security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refresh ECS, Beats manifest and schemas (#3993)

Browse Source
This commit is contained in:
shashank-elastic
2024-08-20 20:45:20 +05:30
committed by GitHub
parent 10ba6ad5a6
commit d3dc231315
72 changed files with 137 additions and 227 deletions
Download Patch File Download Diff File Expand all files Collapse all files
detection_rules/etc/api_schemas/master/master.base.json
+9 -27
View File
@@ -112,7 +112,6 @@
},
"name": {
"description": "RuleName",
"pattern": "^[a-zA-Z0-9].+?[a-zA-Z0-9\\[\\]()]$",
"type": "string"
},
"note": {
@@ -182,6 +181,10 @@
"min_compat": "8.3",
"type": "array"
},
"revision": {
"min_compat": "8.8",
"type": "integer"
},
"risk_score": {
"description": "MaxSignals",
"maximum": 100,
@@ -364,36 +367,10 @@
},
"timeline_id": {
"description": "TimelineTemplateId",
"enum": [
"db366523-f1c6-4c1f-8731-6ce5ed9e5717",
"91832785-286d-4ebe-b884-1a208d111a70",
"76e52245-7519-4251-91ab-262fb1a1728c",
"495ad7a7-316e-4544-8a0f-9c098daee76e",
"4d4c0b59-ea83-483f-b8c1-8c360ee53c5c",
"e70679c2-6cde-4510-9764-4823df18f7db",
"300afc76-072d-4261-864d-4149714bf3f1",
"3e47ef71-ebfc-4520-975c-cb27fc090799",
"3e827bab-838a-469f-bd1e-5e19a2bff2fd",
"4434b91a-94ca-4a89-83cb-a37cdc0532b7"
],
"enumNames": [],
"type": "string"
},
"timeline_title": {
"description": "TimelineTemplateTitle",
"enum": [
"Generic Endpoint Timeline",
"Generic Network Timeline",
"Generic Process Timeline",
"Generic Threat Match Timeline",
"Comprehensive File Timeline",
"Comprehensive Process Timeline",
"Comprehensive Network Timeline",
"Comprehensive Registry Timeline",
"Alerts Involving a Single User Timeline",
"Alerts Involving a Single Host Timeline"
],
"enumNames": [],
"type": "string"
},
"timestamp_override": {
@@ -415,6 +392,11 @@
],
"enumNames": [],
"type": "string"
},
"version": {
"description": "PositiveInteger",
"minimum": 1,
"type": "integer"
}
},
"required": [
detection_rules/etc/api_schemas/master/master.eql.json
+9 -27
View File
@@ -185,7 +185,6 @@
},
"name": {
"description": "RuleName",
"pattern": "^[a-zA-Z0-9].+?[a-zA-Z0-9\\[\\]()]$",
"type": "string"
},
"note": {
@@ -258,6 +257,10 @@
"min_compat": "8.3",
"type": "array"
},
"revision": {
"min_compat": "8.8",
"type": "integer"
},
"risk_score": {
"description": "MaxSignals",
"maximum": 100,
@@ -444,36 +447,10 @@
},
"timeline_id": {
"description": "TimelineTemplateId",
"enum": [
"db366523-f1c6-4c1f-8731-6ce5ed9e5717",
"91832785-286d-4ebe-b884-1a208d111a70",
"76e52245-7519-4251-91ab-262fb1a1728c",
"495ad7a7-316e-4544-8a0f-9c098daee76e",
"4d4c0b59-ea83-483f-b8c1-8c360ee53c5c",
"e70679c2-6cde-4510-9764-4823df18f7db",
"300afc76-072d-4261-864d-4149714bf3f1",
"3e47ef71-ebfc-4520-975c-cb27fc090799",
"3e827bab-838a-469f-bd1e-5e19a2bff2fd",
"4434b91a-94ca-4a89-83cb-a37cdc0532b7"
],
"enumNames": [],
"type": "string"
},
"timeline_title": {
"description": "TimelineTemplateTitle",
"enum": [
"Generic Endpoint Timeline",
"Generic Network Timeline",
"Generic Process Timeline",
"Generic Threat Match Timeline",
"Comprehensive File Timeline",
"Comprehensive Process Timeline",
"Comprehensive Network Timeline",
"Comprehensive Registry Timeline",
"Alerts Involving a Single User Timeline",
"Alerts Involving a Single Host Timeline"
],
"enumNames": [],
"type": "string"
},
"timestamp_field": {
@@ -491,6 +468,11 @@
"eql"
],
"type": "string"
},
"version": {
"description": "PositiveInteger",
"minimum": 1,
"type": "integer"
}
},
"required": [
detection_rules/etc/api_schemas/master/master.esql.json
+9 -27
View File
@@ -181,7 +181,6 @@
