Justin Ibarra
24 lines
499 B
YAML
24 lines
499 B
YAML
---
|
|
package:
|
|
name: "7.11"
|
|
release: true
|
|
# exclude rules which have any of the following index <-> field pairs
|
|
# exclude_fields:
|
|
# # special field to apply to all indexes
|
|
# any:
|
|
# - process.args
|
|
# - network.direction
|
|
# logs-endpoint.events.*:
|
|
# - file.name
|
|
filter:
|
|
# ecs_version:
|
|
# - 1.4.0
|
|
# - 1.5.0
|
|
maturity:
|
|
- production
|
|
# log deprecated rules in summary and change logs
|
|
log_deprecated: true
|
|
# rule version scoping
|
|
# min_version: 1
|
|
# max_version: 5
|