Path	Lines of Code
catalog-info.yaml	40
custom_documentation/src/endpoint/data_stream/alerts/linux/linux_malicious_behavior_alert.yaml	132
custom_documentation/src/endpoint/data_stream/alerts/linux/linux_malware_alert.yaml	231
custom_documentation/src/endpoint/data_stream/alerts/linux/linux_memory_threat_alert.yaml	205
custom_documentation/src/endpoint/data_stream/alerts/macos/macos_malicious_behavior_alert.yaml	119
custom_documentation/src/endpoint/data_stream/alerts/macos/macos_malware_alert.yaml	149
custom_documentation/src/endpoint/data_stream/alerts/macos/macos_memory_threat_alert.yaml	129
custom_documentation/src/endpoint/data_stream/alerts/windows/windows_malicious_behavior_alert.yaml	140
custom_documentation/src/endpoint/data_stream/alerts/windows/windows_malware_alert.yaml	204
custom_documentation/src/endpoint/data_stream/alerts/windows/windows_memory_threat_alert.yaml	145
custom_documentation/src/endpoint/data_stream/alerts/windows/windows_ransomware_alert.yaml	174
custom_documentation/src/endpoint/data_stream/alerts/windows/windows_shellcode_thread.yaml	261
custom_documentation/src/endpoint/data_stream/api/windows/windows_api_amsi.yaml	76
custom_documentation/src/endpoint/data_stream/api/windows/windows_api_asm.yaml	79
custom_documentation/src/endpoint/data_stream/api/windows/windows_api_credential_access.yaml	77
custom_documentation/src/endpoint/data_stream/api/windows/windows_api_kernel_audit.yaml	72
custom_documentation/src/endpoint/data_stream/api/windows/windows_api_tcpip.yaml	76
custom_documentation/src/endpoint/data_stream/api/windows/windows_api_threat_intelligence.yaml	115
custom_documentation/src/endpoint/data_stream/api/windows/windows_api_win32k.yaml	97
custom_documentation/src/endpoint/data_stream/api/windows/windows_api_wmi.yaml	86
custom_documentation/src/endpoint/data_stream/file/linux/linux_file_create.yaml	72
custom_documentation/src/endpoint/data_stream/file/linux/linux_file_delete.yaml	71
custom_documentation/src/endpoint/data_stream/file/linux/linux_file_endpoint_unquarantine.yaml	56
custom_documentation/src/endpoint/data_stream/file/linux/linux_file_rename.yaml	75
custom_documentation/src/endpoint/data_stream/file/macos/macos_file_access.yaml	64
custom_documentation/src/endpoint/data_stream/file/macos/macos_file_delete.yaml	79
custom_documentation/src/endpoint/data_stream/file/macos/macos_file_endpoint_unquarantine.yaml	56
custom_documentation/src/endpoint/data_stream/file/macos/macos_file_extended_attributes_delete.yaml	79
custom_documentation/src/endpoint/data_stream/file/macos/macos_file_launch_daemon.yaml	77
custom_documentation/src/endpoint/data_stream/file/macos/macos_file_modification.yaml	81
custom_documentation/src/endpoint/data_stream/file/macos/macos_file_mount.yaml	76
custom_documentation/src/endpoint/data_stream/file/macos/macos_file_rename.yaml	82
custom_documentation/src/endpoint/data_stream/file/windows/windows_file_create.yaml	83
custom_documentation/src/endpoint/data_stream/file/windows/windows_file_delete.yaml	78
custom_documentation/src/endpoint/data_stream/file/windows/windows_file_endpoint_unquarantine.yaml	56
custom_documentation/src/endpoint/data_stream/file/windows/windows_file_modification.yaml	80
custom_documentation/src/endpoint/data_stream/file/windows/windows_file_open.yaml	80
custom_documentation/src/endpoint/data_stream/file/windows/windows_file_overwrite.yaml	80
custom_documentation/src/endpoint/data_stream/file/windows/windows_file_rename.yaml	83
custom_documentation/src/endpoint/data_stream/library/macos/macos_library_load.yaml	82
custom_documentation/src/endpoint/data_stream/library/windows/windows_library_load.yaml	91
custom_documentation/src/endpoint/data_stream/metadata/metadata.yaml	61
custom_documentation/src/endpoint/data_stream/metrics/metrics.yaml	206
custom_documentation/src/endpoint/data_stream/network/linux/linux_network_attempted_accepted_and_disconnect.yaml	87
custom_documentation/src/endpoint/data_stream/network/linux/linux_network_dns_lookup_result.yaml	65
custom_documentation/src/endpoint/data_stream/network/macos/macos_network_connection_attempted_and_disconnect.yaml	84
custom_documentation/src/endpoint/data_stream/network/macos/macos_network_dns_lookup_result.yaml	85
custom_documentation/src/endpoint/data_stream/network/windows/windows_network_attempted_accepted_and_disconnect.yaml	81
custom_documentation/src/endpoint/data_stream/network/windows/windows_network_dns_lookup_requested.yaml	71
custom_documentation/src/endpoint/data_stream/network/windows/windows_network_dns_lookup_result.yaml	73
custom_documentation/src/endpoint/data_stream/policy/policy_response.yaml	103
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_already_running.yaml	202
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_fork_exec_exit.yaml	209
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_gid_change.yaml	203
