Added
- Added
threat.*
fields to apply a taxonomy to events and alerts. #505 - Added fields in
log.*
to allow for full Syslog mapping. #525 - Added
package.*
to installed software packages. #532 - Added
registered_domain
tourl
,source
,destination
,client
, andserver
. #533 - Added
top_level_domain
field tourl
,dns.question
,source
,destination
,client
, andserver
. #542, #572 - Added
group.domain
field. #547 - Added
url.extension
. #551, #573 - Added
observer.name
andobserver.product
. #557, #571 - Added
dns.question.subdomain
field. #561, #574 - Added
error.stack_trace
field. #562 - Added
log.origin.file.name
,log.origin.function
andlog.origin.file.line
fields. #563, #568 - Added
service.node.name
to allow distinction between different nodes of the same service running on the same host. #565 - Added
error.type
field. #566