},
"name": {
"description": "RuleName",
"pattern": "^[a-zA-Z0-9].+?[a-zA-Z0-9\\[\\]()]$",
"type": "string"
},
"note": {
@@ -254,6 +253,10 @@
"min_compat": "8.3",
"type": "array"
},
"revision": {
"min_compat": "8.8",
"type": "integer"
},
"risk_score": {
"description": "MaxSignals",
"maximum": 100,
@@ -436,36 +439,10 @@
},
"timeline_id": {
"description": "TimelineTemplateId",
"enum": [
"db366523-f1c6-4c1f-8731-6ce5ed9e5717",
"91832785-286d-4ebe-b884-1a208d111a70",
"76e52245-7519-4251-91ab-262fb1a1728c",
"495ad7a7-316e-4544-8a0f-9c098daee76e",
"4d4c0b59-ea83-483f-b8c1-8c360ee53c5c",
"e70679c2-6cde-4510-9764-4823df18f7db",
"300afc76-072d-4261-864d-4149714bf3f1",
"3e47ef71-ebfc-4520-975c-cb27fc090799",
"3e827bab-838a-469f-bd1e-5e19a2bff2fd",
"4434b91a-94ca-4a89-83cb-a37cdc0532b7"
],
"enumNames": [],
"type": "string"
},
"timeline_title": {
"description": "TimelineTemplateTitle",
"enum": [
"Generic Endpoint Timeline",
"Generic Network Timeline",
"Generic Process Timeline",
"Generic Threat Match Timeline",
"Comprehensive File Timeline",
"Comprehensive Process Timeline",
"Comprehensive Network Timeline",
"Comprehensive Registry Timeline",
"Alerts Involving a Single User Timeline",
"Alerts Involving a Single Host Timeline"
],
"enumNames": [],
"type": "string"
},
"timestamp_override": {
@@ -479,6 +456,11 @@
"esql"
],
"type": "string"
},
"version": {
"description": "PositiveInteger",
"minimum": 1,
"type": "integer"
}
},
"required": [
detection_rules/etc/api_schemas/master/master.machine_learning.json
+63 -27
View File
@@ -14,6 +14,60 @@
},
"type": "array"
},
"alert_suppression": {
"additionalProperties": false,
"properties": {
"duration": {
"additionalProperties": false,
"properties": {
"unit": {
"enum": [
"s",
"m",
"h"
],
"enumNames": [],
"type": "string"
},
"value": {
"description": "AlertSupressionValue",
"minimum": 1,
"type": "integer"
}
},
"required": [
"unit",
"value"
],
"type": "object"
},
"group_by": {
"description": "AlertSuppressionGroupBy",
"items": {
"description": "NonEmptyStr",
"minLength": 1,
"type": "string"
},
"maxItems": 3,
"minItems": 1,
"type": "array"
},
"missing_fields_strategy": {
"description": "AlertSuppressionMissing",
"enum": [
"suppress",
"doNotSuppress"
],
"enumNames": [],
"type": "string"
}
},
"required": [
"group_by",
"missing_fields_strategy"
],
"type": "object"
},
"anomaly_threshold": {
"type": "integer"
},
@@ -128,7 +182,6 @@
},
"name": {
"description": "RuleName",
"pattern": "^[a-zA-Z0-9].+?[a-zA-Z0-9\\[\\]()]$",
"type": "string"
},
"note": {
@@ -198,6 +251,10 @@
"min_compat": "8.3",
"type": "array"
},
"revision": {
"min_compat": "8.8",
"type": "integer"
},
"risk_score": {
"description": "MaxSignals",
"maximum": 100,
@@ -380,36 +437,10 @@
},
"timeline_id": {
"description": "TimelineTemplateId",
"enum": [
"db366523-f1c6-4c1f-8731-6ce5ed9e5717",
"91832785-286d-4ebe-b884-1a208d111a70",
"76e52245-7519-4251-91ab-262fb1a1728c",
"495ad7a7-316e-4544-8a0f-9c098daee76e",
"4d4c0b59-ea83-483f-b8c1-8c360ee53c5c",
"e70679c2-6cde-4510-9764-4823df18f7db",
"300afc76-072d-4261-864d-4149714bf3f1",
"3e47ef71-ebfc-4520-975c-cb27fc090799",
"3e827bab-838a-469f-bd1e-5e19a2bff2fd",
"4434b91a-94ca-4a89-83cb-a37cdc0532b7"
],
"enumNames": [],
"type": "string"
},
"timeline_title": {
"description": "TimelineTemplateTitle",
"enum": [
"Generic Endpoint Timeline",
"Generic Network Timeline",
"Generic Process Timeline",
"Generic Threat Match Timeline",
"Comprehensive File Timeline",
"Comprehensive Process Timeline",
"Comprehensive Network Timeline",
"Comprehensive Registry Timeline",
