Skip to content

Commit

Permalink
update experimental artifacts
Browse files Browse the repository at this point in the history
  • Loading branch information
ebeahan committed Nov 12, 2020
1 parent 21347e6 commit dd91245
Show file tree
Hide file tree
Showing 5 changed files with 54 additions and 1 deletion.
13 changes: 13 additions & 0 deletions experimental/generated/beats/fields.ecs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -967,6 +967,19 @@
(`dns.type:answer`).'
type: group
fields:
- name: answers
level: extended
type: object
description: 'An array containing an object for each answer section returned
by the server.
The main keys that should be present in these objects are defined by ECS.
Records that have more information may contain more keys than what ECS defines.
Not all DNS data sources give all details about DNS answers. At minimum, answer
objects must contain the `data` key. If more information is available, map
as much of it to ECS as possible, and add any additional fields to the answer
objects as custom fields.'
- name: answers.class
level: extended
type: keyword
Expand Down
1 change: 1 addition & 0 deletions experimental/generated/csv/fields.csv
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,7 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description
2.0.0-dev,true,dll,dll.pe.imphash,keyword,extended,,0c6803c4e922103c4dca5963aad36ddf,A hash of the imports in a PE file.
2.0.0-dev,true,dll,dll.pe.original_file_name,wildcard,extended,,MSPAINT.EXE,"Internal name of the file, provided at compile-time."
2.0.0-dev,true,dll,dll.pe.product,keyword,extended,,Microsoft® Windows® Operating System,"Internal product name of the file, provided at compile-time."
2.0.0-dev,true,dns,dns.answers,object,extended,array,,Array of DNS answers.
2.0.0-dev,true,dns,dns.answers.class,keyword,extended,,IN,The class of DNS data contained in this resource record.
2.0.0-dev,true,dns,dns.answers.data,wildcard,extended,,10.10.10.10,The data describing the resource.
2.0.0-dev,true,dns,dns.answers.name,keyword,extended,,www.example.com,The domain name to which this resource record pertains.
Expand Down
19 changes: 19 additions & 0 deletions experimental/generated/ecs/ecs_flat.yml
Original file line number Diff line number Diff line change
Expand Up @@ -1318,6 +1318,25 @@ dll.pe.product:
original_fieldset: pe
short: Internal product name of the file, provided at compile-time.
type: keyword
dns.answers:
dashed_name: dns-answers
description: 'An array containing an object for each answer section returned by
the server.
The main keys that should be present in these objects are defined by ECS. Records
that have more information may contain more keys than what ECS defines.
Not all DNS data sources give all details about DNS answers. At minimum, answer
objects must contain the `data` key. If more information is available, map as
much of it to ECS as possible, and add any additional fields to the answer objects
as custom fields.'
flat_name: dns.answers
level: extended
name: answers
normalize:
- array
short: Array of DNS answers.
type: object
dns.answers.class:
dashed_name: dns-answers-class
description: The class of DNS data contained in this resource record.
Expand Down
19 changes: 19 additions & 0 deletions experimental/generated/ecs/ecs_nested.yml
Original file line number Diff line number Diff line change
Expand Up @@ -1667,6 +1667,25 @@ dns:
(`dns.type:query`) or they should represent a full exchange and contain the query
details as well as all of the answers that were provided for this query (`dns.type:answer`).'
fields:
dns.answers:
dashed_name: dns-answers
description: 'An array containing an object for each answer section returned
by the server.
The main keys that should be present in these objects are defined by ECS.
Records that have more information may contain more keys than what ECS defines.
Not all DNS data sources give all details about DNS answers. At minimum, answer
objects must contain the `data` key. If more information is available, map
as much of it to ECS as possible, and add any additional fields to the answer
objects as custom fields.'
flat_name: dns.answers
level: extended
name: answers
normalize:
- array
short: Array of DNS answers.
type: object
dns.answers.class:
dashed_name: dns-answers-class
description: The class of DNS data contained in this resource record.
Expand Down
3 changes: 2 additions & 1 deletion experimental/generated/elasticsearch/7/template.json
Original file line number Diff line number Diff line change
Expand Up @@ -568,7 +568,8 @@
"ignore_above": 1024,
"type": "keyword"
}
}
},
"type": "object"
},
"header_flags": {
"ignore_above": 1024,
Expand Down

0 comments on commit dd91245

Please sign in to comment.