Skip to content

Commit a8d4c61

Browse files
maxcoldmaxcold
committed
add observer.vendor to the ecs mappings
1 parent b868e48 commit a8d4c61

File tree

4 files changed

+118
-114
lines changed

4 files changed

+118
-114
lines changed

packages/cloud_security_posture/data_stream/findings/_dev/test/pipeline/test-findings-log.json

Lines changed: 113 additions & 113 deletions
Original file line numberDiff line numberDiff line change
@@ -1,116 +1,116 @@
11
{
2-
"events": [
3-
{
4-
"rule": {
5-
"benchmark": {
6-
"name": "CIS Microsoft Azure Foundations",
7-
"rule_number": "1.23",
8-
"id": "cis_azure",
9-
"version": "v2.0.0",
10-
"posture_type": "cspm"
2+
"events": [
3+
{
4+
"rule": {
5+
"benchmark": {
6+
"name": "CIS Microsoft Azure Foundations",
7+
"rule_number": "1.23",
8+
"id": "cis_azure",
9+
"version": "v2.0.0",
10+
"posture_type": "cspm"
11+
}
12+
},
13+
"cloud": {
14+
"provider": "azure",
15+
"account": {
16+
"id": "",
17+
"name": ""
18+
}
19+
},
20+
"@timestamp": "2024-04-04T16:32:27.398Z"
21+
},
22+
{
23+
"rule": {
24+
"benchmark": {
25+
"name": "CIS Microsoft Azure Foundations",
26+
"rule_number": "1.23",
27+
"id": "cis_azure",
28+
"version": "v2.0.0",
29+
"posture_type": "cspm"
30+
}
31+
},
32+
"cloud": {
33+
"provider": "azure",
34+
"account": {
35+
"id": "test",
36+
"name": ""
37+
}
38+
},
39+
"@timestamp": "2024-04-04T16:32:27.398Z"
40+
},
41+
{
42+
"rule": {
43+
"benchmark": {
44+
"name": "CIS Microsoft Azure Foundations",
45+
"rule_number": "1.23",
46+
"id": "cis_azure",
47+
"version": "v2.0.0",
48+
"posture_type": "cspm"
49+
}
50+
},
51+
"cloud": {
52+
"provider": "azure",
53+
"account": {
54+
"id": "test-2",
55+
"name": "test 2"
56+
}
57+
},
58+
"@timestamp": "2024-04-04T16:32:27.398Z"
59+
},
60+
{
61+
"rule": {
62+
"benchmark": {
63+
"name": "CIS Amazon Elastic Kubernetes Service (EKS)",
64+
"rule_number": "3.2.5",
65+
"id": "cis_eks",
66+
"version": "v1.0.1"
67+
}
68+
},
69+
"@timestamp": "2024-04-04T16:32:27.398Z"
70+
},
71+
{
72+
"rule": {
73+
"benchmark": {
74+
"name": "CIS Amazon Elastic Kubernetes Service (EKS)",
75+
"rule_number": "3.2.5",
76+
"id": "cis_eks",
77+
"version": "v1.0.1",
78+
"posture_type": "kspm"
79+
}
80+
},
81+
"@timestamp": "2024-04-04T16:32:27.398Z"
82+
},
83+
{
84+
"cluster_id": "cluster_test_1",
85+
"rule": {
86+
"benchmark": {
87+
"name": "CIS Amazon Elastic Kubernetes Service (EKS)",
88+
"rule_number": "3.2.5",
89+
"id": "cis_eks",
90+
"version": "v1.0.1",
91+
"posture_type": "kspm"
92+
}
93+
},
94+
"@timestamp": "2024-04-04T16:32:27.398Z"
95+
},
96+
{
97+
"cluster_id": "cluster_test_1",
98+
"orchestrator": {
99+
"cluster": {
100+
"name": "cluster_test",
101+
"id": "cluster_test"
102+
}
103+
},
104+
"rule": {
105+
"benchmark": {
106+
"name": "CIS Amazon Elastic Kubernetes Service (EKS)",
107+
"rule_number": "3.2.5",
108+
"id": "cis_eks",
109+
"version": "v1.0.1",
110+
"posture_type": "kspm"
111+
}
112+
},
113+
"@timestamp": "2024-04-04T16:32:27.398Z"