"Alerts Involving a Single User Timeline",
"Alerts Involving a Single Host Timeline"
],
"enumNames": [],
"type": "string"
},
"timestamp_override": {
@@ -423,6 +454,11 @@
"machine_learning"
],
"type": "string"
},
"version": {
"description": "PositiveInteger",
"minimum": 1,
"type": "integer"
}
},
"required": [
detection_rules/etc/api_schemas/master/master.new_terms.json
+9 -27
View File
@@ -185,7 +185,6 @@
},
"name": {
"description": "RuleName",
"pattern": "^[a-zA-Z0-9].+?[a-zA-Z0-9\\[\\]()]$",
"type": "string"
},
"new_terms": {
@@ -308,6 +307,10 @@
"min_compat": "8.3",
"type": "array"
},
"revision": {
"min_compat": "8.8",
"type": "integer"
},
"risk_score": {
"description": "MaxSignals",
"maximum": 100,
@@ -490,36 +493,10 @@
},
"timeline_id": {
"description": "TimelineTemplateId",
"enum": [
"db366523-f1c6-4c1f-8731-6ce5ed9e5717",
"91832785-286d-4ebe-b884-1a208d111a70",
"76e52245-7519-4251-91ab-262fb1a1728c",
"495ad7a7-316e-4544-8a0f-9c098daee76e",
"4d4c0b59-ea83-483f-b8c1-8c360ee53c5c",
"e70679c2-6cde-4510-9764-4823df18f7db",
"300afc76-072d-4261-864d-4149714bf3f1",
"3e47ef71-ebfc-4520-975c-cb27fc090799",
"3e827bab-838a-469f-bd1e-5e19a2bff2fd",
"4434b91a-94ca-4a89-83cb-a37cdc0532b7"
],
"enumNames": [],
"type": "string"
},
"timeline_title": {
"description": "TimelineTemplateTitle",
"enum": [
"Generic Endpoint Timeline",
"Generic Network Timeline",
"Generic Process Timeline",
"Generic Threat Match Timeline",
"Comprehensive File Timeline",
"Comprehensive Process Timeline",
"Comprehensive Network Timeline",
"Comprehensive Registry Timeline",
"Alerts Involving a Single User Timeline",
"Alerts Involving a Single Host Timeline"
],
"enumNames": [],
"type": "string"
},
"timestamp_override": {
@@ -533,6 +510,11 @@
"new_terms"
],
"type": "string"
},
"version": {
"description": "PositiveInteger",
"minimum": 1,
"type": "integer"
}
},
"required": [
detection_rules/etc/api_schemas/master/master.query.json
+9 -27
View File
@@ -185,7 +185,6 @@
},
"name": {
"description": "RuleName",
"pattern": "^[a-zA-Z0-9].+?[a-zA-Z0-9\\[\\]()]$",
"type": "string"
},
"note": {
@@ -258,6 +257,10 @@
"min_compat": "8.3",
"type": "array"
},
"revision": {
"min_compat": "8.8",
"type": "integer"
},
"risk_score": {
"description": "MaxSignals",
"maximum": 100,
@@ -440,36 +443,10 @@
},
"timeline_id": {
"description": "TimelineTemplateId",
"enum": [
"db366523-f1c6-4c1f-8731-6ce5ed9e5717",
"91832785-286d-4ebe-b884-1a208d111a70",
"76e52245-7519-4251-91ab-262fb1a1728c",
"495ad7a7-316e-4544-8a0f-9c098daee76e",
"4d4c0b59-ea83-483f-b8c1-8c360ee53c5c",
"e70679c2-6cde-4510-9764-4823df18f7db",
"300afc76-072d-4261-864d-4149714bf3f1",
"3e47ef71-ebfc-4520-975c-cb27fc090799",
"3e827bab-838a-469f-bd1e-5e19a2bff2fd",
"4434b91a-94ca-4a89-83cb-a37cdc0532b7"
],
"enumNames": [],
"type": "string"
},
"timeline_title": {
"description": "TimelineTemplateTitle",
"enum": [
"Generic Endpoint Timeline",
"Generic Network Timeline",
"Generic Process Timeline",
"Generic Threat Match Timeline",
"Comprehensive File Timeline",
"Comprehensive Process Timeline",
"Comprehensive Network Timeline",
"Comprehensive Registry Timeline",
"Alerts Involving a Single User Timeline",
"Alerts Involving a Single Host Timeline"
],
"enumNames": [],
"type": "string"
},
"timestamp_override": {
@@ -483,6 +460,11 @@
"query"
],
"type": "string"
},
"version": {
"description": "PositiveInteger",
"minimum": 1,
"type": "integer"
}
},
"required": [
detection_rules/etc/api_schemas/master/master.threat_match.json
+9 -27
View File
@@ -195,7 +195,6 @@
},
"name": {
"description": "RuleName",
