Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add network traffic package #1176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 17 commits into from
Jul 12, 2021
Merged

Add network traffic package #1176

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
fe07878
Add network trafic package
Jun 22, 2021
2027268
Add pcap tests
Jun 22, 2021
9c13c3b
run elastic-package format
Jun 22, 2021
062138d
Fix up ports on http tests
Jun 24, 2021
7702403
Fix up ports on mysql tests
Jun 24, 2021
05e8e15
Fix field mappings for mongo, mysql, and nfs
Jun 24, 2021
1cac87b
Fix up fields for pgsql, sip, thrift, and tls
Jun 24, 2021
5d25825
update README
Jun 24, 2021
d9bcdd3
Update dns fields
Jun 24, 2021
568b778
Fix up http fields
Jun 24, 2021
40b02d3
Fix redis test configuration port
Jun 24, 2021
88fea15
Fix cassandra fields
Jun 24, 2021
2d6f4c9
Fix missing fields
Jun 24, 2021
eedf403
Fix up test ids for dns
Jun 24, 2021
ea6cb31
Fix missing dns field
Jun 24, 2021
35cf52d
Fix some more bad fields
Jun 24, 2021
1b1a3ce
Revert keyword -> long changes and add testing config
Jun 24, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix missing dns field
  • Loading branch information
Andrew Stucki committed Jun 24, 2021
commit ea6cb3140523ee880e8aa6845813cdd625e0dc1c
6 changes: 6 additions & 0 deletions packages/network_traffic/data_stream/dns/fields/ecs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -217,3 +217,9 @@
level: extended
name: dns.question.subdomain
type: keyword
- description: The type of DNS event captured, query or answer.
example: answer
ignore_above: 1024
level: extended
name: dns.type
type: keyword
1 change: 1 addition & 0 deletions packages/network_traffic/docs/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -593,6 +593,7 @@ Fields published for DNS packets.
| dns.question.type | The type of record being queried. | keyword |
| dns.resolved_ip | Array containing all IPs seen in answers.data | ip |
| dns.response_code | The DNS response code. | keyword |
| dns.type | The type of DNS event captured, query or answer. | keyword |
| ecs.version | ECS version this event conforms to. | keyword |
| event.category | Event category. The second categorization field in the hierarchy. | keyword |
| event.dataset | Name of the dataset. | keyword |
Expand Down