Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add domain field to Group Schema #547

Merged
merged 4 commits into from
Sep 25, 2019
Merged

Add domain field to Group Schema #547

merged 4 commits into from
Sep 25, 2019

Conversation

janniten
Copy link
Contributor

@janniten janniten commented Sep 9, 2019

Added group.domain field in the group schema.
I've been working with Window's Security Groups Events and the group domain needs to be mapped into ECS in order to be able to correlate with others events
(Example events 4731,4732,4733,... where the SubjectDomainName is the domain of the group created/modified/deteled, etc)
Another use case I found to justified the existence of the group,domain was several Fortigate Logs where group="DOMAIN\GROUP" appears as field (for example log_id=0315093008)

@webmat webmat requested review from dainperkins and MikePaquette and removed request for MikePaquette September 9, 2019 18:02
@webmat
Copy link
Contributor

webmat commented Sep 9, 2019

Thanks for submitting this!

I think this makes sense, yes. @dainperkins WDYT?

@webmat
Copy link
Contributor

webmat commented Sep 24, 2019

@elasticmachine, run elasticsearch-ci/docs

webmat
webmat suggested changes Sep 24, 2019
View reviewed changes
Copy link
Contributor

@webmat webmat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alright, this is almost good to go. Two minor changes and I'll merge:

  • Please add a changelog entry in CHANGELOG.next.md
  • Please add an empty line before "For example...", this will ensure they appear as two paragraphs in the docs.

Thanks again :-)

@webmat webmat removed the request for review from dainperkins September 24, 2019 18:41
@janniten
Copy link
Contributor Author

Alright, this is almost good to go. Two minor changes and I'll merge:

  • Please add a changelog entry in CHANGELOG.next.md
  • Please add an empty line before "For example...", this will ensure they appear as two paragraphs in the docs.

Thanks again :-)

Done!
Regards

webmat
webmat approved these changes Sep 25, 2019
View reviewed changes
Copy link
Contributor

@webmat webmat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alright, thanks for the adjustments!

@webmat webmat merged commit fef7d6b into elastic:master Sep 25, 2019
@janniten janniten mentioned this pull request Oct 29, 2019
Merged
@leehinman leehinman mentioned this pull request Dec 17, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@webmat webmat webmat approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@janniten @webmat