"pattern": "^[a-zA-Z0-9].+?[a-zA-Z0-9\\[\\]()]$",
"type": "string"
},
"note": {
@@ -268,6 +267,10 @@
"min_compat": "8.3",
"type": "array"
},
"revision": {
"min_compat": "8.8",
"type": "integer"
},
"risk_score": {
"description": "MaxSignals",
"maximum": 100,
@@ -529,36 +532,10 @@
},
"timeline_id": {
"description": "TimelineTemplateId",
"enum": [
"db366523-f1c6-4c1f-8731-6ce5ed9e5717",
"91832785-286d-4ebe-b884-1a208d111a70",
"76e52245-7519-4251-91ab-262fb1a1728c",
"495ad7a7-316e-4544-8a0f-9c098daee76e",
"4d4c0b59-ea83-483f-b8c1-8c360ee53c5c",
"e70679c2-6cde-4510-9764-4823df18f7db",
"300afc76-072d-4261-864d-4149714bf3f1",
"3e47ef71-ebfc-4520-975c-cb27fc090799",
"3e827bab-838a-469f-bd1e-5e19a2bff2fd",
"4434b91a-94ca-4a89-83cb-a37cdc0532b7"
],
"enumNames": [],
"type": "string"
},
"timeline_title": {
"description": "TimelineTemplateTitle",
"enum": [
"Generic Endpoint Timeline",
"Generic Network Timeline",
"Generic Process Timeline",
"Generic Threat Match Timeline",
"Comprehensive File Timeline",
"Comprehensive Process Timeline",
"Comprehensive Network Timeline",
"Comprehensive Registry Timeline",
"Alerts Involving a Single User Timeline",
"Alerts Involving a Single Host Timeline"
],
"enumNames": [],
"type": "string"
},
"timestamp_override": {
@@ -572,6 +549,11 @@
"threat_match"
],
"type": "string"
},
"version": {
"description": "PositiveInteger",
"minimum": 1,
"type": "integer"
}
},
"required": [
detection_rules/etc/api_schemas/master/master.threshold.json
+9 -27
View File
@@ -164,7 +164,6 @@
},
"name": {
"description": "RuleName",
"pattern": "^[a-zA-Z0-9].+?[a-zA-Z0-9\\[\\]()]$",
"type": "string"
},
"note": {
@@ -237,6 +236,10 @@
"min_compat": "8.3",
"type": "array"
},
"revision": {
"min_compat": "8.8",
"type": "integer"
},
"risk_score": {
"description": "MaxSignals",
"maximum": 100,
@@ -465,36 +468,10 @@
},
"timeline_id": {
"description": "TimelineTemplateId",
"enum": [
"db366523-f1c6-4c1f-8731-6ce5ed9e5717",
"91832785-286d-4ebe-b884-1a208d111a70",
"76e52245-7519-4251-91ab-262fb1a1728c",
"495ad7a7-316e-4544-8a0f-9c098daee76e",
"4d4c0b59-ea83-483f-b8c1-8c360ee53c5c",
"e70679c2-6cde-4510-9764-4823df18f7db",
"300afc76-072d-4261-864d-4149714bf3f1",
"3e47ef71-ebfc-4520-975c-cb27fc090799",
"3e827bab-838a-469f-bd1e-5e19a2bff2fd",
"4434b91a-94ca-4a89-83cb-a37cdc0532b7"
],
"enumNames": [],
"type": "string"
},
"timeline_title": {
"description": "TimelineTemplateTitle",
"enum": [
"Generic Endpoint Timeline",
"Generic Network Timeline",
"Generic Process Timeline",
"Generic Threat Match Timeline",
"Comprehensive File Timeline",
"Comprehensive Process Timeline",
"Comprehensive Network Timeline",
"Comprehensive Registry Timeline",
"Alerts Involving a Single User Timeline",
"Alerts Involving a Single Host Timeline"
],
"enumNames": [],
"type": "string"
},
"timestamp_override": {
@@ -508,6 +485,11 @@
"threshold"
],
"type": "string"
},
"version": {
"description": "PositiveInteger",
"minimum": 1,
"type": "integer"
}
},
"required": [
detection_rules/etc/beats_schemas/main.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/beats_schemas/v8.15.0.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.10.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.10.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.11.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.11.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.12.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.12.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.12.1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.12.1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.12.2/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.12.2/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.7.