[Rule Tuning] Tuning Host Name to Agent Name for Compatibility (#5849)

* [Rule Tuning] Tuning Host Name to Agent Name for Compatibility

* ++

rules/cross-platform/persistence_web_server_potential_command_injection.toml

@@ -2,7 +2,7 @@
 creation_date = "2025/11/19"
 integration = ["nginx", "apache", "apache_tomcat", "iis", "traefik"]
 maturity = "production"
-updated_date = "2026/03/16"
+updated_date = "2026/03/19"
 
 [rule]
 author = ["Elastic"]
@@ -115,7 +115,7 @@ from logs-nginx.access-*, logs-apache.access-*, logs-apache_tomcat.access-*, log
     http.request.method,
     http.response.status_code,
     user_agent.original,
-    host.name,
+    agent.name,
     event.dataset,
     data_stream.namespace
 
@@ -125,7 +125,7 @@ from logs-nginx.access-*, logs-apache.access-*, logs-apache_tomcat.access-*, log
 
     // General fields
 
-    Esql.host_name_values = values(host.name),
+    Esql.agent_name_values = values(agent.name),
     Esql.agent_id_values = values(agent.id),
     Esql.url_path_values = values(Esql.url_original_to_lower),
     Esql.http.response.status_code_values = values(http.response.status_code),