Changed xpack-watcher dateField default to previous value

2019-09-12 00:19:47 +02:00
parent 8f612f743c
commit 19f431b6d2
1 changed files with 1 additions and 1 deletions
@@ -452,7 +452,7 @@ class XPackWatcherBackend(ElasticsearchQuerystringBackend, MultiRuleOutputMixin)
        tags = sigmaparser.parsedyaml.setdefault("tags", "")
        # Get time frame if exists
        interval = sigmaparser.parsedyaml["detection"].setdefault("timeframe", "30m")
-        dateField = self.sigmaconfig.config.get("dateField", "date")
+        dateField = self.sigmaconfig.config.get("dateField", "timestamp")
        
        # creating condition
        indices = sigmaparser.get_logsource().index