Justin Ibarra
163d9e3864
* Make cardinality array in schema for threshold rules * update master, 7.12, 7.13, and 7.14 schemas with cardinality fix * fix 7.12 downgrade to handle cardinality as an array * Add two new rules to detect agent spoofing Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
13 lines
435 B
YAML
13 lines
435 B
YAML
# alignment of stack with beats and ecs versions
|
|
# ECS versions do not align perfectly with stack releases (as of 7.13), so this will reflect MAX ecs version for a
|
|
# given release
|
|
|
|
"7.13.0":
|
|
# beats release about the same time as the stack, so we cannot update this until it is released
|
|
beats: "7.13.2"
|
|
ecs: "1.9.0"
|
|
|
|
"7.14.0":
|
|
beats: "master" # TODO: 7.14.x
|
|
ecs: "master" # TODO: master came out after 7.13.0 release
|