId": {
+              "ignore_above": 1024,
+              "type": "keyword"
+            }
+          }
        }
      }
    }