From f2eb3a456308a6551cd07bdfe7e11d47b48c57cb Mon Sep 17 00:00:00 2001
From: Eric Beahan <eric.beahan@elastic.co>
Date: Thu, 13 Aug 2020 14:24:32 -0500
Subject: [PATCH] [1.x] add related.hosts (#913) (#924)

---
 generated/csv/fields.csv | 1 +
 1 file changed, 1 insertion(+)

diff --git a/generated/csv/fields.csv b/generated/csv/fields.csv
index ba520eba06..d8333ba416 100644
--- a/generated/csv/fields.csv
+++ b/generated/csv/fields.csv
@@ -442,6 +442,7 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description
 1.7.0-dev,true,registry,registry.path,keyword,core,,HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winword.exe\Debugger,"Full path, including hive, key and value"
 1.7.0-dev,true,registry,registry.value,keyword,core,,Debugger,Name of the value written.
 1.7.0-dev,true,related,related.hash,keyword,extended,array,,All the hashes seen on your event.
+1.7.0-dev,true,related,related.hosts,keyword,extended,array,,All the host identifiers seen on your event.
 1.7.0-dev,true,related,related.ip,ip,extended,array,,All of the IPs seen on your event.
 1.7.0-dev,true,related,related.user,keyword,extended,array,,All the user names seen on your event.
 1.7.0-dev,true,rule,rule.author,keyword,extended,array,['Star-Lord'],Rule author