Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update wazuh-states-vulnerabilities index template #190

Closed
AlexRuiz7 opened this issue Mar 19, 2024 · 3 comments · Fixed by wazuh/wazuh#22611 or #191
Closed

Update wazuh-states-vulnerabilities index template #190

AlexRuiz7 opened this issue Mar 19, 2024 · 3 comments · Fixed by wazuh/wazuh#22611 or #191
Assignees
@AlexRuiz7
Labels
level/task Task issue type/enhancement Enhancement issue

Comments

@AlexRuiz7
Copy link
Member

Description

We have been asked to update the index template and mappings for the wazuh-states-vulnerabilities index with the following changes.

  • Add 2 new fields to track the publication (published_at) and detection dates (detected_at) of the vulnerabilities.
  • Remove the @timestamp field

As always, we need to update the mappings, update the events' generator, test the new index template and open a pull request in wazuh/wazuh to update the template.
@AlexRuiz7 AlexRuiz7 added level/task Task issue type/enhancement Enhancement issue labels Mar 19, 2024
@AlexRuiz7 AlexRuiz7 self-assigned this Mar 19, 2024
@wazuhci wazuhci moved this to Triage in Release 4.8.0 Mar 19, 2024
AlexRuiz7 added a commit to wazuh/wazuh that referenced this issue Mar 19, 2024
@AlexRuiz7
Update legacy-template.json
b64e5cd 
See wazuh/wazuh-indexer#190
@AlexRuiz7 AlexRuiz7 mentioned this issue Mar 19, 2024
Merged
28 tasks
@AlexRuiz7
Copy link
Member Author

image

@AlexRuiz7 AlexRuiz7 linked a pull request Mar 19, 2024 that will close this issue
Update legacy-template.json wazuh/wazuh#22611
Merged
28 tasks
@AlexRuiz7 AlexRuiz7 mentioned this issue Mar 19, 2024
Merged
8 tasks
@wazuhci wazuhci moved this from Triage to Pending final review in Release 4.8.0 Mar 19, 2024
@wazuhci wazuhci moved this from Pending final review to Backlog in Release 4.8.0 Mar 25, 2024
@AlexRuiz7
Copy link
Member Author

We need to re-work this issues, as the fields detected_at and published_at should be inside the vulnerability class, not inside wazuh.

@wazuhci wazuhci moved this from Backlog to In progress in Release 4.8.0 Mar 25, 2024
@AlexRuiz7
Copy link
Member Author

image

@wazuhci wazuhci moved this from In progress to Pending final review in Release 4.8.0 Mar 25, 2024
@wazuhci wazuhci moved this from Pending final review to Done in Release 4.8.0 Mar 26, 2024
Leoquicenoz pushed a commit to wazuh/wazuh that referenced this issue Apr 4, 2024
@AlexRuiz7 @Leoquicenoz
Update legacy-template.json
b2429ac 
See wazuh/wazuh-indexer#190
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AlexRuiz7 AlexRuiz7

Labels
level/task Task issue type/enhancement Enhancement issue
Projects
No open projects
Release 4.8.0
Status: Done
Milestone
No milestone
1 participant
@AlexRuiz7