Terrance DeJesus
7e459dd585
* adding support new_terms_fields and window_start_history * adjusted rule.py to address flake errors * added assertion error if history_window_start does not exist * removed sample rule * removed self.rule_id from DataValidator * added new_terms to RuleType * changed new terms to its own class in rule.py * removed nonexisting function call in DataValidator class * adjusted new_terms field value in dataclass * changed literal type for history_window_start; view-rule working * removing test TOML rule * addressed flake errors for missing newlines * added validation option and adjusted object referencing * adjusted validation method call in post_validation * addressed flake errors for multiple spaces * added transform method to NewTermsRuleData class * added validation for min stack version and new terms array length restraints * added validation for unique new terms array * Update detection_rules/rule.py Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com> * removed historywindowstart definition and adjusted subclass * removed test rule from commit * adjusted if/else for data transform method check * adjusted stack-schema-map; validation method name * Update detection_rules/rule.py Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com> * added assertion for history_window_start field value * added variables for feature min stack and extended field min stack * Update detection_rules/rule.py Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com> * Update detection_rules/rule.py Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com> * addressed flake errors for continuation line with same indent Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
71 lines
1.3 KiB
YAML
71 lines
1.3 KiB
YAML
# Purpose: Alignment of stack with beats and ecs versions
|
|
|
|
# Notes
|
|
## ECS versions do not align perfectly with stack releases (as of 7.13), so this will reflect MAX ecs version for a given release
|
|
## To determine beats versions, visit https://github.com/elastic/beats/tags to determine latest version during preparation PR
|
|
|
|
## Updates:
|
|
## 7.17 was intentionally skipped because it was added late and was bug fix only
|
|
## 06/2022 - dropped backport support for 7.13.0, 7.14.0, 7.15.0 as of 8.4 branch creation
|
|
|
|
## Unsupported
|
|
#"7.13.0":
|
|
# # beats release about the same time as the stack, so we cannot update this until it is released
|
|
# beats: "7.13.2"
|
|
# ecs: "1.9.0"
|
|
|
|
#"7.14.0":
|
|
# beats: "7.14.0"
|
|
# ecs: "1.10.0"
|
|
|
|
#"7.15.0":
|
|
# beats: "7.15.1"
|
|
# ecs: "1.11.0"
|
|
|
|
## Supported
|
|
|
|
"7.16.0":
|
|
beats: "7.16.2"
|
|
ecs: "1.12.2"
|
|
endgame: "1.9.0"
|
|
|
|
"8.0.0":
|
|
beats: "8.0.1"
|
|
ecs: "8.0.1"
|
|
endgame: "1.9.0"
|
|
|
|
"8.1.0":
|
|
beats: "8.1.2"
|
|
ecs: "8.1.0"
|
|
endgame: "1.9.0"
|
|
|
|
"8.2.0":
|
|
beats: "8.2.1"
|
|
ecs: "8.2.1"
|
|
endgame: "1.9.0"
|
|
|
|
"8.3.0":
|
|
beats: "main"
|
|
ecs: "8.3.1"
|
|
endgame: "1.9.0"
|
|
|
|
"8.4.0":
|
|
beats: "main"
|
|
ecs: "8.4.0"
|
|
endgame: "8.4.0"
|
|
|
|
"8.5.0":
|
|
beats: "main"
|
|
ecs: "8.5.2"
|
|
endgame: "8.4.0"
|
|
|
|
"8.6.0":
|
|
beats: "main"
|
|
ecs: "8.5.2"
|
|
endgame: "8.4.0"
|
|
|
|
"8.7.0":
|
|
beats: "main"
|
|
ecs: "8.5.2"
|
|
endgame: "8.4.0"
|