Skip to content

Commit

Permalink
Fix fields.yml indentation of audit group (elastic#10556)
Browse files Browse the repository at this point in the history 
The group named audit has been indented incorrectly. Thus, it was missing from the documentation and from the Asset string.
  • Loading branch information
@kvch
kvch committed Feb 5, 2019
1 parent 8eadc43 commit 6721571
Show file tree
Hide file tree
Showing 4 changed files with 362 additions and 62 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.next.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,8 @@ https://github.com/elastic/beats/compare/1035569addc4a3b29ffa14f8a08c27c1ace16ef

*Journalbeat*

- Fix fields.yml indentation of audit group which had the effect of creating an incomplete Elasticsearch index template. {pull}10556[10556]

*Metricbeat*

*Packetbeat*
Expand Down
104 changes: 52 additions & 52 deletions journalbeat/_meta/fields.common.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -158,67 +158,67 @@
description: >
The line number of the code which generated the log message.
- name: process
type: group
description: >
Fields to log on behalf of a different program.
fields:
- name: audit
type: group
description: >
Audit fields of event.
Fields to log on behalf of a different program.
fields:
- name: loginuid
- name: audit
type: group
description: >
Audit fields of event.
fields:
- name: loginuid
type: long
required: false
example: 1000
description: >
The login UID of the source process.
- name: session
type: long
required: false
example: 3
description: >
The audit session of the source process.
- name: cmd
type: keyword
required: false
example: "/lib/systemd/systemd --user"
description: >
The command line of the process.
- name: name
type: keyword
required: false
example: "/lib/systemd/systemd"
description: >
Name of the executable.
- name: executable
type: keyword
required: false
description: >
Path to the the executable.
example: "/lib/systemd/systemd"
- name: pid
type: long
required: false
example: 1000
example: 1
description: >
The login UID of the source process.
- name: session
The ID of the process which logged the message.
- name: gid
type: long
required: false
example: 3
example: 1
description: >
The audit session of the source process.
- name: cmd
type: keyword
required: false
example: "/lib/systemd/systemd --user"
description: >
The command line of the process.
- name: name
type: keyword
required: false
example: "/lib/systemd/systemd"
description: >
Name of the executable.
- name: executable
type: keyword
required: false
description: >
Path to the the executable.
example: "/lib/systemd/systemd"
- name: pid
type: long
required: false
example: 1
description: >
The ID of the process which logged the message.
- name: gid
type: long
required: false
example: 1
description: >
The ID of the group which runs the process.
- name: uid
type: long
required: false
example: 1
description: >
The ID of the user which runs the process.
- name: capabilites
required: false
description: >
The effective capabilites of the process.
The ID of the group which runs the process.
- name: uid
type: long
required: false
example: 1
description: >
The ID of the user which runs the process.
- name: capabilites
required: false
description: >
The effective capabilites of the process.
- name: systemd
type: group
description: >
Expand Down
Loading

0 comments on commit 6721571

Please sign in to comment.