set category fields in default anomaly detectors to give a better br…

…eakdown of contributors, idaholab/Malcolm#idaholab#464
mmguero-dev · Apr 25, 2024 · 12d32eb · 12d32eb
1 parent dc6bd91
commit 12d32eb
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 7 deletions.
diff --git a/dashboards/anomaly_detectors/action_result_user.json b/dashboards/anomaly_detectors/action_result_user.json
@@ -5,9 +5,6 @@
   "indices": [
     "MALCOLM_NETWORK_INDEX_PATTERN_REPLACER"
   ],
-  "category_field": [
-    "network.protocol"
-  ],
   "feature_attributes": [
     {
       "feature_name": "event_action",
@@ -81,5 +78,9 @@
       "interval": 10,
       "unit": "MINUTES"
     }
-  }
+  },
+  "category_field": [
+    "event.action",
+    "event.result"
+  ]
 }
diff --git a/dashboards/anomaly_detectors/file_mime_type.json b/dashboards/anomaly_detectors/file_mime_type.json
@@ -43,5 +43,8 @@
       "interval": 1,
       "unit": "Minutes"
     }
-  }
+  },
+  "category_field": [
+    "file.mime_type"
+  ]
 }
diff --git a/dashboards/anomaly_detectors/network_protocol.json b/dashboards/anomaly_detectors/network_protocol.json
@@ -43,5 +43,8 @@
       "interval": 1,
       "unit": "Minutes"
     }
-  }
+  },
+  "category_field": [
+    "network.protocol"
+  ]
 }
diff --git a/dashboards/anomaly_detectors/total_bytes.json b/dashboards/anomaly_detectors/total_bytes.json
@@ -43,5 +43,9 @@
       "interval": 1,
       "unit": "Minutes"
     }
-  }
+  },
+  "category_field": [
+    "source.ip",
+    "destination.ip"
+  ]
 }