mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 01:38:56 -04:00
ef64acf405
## Summary Follow on from https://github.com/elastic/kibana/pull/151388 & https://github.com/elastic/kibana/pull/147398, which includes the rule's current `revision` when writing to the kibana event-log. Note: Added as `kibana.alert.rule.revision` instead of as ECS field `rule.version` as the [ECS docs](https://www.elastic.co/guide/en/ecs/current/ecs-rule.html#field-rule-version) conflate `version` & `revision` and figured it was best to be explicit. If we do indeed want to use `rule.version` I'll make the change. <p align="center"> <img width="500" src="https://user-images.githubusercontent.com/2946766/233216775-f371f412-dcf6-4ef7-a396-84ec853eebbb.png" /> </p> ### Checklist Delete any items that are not applicable to this PR. - [X] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios |
||
|---|---|---|
| .. | ||
| mappings.json | ||
| README.md | ||
| schemas.ts | ||
Generating event schema
The files in this directory were generated by manually running the script
../scripts/create-schemas.js from the root directory of the repository.
These files should not be edited by hand.
Please follow the following steps:
-
Clone the ECS repo locally so that it resides along side your kibana repo, and checkout the ECS version you wish to support (for example, the
1.8branch, for version 1.8). -
In the
x-pack/plugins/event_log/scripts/mappings.jsfile you'll want to make the following changes:- Update
EcsCustomPropertyMappingsto include the mapping of the custom fields you wish to add. - Update
EcsPropertiesToGenerateto include the fields in the generatedmappings.json. - Make sure to list all array fields in
EcsEventLogMultiValuedProperties.
- Update
-
Cd to the
kibanaroot folder and run:node ./x-pack/plugins/event_log/scripts/create_schemas.js