Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added container.privileged field #2219

Merged
merged 3 commits into from
Jun 27, 2023
Merged

Added container.privileged field #2219

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8e3744c
added `container.privileged` field
Tacklebox Jun 20, 2023
f1190ae
Added new field to CHANGELOG.next.md
Tacklebox Jun 20, 2023
37ac2a1
Rebuilt artifacts
Tacklebox Jun 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.next.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ Thanks, you're awesome :-) -->
#### Bugfixes

#### Added
* Added `container.privileged` to indicated whether a container was started in privileged mode. #2219

#### Improvements

Expand Down
16 changes: 16 additions & 0 deletions docs/fields/field-details.asciidoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1213,6 +1213,22 @@ type: long



| extended

// ===============================================================

|
[[field-container-privileged]]
<<field-container-privileged, container.privileged>>

a| Indicates whether the container is running in privileged mode.

type: bool





| extended

// ===============================================================
Expand Down
5 changes: 5 additions & 0 deletions experimental/generated/beats/fields.ecs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -944,6 +944,11 @@
description: The number of bytes received (gauge) on all network interfaces
by the container since the last metric collection.
default_field: false
- name: privileged
level: extended
type: bool
description: Indicates whether the container is running in privileged mode.
default_field: false
- name: runtime
level: extended
type: keyword
Expand Down
1 change: 1 addition & 0 deletions experimental/generated/csv/fields.csv
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,7 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description
8.10.0-dev+exp,true,container,container.name,keyword,extended,,,Container name.
8.10.0-dev+exp,true,container,container.network.egress.bytes,long,extended,,,The number of bytes sent on all network interfaces.
8.10.0-dev+exp,true,container,container.network.ingress.bytes,long,extended,,,The number of bytes received on all network interfaces.
8.10.0-dev+exp,true,container,container.privileged,bool,extended,,,Indicates whether the container is running in privileged mode.
8.10.0-dev+exp,true,container,container.runtime,keyword,extended,,docker,Runtime managing this container.
8.10.0-dev+exp,true,data_stream,data_stream.dataset,constant_keyword,extended,,nginx.access,The field can contain anything that makes sense to signify the source of the data.
8.10.0-dev+exp,true,data_stream,data_stream.namespace,constant_keyword,extended,,production,A user defined namespace. Namespaces are useful to allow grouping of data.
Expand Down
9 changes: 9 additions & 0 deletions experimental/generated/ecs/ecs_flat.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1183,6 +1183,15 @@ container.network.ingress.bytes:
normalize: []
short: The number of bytes received on all network interfaces.
type: long
container.privileged:
dashed_name: container-privileged
description: Indicates whether the container is running in privileged mode.
flat_name: container.privileged
level: extended
name: privileged
normalize: []
short: Indicates whether the container is running in privileged mode.
type: bool
container.runtime:
dashed_name: container-runtime
description: Runtime managing this container.
Expand Down
9 changes: 9 additions & 0 deletions experimental/generated/ecs/ecs_nested.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1562,6 +1562,15 @@ container:
normalize: []
short: The number of bytes received on all network interfaces.
type: long
container.privileged:
dashed_name: container-privileged
description: Indicates whether the container is running in privileged mode.
flat_name: container.privileged
level: extended
name: privileged
normalize: []
short: Indicates whether the container is running in privileged mode.
type: bool
container.runtime:
dashed_name: container-runtime
description: Runtime managing this container.
Expand Down
3 changes: 3 additions & 0 deletions experimental/generated/elasticsearch/composable/component/container.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,9 @@
}
}
},
"privileged": {
"type": "bool"
},
"runtime": {
"ignore_above": 1024,
"type": "keyword"
Expand Down
3 changes: 3 additions & 0 deletions experimental/generated/elasticsearch/legacy/template.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -560,6 +560,9 @@
}
}
},
"privileged": {
"type": "bool"
},
"runtime": {
"ignore_above": 1024,
"type": "keyword"
Expand Down
5 changes: 5 additions & 0 deletions generated/beats/fields.ecs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -894,6 +894,11 @@
description: The number of bytes received (gauge) on all network interfaces
by the container since the last metric collection.
default_field: false
- name: privileged
level: extended
type: bool
description: Indicates whether the container is running in privileged mode.
default_field: false
- name: runtime
level: extended
type: keyword
Expand Down
1 change: 1 addition & 0 deletions generated/csv/fields.csv
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description
8.10.0-dev,true,container,container.name,keyword,extended,,,Container name.
8.10.0-dev,true,container,container.network.egress.bytes,long,extended,,,The number of bytes sent on all network interfaces.
8.10.0-dev,true,container,container.network.ingress.bytes,long,extended,,,The number of bytes received on all network interfaces.
8.10.0-dev,true,container,container.privileged,bool,extended,,,Indicates whether the container is running in privileged mode.
8.10.0-dev,true,container,container.runtime,keyword,extended,,docker,Runtime managing this container.
8.10.0-dev,true,data_stream,data_stream.dataset,constant_keyword,extended,,nginx.access,The field can contain anything that makes sense to signify the source of the data.
8.10.0-dev,true,data_stream,data_stream.namespace,constant_keyword,extended,,production,A user defined namespace. Namespaces are useful to allow grouping of data.
Expand Down
9 changes: 9 additions & 0 deletions generated/ecs/ecs_flat.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1114,6 +1114,15 @@ container.network.ingress.bytes:
normalize: []
short: The number of bytes received on all network interfaces.
type: long
container.privileged:
dashed_name: container-privileged
description: Indicates whether the container is running in privileged mode.
flat_name: container.privileged
level: extended
name: privileged
normalize: []
short: Indicates whether the container is running in privileged mode.
type: bool
container.runtime:
dashed_name: container-runtime
description: Runtime managing this container.
Expand Down
9 changes: 9 additions & 0 deletions generated/ecs/ecs_nested.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1482,6 +1482,15 @@ container:
normalize: []
short: The number of bytes received on all network interfaces.
type: long
container.privileged:
dashed_name: container-privileged
description: Indicates whether the container is running in privileged mode.
flat_name: container.privileged
level: extended
name: privileged
normalize: []
short: Indicates whether the container is running in privileged mode.
type: bool
container.runtime:
dashed_name: container-runtime
description: Runtime managing this container.
Expand Down
3 changes: 3 additions & 0 deletions generated/elasticsearch/composable/component/container.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,9 @@
}
}
},
"privileged": {
"type": "bool"
},
"runtime": {
"ignore_above": 1024,
"type": "keyword"
Expand Down
3 changes: 3 additions & 0 deletions generated/elasticsearch/legacy/template.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -518,6 +518,9 @@
}
}
},
"privileged": {
"type": "bool"
},
"runtime": {
"ignore_above": 1024,
"type": "keyword"
Expand Down
7 changes: 7 additions & 0 deletions schemas/container.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,13 @@
The number of bytes (gauge) sent out on all network interfaces by the
container since the last metric collection.

- name: privileged
type: bool
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Tacklebox shouldn't this be type: boolean?

level: extended
short: Indicates whether the container is running in privileged mode.
description: >
Indicates whether the container is running in privileged mode.

- name: runtime
level: extended
type: keyword
Expand Down