github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 01:38:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

Collect additional fields for alert telemetry. (#101578) (#101602)

Browse source 
Co-authored-by: Pete Hampton <pjhampton@users.noreply.github.com>
This commit is contained in:
Kibana Machine 2021-06-08 12:00:24 -04:00 committed by GitHub
parent d6b7e38672
commit e09bc40c1b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
x-pack/plugins/security_solution/server/lib/telemetry/sender.ts
View file

@ -293,6 +293,9 @@ const allowlistProcessFields: AllowlistFields = {
command_line: true,
hash: true,
pid: true,
pe: {
original_file_name: true,
},
uptime: true,
Ext: {
architecture: true,
@ -313,6 +316,9 @@ const allowlistBaseEventFields: AllowlistFields = {
path: true,
code_signature: true,
malware_signature: true,
pe: {
original_file_name: true,
},
},
event: true,
file: {
@ -326,6 +332,7 @@ const allowlistBaseEventFields: AllowlistFields = {
hash: true,
Ext: {
code_signature: true,
header_data: true,
malware_classification: true,
malware_signature: true,
quarantine_result: true,
@ -351,6 +358,9 @@ const allowlistBaseEventFields: AllowlistFields = {
...allowlistProcessFields,
},
},
user: {
id: true,
},
};
// Allow list for the data we include in the events. True means that it is deep-cloned