Improve ECS field mappings in suricata module

- destination.domain - dns.question.top_level_domain - event.category - event.kind - event.outcome - event.type - related.hash - related.ip - rule.category - rule.id - rule.name - tls.client.server_name - tls.resumed - tls.server.certificate - tls.server.certificate_chain - tls.server.hash.sha1 - tls.server.issuer - tls.server.ja3s - tls.server.not_after - tls.server.not_before - tls.server.subject - tls.version - tls.version_protocol Closes #16181
elastic · Mar 5, 2020 · 9a86d35 · 9a86d35
1 parent 78e481d
commit 9a86d35
Show file tree

Hide file tree

Showing 6 changed files with 836 additions and 205 deletions.
diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc
@@ -164,6 +164,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
 - Improve ECS categorization field mapping in kafka module. {issue}16167[16167] {pull}16645[16645]
 - Allow users to override pipeline ID in fileset input config. {issue}9531[9531] {pull}16561[16561]
 - Add `o365audit` input type for consuming events from Office 365 Management Activity API. {issue}16196[16196] {pull}16244[16244]
+- Improve ECS categorization field mappings in suricata module. {issue}16181[16181] {pull}16843[16843]
 
 *Heartbeat*