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.7.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.8.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.8.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.9.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/1.9.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.0.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.0.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.0.1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.0.1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.1.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.1.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.10.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.10.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.11.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.11.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.2.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.2.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.2.1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.2.1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.3.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.3.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.3.1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.3.1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.4.0-rc1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.4.0-rc1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.4.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.4.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.5.0-rc1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.5.0-rc1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.5.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.5.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.5.1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.5.1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.5.2/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.5.2/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.6.0-rc1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.6.0-rc1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.6.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.6.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.6.1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.6.1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.7.0-rc1/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.7.0-rc1/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.7.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.7.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.8.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.8.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.9.0/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/8.9.0/ecs_nested.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/ecs_schemas/master_8.12.0-dev/ecs_flat.json.gz
BIN
View File
Binary file not shown.
detection_rules/etc/stack-schema-map.yaml
+11 -11
View File
@@ -95,21 +95,21 @@
endgame: "8.4.0"
"8.13.0":
beats: "8.12.2"
ecs: "8.11.0"
endgame: "8.4.0"
"8.14.0":
beats: "8.12.2"
ecs: "8.11.0"
endgame: "8.4.0"
"8.15.0":
beats: "8.13.4"
ecs: "8.11.0"
endgame: "8.4.0"
"8.16.0":
"8.14.0":
beats: "8.14.3"
ecs: "8.11.0"
endgame: "8.4.0"
"8.15.0":
beats: "8.15.0"
ecs: "8.11.0"
endgame: "8.4.0"
"8.16.0":
beats: "8.15.0"
ecs: "8.11.0"
endgame: "8.4.0"