github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/packages/kbn-ecs/generated/rule.ts
Ying Mao 11c0bacdab
Revert "[Security Solution] Update ecs package to latest ecs definiti… (#168864) 
Reverts https://github.com/elastic/kibana/pull/168553

Seeing these errors when updating existing alerts as data mappings

```
[2023-10-13T11:06:44.254-04:00][ERROR][plugins.alerting] ResponseError: illegal_argument_exception
	Root causes:
		illegal_argument_exception: can't merge a non-nested mapping [faas.trigger] with a nested mapping
    at KibanaTransport.request (/Users/ying/Code/kibana_prs/node_modules/@elastic/transport/src/Transport.ts:535:17)
    at processTicksAndRejections (node:internal/process/task_queues:95:5)
```

Needs further investigation as ECS mappings should be backwards
compatible
2023-10-13 09:30:34 -07:00

55 lines
2.2 KiB
TypeScript
Raw Blame History

/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/**
* Rule fields are used to capture the specifics of any observer or agent rules that generate alerts or other notable events.
* Examples of data sources that would populate the rule fields include: network admission control platforms, network or host IDS/IPS, network firewalls, web application firewalls, url filters, endpoint detection and response (EDR) systems, etc.
*/
export interface EcsRule {
/**
* Name, organization, or pseudonym of the author or authors who created the rule used to generate this event.
*/
author?: string[];
/**
* A categorization value keyword used by the entity using the rule for detection of this event.
*/
category?: string;
/**
* The description of the rule generating the event.
*/
description?: string;
/**
* A rule ID that is unique within the scope of an agent, observer, or other entity using the rule for detection of this event.
*/
id?: string;
/**
* Name of the license under which the rule used to generate this event is made available.
*/
license?: string;
/**
* The name of the rule or signature generating the event.
*/
name?: string;
/**
* Reference URL to additional information about the rule used to generate this event.
* The URL can point to the vendor's documentation about the rule. If that's not available, it can also be a link to a more general page describing this type of alert.
*/
reference?: string;
/**
* Name of the ruleset, policy, group, or parent category in which the rule used to generate this event is a member.
*/
ruleset?: string;
/**
* A rule ID that is unique within the scope of a set or group of agents, observers, or other entities using the rule for detection of this event.
*/
uuid?: string;
/**
* The version / revision of the rule being used for analysis.
*/
version?: string;
}
Reference in a new issue View git blame Copy permalink