From d2d4eddc6fb37eab57da26740a4ef2609a247f01 Mon Sep 17 00:00:00 2001 From: Chris Berkhout Date: Thu, 19 Sep 2024 18:59:00 +0200 Subject: [PATCH] Fix externaldevicecontrol's tychon[.tychon].id fields following tychon-agent.yml addition. --- .../data_stream/externaldevicecontrol/fields/fields.yml | 6 ------ packages/tychon/docs/README.md | 6 +++--- .../transform/externaldevicecontrol/fields/fields.yml | 6 ------ 3 files changed, 3 insertions(+), 15 deletions(-) diff --git a/packages/tychon/data_stream/externaldevicecontrol/fields/fields.yml b/packages/tychon/data_stream/externaldevicecontrol/fields/fields.yml index 8652b826d5d..4683f8e2703 100644 --- a/packages/tychon/data_stream/externaldevicecontrol/fields/fields.yml +++ b/packages/tychon/data_stream/externaldevicecontrol/fields/fields.yml @@ -13,9 +13,6 @@ - name: device_location type: keyword description: The device location of where it was plugged in - - name: id - type: keyword - description: TYCHON unique document identifier. - name: log type: group fields: @@ -91,9 +88,6 @@ - name: version type: keyword description: Tychon data version - - name: id - type: keyword - description: TYCHON Unique ID for upserts - name: type type: keyword description: The type of event being sent for device control, policy change type (policy) or device event (device) from the event log diff --git a/packages/tychon/docs/README.md b/packages/tychon/docs/README.md index 117c0e23715..dc19e3410ef 100644 --- a/packages/tychon/docs/README.md +++ b/packages/tychon/docs/README.md @@ -149,7 +149,7 @@ TYCHON checks local browser configuration settings. | tychon.host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | tychon.host.uptime | Seconds the host has been up. | long | | tychon.host.workgroup | Host Workgroup Network Name. | keyword | -| tychon.id | TYCHON unique host identifier. | keyword | +| tychon.id | TYCHON unique document identifier. | keyword | | tychon.package.architecture | Package architecture. | keyword | | tychon.package.cpe | The cpe value for this application | keyword | | tychon.package.edition | The edition of this application | keyword | @@ -173,7 +173,7 @@ TYCHON checks local browser configuration settings. | tychon.script.version | Scanner Script Version. | version | | tychon.tls.version_protocol | Protocol name and version in the original format. | keyword | | tychon.tychon.data.version | Data Version. | version | -| tychon.tychon.id | ID. | keyword | +| tychon.tychon.id | TYCHON unique host identifier. | keyword | ### Listening Certificate Ciphers @@ -877,7 +877,7 @@ TYCHON will ensure external devices like usb hard drives and cdrom drives cannot | tychon.script.type | Scanner Script Type. | keyword | | tychon.script.version | Scanner Script Version. | version | | tychon.tychon.data.version | Tychon data version | keyword | -| tychon.tychon.id | TYCHON Unique ID for upserts | keyword | +| tychon.tychon.id | TYCHON unique host identifier. | keyword | | tychon.type | The type of event being sent for device control, policy change type (policy) or device event (device) from the event log | keyword | diff --git a/packages/tychon/elasticsearch/transform/externaldevicecontrol/fields/fields.yml b/packages/tychon/elasticsearch/transform/externaldevicecontrol/fields/fields.yml index 8652b826d5d..4683f8e2703 100644 --- a/packages/tychon/elasticsearch/transform/externaldevicecontrol/fields/fields.yml +++ b/packages/tychon/elasticsearch/transform/externaldevicecontrol/fields/fields.yml @@ -13,9 +13,6 @@ - name: device_location type: keyword description: The device location of where it was plugged in - - name: id - type: keyword - description: TYCHON unique document identifier. - name: log type: group fields: @@ -91,9 +88,6 @@ - name: version type: keyword description: Tychon data version - - name: id - type: keyword - description: TYCHON Unique ID for upserts - name: type type: keyword description: The type of event being sent for device control, policy change type (policy) or device event (device) from the event log