github elastic/ecs v8.1.0
ECS 8.1.0
on GitHub

latest releases: v8.11.0, v8.10.0, v8.9.0...
2 years ago

What's new in ECS 8.1

The email.* field set

Proposed in RFC 0010, this release introduces a beta email.* field set. These fields capture event details from email message headers, bodies, and attachments.

Additional hash fields

ECS 8.1 also adds three additional hash fields:

  • hash.sha384
  • hash.tlsh
  • pe.pehash

These fields help align ECS with Threat Intelligence features available in the Elastic platform.

Changelog

Schema Changes

Added

  • Added two new fields (sha384,tlsh) to hash schema and one field to pe schema (pehash). #1678
  • Added email.* beta field set. ##1688, #1705

Removed

  • Removing process.target.* reuses from experimental schema. #1666
  • Removing RFC 0014 pe.* fields from experimental schema. #1670

Tooling and Artifact Changes

Bugfixes

  • Fix invalid documentation link generation in component templates _meta. #1728

Improvements

  • Update refs from master to main in USAGE.md etc #1658
  • Clean up trailing spaces and additional newlines in schemas #1667
  • Use higher compression as default in composable index template settings. #1712
  • Bump dependencies. #1782
Check out latest releases or
releases around elastic/ecs v8.1.0

Don't miss a new ecs release

NewReleases is sending notifications on new releases.

Get notifications