Skip to content

Commit cff1594

Browse files
marc-grmarc-gr
authored
Set event.module and event.dataset (#1273)
1 parent 2e5c6ea commit cff1594

File tree

5 files changed

+17
-8
lines changed

5 files changed

+17
-8
lines changed

packages/santa/changelog.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,9 @@
11
# newer versions go on top
2+
- version: "0.2.0"
3+
changes:
4+
- description: Set "event.module" and "event.dataset"
5+
type: enhancement
6+
link: https://github.com/elastic/integrations/pull/1273
27
- version: "0.1.0"
38
changes:
49
- description: update to ECS 1.10.0 and adding event.original options

packages/santa/data_stream/log/fields/base-fields.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,14 @@
77
- name: data_stream.namespace
88
type: constant_keyword
99
description: Data stream namespace.
10+
- name: event.module
11+
type: constant_keyword
12+
description: Event module
13+
value: santa
14+
- name: event.dataset
15+
type: constant_keyword
16+
description: Event dataset
17+
value: santa.log
1018
- name: '@timestamp'
1119
type: date
1220
description: Event timestamp.

packages/santa/data_stream/log/fields/ecs.yml

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,11 +14,6 @@
1414
group: 2
1515
type: group
1616
fields:
17-
- name: dataset
18-
level: core
19-
type: keyword
20-
ignore_above: 1024
21-
description: 'Name of the dataset.'
2217
- name: ingested
2318
level: core
2419
type: date

packages/santa/docs/README.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -110,8 +110,9 @@ An example event for `log` looks as following:
110110
| data_stream.namespace | Data stream namespace. | constant_keyword |
111111
| data_stream.type | Data stream type. | constant_keyword |
112112
| ecs.version | ECS version this event conforms to. | keyword |
113-
| event.dataset | Name of the dataset. | keyword |
113+
| event.dataset | Event dataset | constant_keyword |
114114
| event.ingested | Timestamp when an event arrived in the central data store. | date |
115+
| event.module | Event module | constant_keyword |
115116
| file.x509.issuer.common_name | List of common name (CN) of issuing certificate authority. | keyword |
116117
| group.id | Unique identifier for the group on the system/platform. | keyword |
117118
| group.name | Name of the group. | keyword |

packages/santa/manifest.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
name: santa
22
title: Google Santa
3-
version: 0.1.0
3+
version: 0.2.0
44
release: experimental
55
description: Google Santa Integration
66
type: integration
@@ -14,7 +14,7 @@ categories:
1414
- security
1515
- os_system
1616
conditions:
17-
kibana.version: ^7.11.0
17+
kibana.version: ^7.14.0
1818
screenshots:
1919
- src: /img/kibana-santa-log-overview.png
2020
title: kibana santa log overview

0 commit comments

Comments
 (0)