Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RFC] Host Identifiers #955

Merged
merged 5 commits into from
Sep 8, 2020
Merged

[RFC] Host Identifiers #955

merged 5 commits into from
Sep 8, 2020

Conversation

ebeahan
Copy link
Member

@ebeahan ebeahan commented Aug 26, 2020
edited
Loading

This RFC PR is seeking stage 0 acceptance. The strawperson document proposes establishing better conventions around host identifiers in ECS.

Preview of the RFC

@ebeahan ebeahan added the RFC label Aug 26, 2020
@ebeahan ebeahan self-assigned this Aug 26, 2020
@ebeahan ebeahan requested a review from webmat August 26, 2020 21:54
@ebeahan @webmat
Apply suggestions from code review
f2f9e22 
Co-authored-by: Mathieu Martin <webmat@gmail.com>
@ebeahan
Copy link
Member Author

ebeahan commented Aug 27, 2020

@webmat I included your additions. Anything else to capture for stage 0?

webmat
webmat previously approved these changes Sep 8, 2020
View reviewed changes
Copy link
Contributor

@webmat webmat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ebeahan ebeahan merged commit e2650b8 into elastic:master Sep 8, 2020
@ebeahan ebeahan deleted the host-identifiers-stage-0 branch September 8, 2020 18:21
@dainperkins
Copy link
Contributor

Wondering if enrichment / entity analysis should be at least a consideration in this - thinking about correlating ip/macs to hosts from an entity perspective (I'm not even sure what would need to be considered, but probably worth thinking about)

@webmat
Copy link
Contributor

webmat commented Nov 19, 2020

Yeah better guidance on host identifiers will definitely make it easier to maintain entity indices of hosts, which can then be used for enrichment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@webmat webmat webmat left review comments

Assignees

@ebeahan ebeahan

Labels
RFC
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ebeahan @dainperkins @webmat