11114
}
12-
},
13-
"cloud": {
14-
"provider": "azure",
15-
"account": {
16-
"id": "",
17-
"name": ""
18-
}
19-
},
20-
"@timestamp": "2024-04-04T16:32:27.398Z"
21-
},
22-
{
23-
"rule": {
24-
"benchmark": {
25-
"name": "CIS Microsoft Azure Foundations",
26-
"rule_number": "1.23",
27-
"id": "cis_azure",
28-
"version": "v2.0.0",
29-
"posture_type": "cspm"
30-
}
31-
},
32-
"cloud": {
33-
"provider": "azure",
34-
"account": {
35-
"id": "test",
36-
"name": ""
37-
}
38-
},
39-
"@timestamp": "2024-04-04T16:32:27.398Z"
40-
},
41-
{
42-
"rule": {
43-
"benchmark": {
44-
"name": "CIS Microsoft Azure Foundations",
45-
"rule_number": "1.23",
46-
"id": "cis_azure",
47-
"version": "v2.0.0",
48-
"posture_type": "cspm"
49-
}
50-
},
51-
"cloud": {
52-
"provider": "azure",
53-
"account": {
54-
"id": "test-2",
55-
"name": "test 2"
56-
}
57-
},
58-
"@timestamp": "2024-04-04T16:32:27.398Z"
59-
},
60-
{
61-
"rule": {
62-
"benchmark": {
63-
"name": "CIS Amazon Elastic Kubernetes Service (EKS)",
64-
"rule_number": "3.2.5",
65-
"id": "cis_eks",
66-
"version": "v1.0.1"
67-
}
68-
},
69-
"@timestamp": "2024-04-04T16:32:27.398Z"
70-
},
71-
{
72-
"rule": {
73-
"benchmark": {
74-
"name": "CIS Amazon Elastic Kubernetes Service (EKS)",
75-
"rule_number": "3.2.5",
76-
"id": "cis_eks",
77-
"version": "v1.0.1",
78-
"posture_type": "kspm"
79-
}
80-
},
81-
"@timestamp": "2024-04-04T16:32:27.398Z"
82-
},
83-
{
84-
"cluster_id": "cluster_test_1",
85-
"rule": {
86-
"benchmark": {
87-
"name": "CIS Amazon Elastic Kubernetes Service (EKS)",
88-
"rule_number": "3.2.5",
89-
"id": "cis_eks",
90-
"version": "v1.0.1",
91-
"posture_type": "kspm"
92-
}
93-
},
94-
"@timestamp": "2024-04-04T16:32:27.398Z"
95-
},
96-
{
97-
"cluster_id": "cluster_test_1",
98-
"orchestrator": {
99-
"cluster": {
100-
"name": "cluster_test",
101-
"id": "cluster_test"
102-
}
103-
},
104-
"rule": {
105-
"benchmark": {
106-
"name": "CIS Amazon Elastic Kubernetes Service (EKS)",
107-
"rule_number": "3.2.5",
108-
"id": "cis_eks",
109-
"version": "v1.0.1",
110-
"posture_type": "kspm"
111-
}
112-
},
113-
"@timestamp": "2024-04-04T16:32:27.398Z"
114-
}
115-
]
115+
]
116116
}

packages/cloud_security_posture/data_stream/findings/fields/cloud.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,4 +5,4 @@
55
- name: Organization.id
66
type: keyword
77
- name: Organization.name
8-
type: keyword
8+
type: keyword

packages/cloud_security_posture/data_stream/findings/fields/ecs.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -144,3 +144,5 @@
144144
external: ecs
145145
- name: user.effective.id
146146
external: ecs
147+
- name: observer.vendor
148+
external: ecs

packages/cloud_security_posture/data_stream/vulnerabilities/fields/ecs.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -96,3 +96,5 @@
9696
external: ecs
9797
- name: package.version
9898
external: ecs
99+
- name: observer.vendor
100+
external: ecs

0 commit comments

Comments
 (0)