Skip to content

Commit

Permalink
Changes network to use ECS fields (#44392) (#44549)
Browse files Browse the repository at this point in the history
* Change network to use ECS fields

* Updated functional tests with new field mapping and data
  • Loading branch information
FrankHassanabad authored Aug 30, 2019
1 parent 2e2b9b0 commit 44e0234
Show file tree
Hide file tree
Showing 7 changed files with 6 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ export const getNetworkDnsColumns = (type: networkModel.NetworkType): NetworkDns
excluded: false,
kqlQuery: '',
queryMatch: {
field: 'dns.question.etld_plus_one',
field: 'dns.question.registered_domain',
value: dnsName,
operator: IS_OPERATOR,
},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ const getQueryOrder = (networkDnsSortField: NetworkDnsSortField): QueryOrder =>
const getCountAgg = () => ({
dns_count: {
cardinality: {
field: 'dns.question.etld_plus_one',
field: 'dns.question.registered_domain',
},
},
});
Expand Down Expand Up @@ -87,7 +87,7 @@ export const buildDnsQuery = ({
...getCountAgg(),
dns_name_query_count: {
terms: {
field: 'dns.question.etld_plus_one',
field: 'dns.question.registered_domain',
size: querySize,
order: {
...getQueryOrder(networkDnsSortField),
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3160,7 +3160,7 @@
"dns.question.name",
"dns.question.type",
"dns.question.class",
"dns.question.etld_plus_one",
"dns.question.registered_domain",
"dns.answers.name",
"dns.answers.type",
"dns.answers.class",
Expand Down
Binary file modified x-pack/test/functional/es_archives/packetbeat/dns/data.json.gz
Binary file not shown.
Original file line number Diff line number Diff line change
Expand Up @@ -3403,7 +3403,7 @@
"dns.question.name",
"dns.question.type",
"dns.question.class",
"dns.question.etld_plus_one",
"dns.question.registered_domain",
"dns.answers.name",
"dns.answers.type",
"dns.answers.class",
Expand Down
Binary file not shown.
Original file line number Diff line number Diff line change
Expand Up @@ -3160,7 +3160,7 @@
"dns.question.name",
"dns.question.type",
"dns.question.class",
"dns.question.etld_plus_one",
"dns.question.registered_domain",
"dns.answers.name",
"dns.answers.type",
"dns.answers.class",
Expand Down

0 comments on commit 44e0234

Please sign in to comment.