-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Filebeat] Update cisco module to ECS 1.4 #16028
Labels
Comments
Pinging @elastic/siem (Team:SIEM) |
leehinman
changed the title
[Filebeat] Update cisco asa & ios filesets to support ECS 1.4 fields
[Filebeat] Update module to ECS 1.4
Feb 6, 2020
leehinman
changed the title
[Filebeat] Update module to ECS 1.4
[Filebeat] Update cisco module to ECS 1.4
Feb 6, 2020
3 tasks
leehinman
added a commit
to leehinman/beats
that referenced
this issue
May 18, 2020
- asa + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ftd + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ios + explicitly set ECS version + event.kind + event.category + event.type Closes elastic#16028
leehinman
added a commit
that referenced
this issue
Jun 4, 2020
…18537) * Improve ECS categorization field mappings in cisco module - asa + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ftd + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ios + explicitly set ECS version + event.kind + event.category + event.type Closes #16028 Co-authored-by: Andrew Kroh <[email protected]>
leehinman
added a commit
to leehinman/beats
that referenced
this issue
Jun 4, 2020
…lastic#18537) * Improve ECS categorization field mappings in cisco module - asa + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ftd + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ios + explicitly set ECS version + event.kind + event.category + event.type Closes elastic#16028 Co-authored-by: Andrew Kroh <[email protected]> (cherry picked from commit f1139f2)
3 tasks
leehinman
added a commit
that referenced
this issue
Jun 5, 2020
…18537) (#18982) * Improve ECS categorization field mappings in cisco module - asa + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ftd + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ios + explicitly set ECS version + event.kind + event.category + event.type Closes #16028 Co-authored-by: Andrew Kroh <[email protected]> (cherry picked from commit f1139f2)
melchiormoulin
pushed a commit
to melchiormoulin/beats
that referenced
this issue
Oct 14, 2020
…lastic#18537) * Improve ECS categorization field mappings in cisco module - asa + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ftd + explicitly set ECS version + event.kind + event.category + event.type + related.hash + related.ip + related.user - ios + explicitly set ECS version + event.kind + event.category + event.type Closes elastic#16028 Co-authored-by: Andrew Kroh <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Filesets
rules field for ACLs
The text was updated successfully, but these errors were encountered: