SECURITY-ENDPOINT: add fields for events to metadata document (#70491) (

#70547) SECURITY-ENDPOINT: EMT-492 add fields for events to metadata document
elastic · Jul 2, 2020 · 719814f · 719814f
1 parent 278beb4
commit 719814f
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 4 deletions.
diff --git a/x-pack/plugins/security_solution/common/endpoint/generate_data.ts b/x-pack/plugins/security_solution/common/endpoint/generate_data.ts
@@ -363,6 +363,13 @@ export class EndpointDocGenerator {
       '@timestamp': ts,
       event: {
         created: ts,
+        id: this.seededUUIDv4(),
+        kind: 'metric',
+        category: ['host'],
+        type: ['info'],
+        module: 'endpoint',
+        action: 'endpoint_metadata',
+        dataset: 'endpoint.metadata',
       },
       ...this.commonInfo,
     };
@@ -1184,8 +1191,8 @@ export class EndpointDocGenerator {
         created: ts,
         id: this.seededUUIDv4(),
         kind: 'state',
-        category: 'host',
-        type: 'change',
+        category: ['host'],
+        type: ['change'],
         module: 'endpoint',
         action: 'endpoint_policy_response',
         dataset: 'endpoint.policy',

diff --git a/x-pack/plugins/security_solution/common/endpoint/types.ts b/x-pack/plugins/security_solution/common/endpoint/types.ts
@@ -399,6 +399,13 @@ export type HostMetadata = Immutable<{
   '@timestamp': number;
   event: {
     created: number;
+    kind: string;
+    id: string;
+    category: string[];
+    type: string[];
+    module: string;
+    action: string;
+    dataset: string;
   };
   elastic: {
     agent: {
@@ -771,8 +778,8 @@ export interface HostPolicyResponse {
     created: number;
     kind: string;
     id: string;
-    category: string;
-    type: string;
+    category: string[];
+    type: string[];
     module: string;
     action: string;
     dataset: string;