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_memfd_create.yaml	206
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_ptrace.yaml	202
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_session_id_change.yaml	199
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_shmget.yaml	202
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_text_output.yaml	205
custom_documentation/src/endpoint/data_stream/process/linux/linux_process_uid_change.yaml	203
custom_documentation/src/endpoint/data_stream/process/macos/macos_process_already_running.yaml	82
custom_documentation/src/endpoint/data_stream/process/macos/macos_process_fork_exec_exit.yaml	103
custom_documentation/src/endpoint/data_stream/process/macos/macos_process_remote_thread.yaml	94
custom_documentation/src/endpoint/data_stream/process/windows/windows_process_already_running.yaml	109
custom_documentation/src/endpoint/data_stream/process/windows/windows_process_create_and_exit.yaml	135
custom_documentation/src/endpoint/data_stream/registry/windows/windows_registry_modification.yaml	76
custom_documentation/src/endpoint/data_stream/registry/windows/windows_registry_query.yaml	74
custom_documentation/src/endpoint/data_stream/security/macos/macos_security_gatekeeper_override.yaml	80
custom_documentation/src/endpoint/data_stream/security/macos/macos_security_log_on.yaml	77
custom_documentation/src/endpoint/data_stream/security/macos/macos_security_rdp_log_on.yaml	77
custom_documentation/src/endpoint/data_stream/security/macos/macos_security_ssh_log_on.yaml	77
custom_documentation/src/endpoint/data_stream/security/windows/windows_security_log_off.yaml	72
custom_documentation/src/endpoint/data_stream/security/windows/windows_security_log_on.yaml	75
custom_documentation/src/endpoint/data_stream/volume_device/windows/windows_volume_device_mount.yaml	73
custom_documentation/src/endpoint/data_stream/volume_device/windows/windows_volume_device_unmount.yaml	64
custom_schemas/endgame/custom_endgame.yaml	426
custom_subsets/elastic_endpoint/action_responses/action_responses.yaml	48
custom_subsets/elastic_endpoint/actions/actions.yaml	64
custom_subsets/elastic_endpoint/alerts/linux_event_model_event.yaml	327
custom_subsets/elastic_endpoint/alerts/malware_event.yaml	1140
custom_subsets/elastic_endpoint/alerts/memory_protection_event.yaml	829
custom_subsets/elastic_endpoint/alerts/ransomware_event.yaml	725
custom_subsets/elastic_endpoint/alerts/rule_detection_event.yaml	451
custom_subsets/elastic_endpoint/api/api.yaml	180
custom_subsets/elastic_endpoint/collection/collection.yaml	28
custom_subsets/elastic_endpoint/file/file.yaml	260
custom_subsets/elastic_endpoint/file/unquarantine.yaml	76
custom_subsets/elastic_endpoint/heartbeat/heartbeat.yaml	16
custom_subsets/elastic_endpoint/library/library.yaml	240
custom_subsets/elastic_endpoint/metadata/metadata.yaml	79
custom_subsets/elastic_endpoint/metrics/metrics.yaml	63
custom_subsets/elastic_endpoint/network/network.yaml	211
custom_subsets/elastic_endpoint/policy/policy.yaml	69
custom_subsets/elastic_endpoint/process/linux_event_model_event.yaml	350
custom_subsets/elastic_endpoint/process/process.yaml	309
custom_subsets/elastic_endpoint/registry/registry.yaml	158
custom_subsets/elastic_endpoint/security/security.yaml	157
custom_subsets/legacy/alert.yaml	18
custom_subsets/legacy/dns.yaml	93
custom_subsets/legacy/file.yaml	75
custom_subsets/legacy/imageload.yaml	68
custom_subsets/legacy/network.yaml	105
custom_subsets/legacy/process.yaml	102
custom_subsets/legacy/registry.yaml	66
schemas/v0/_template.yaml	97
schemas/v0/dns.yaml	102
schemas/v0/file.yaml	102
schemas/v0/imageload.yaml	102
schemas/v0/network.yaml	102
schemas/v0/process.yaml	336
schemas/v0/registry.yaml	102
schemas/v1/action_responses/action_responses.yaml	752
schemas/v1/actions/actions.yaml	774
schemas/v1/alerts/linux_event_model_event.yaml	2551
schemas/v1/alerts/ransomware_event.yaml	9701
schemas/v1/alerts/rule_detection_event.yaml	6398
schemas/v1/api/api.yaml	5499
schemas/v1/collection/collection.yaml	694
schemas/v1/file/file.yaml	2903
schemas/v1/file/unquarantine.yaml	1247
schemas/v1/heartbeat/heartbeat.yaml	97
schemas/v1/library/library.yaml	2738
schemas/v1/metadata/metadata.yaml	1115
schemas/v1/metrics/metrics.yaml	2182
schemas/v1/network/network.yaml	2460
schemas/v1/policy/policy.yaml	1692
schemas/v1/process/linux_event_model_event.yaml	2720
schemas/v1/process/process.yaml	3435
schemas/v1/registry/registry.yaml	1994
schemas/v1/security/security.yaml	1926
scripts/event_schema_generator/main.py	61
scripts/generate-docs/custom_doc.go	258
scripts/generate-docs/doc_template.go	45
scripts/generate-docs/exported_fields.go	142
scripts/generate-docs/main.go	66
scripts/generate-docs/packages.go	21
scripts/generate-docs/sample_event.go	45
scripts/go-tools/tools.go	4
scripts/saved_object_decoder/so_decoder.py	62
scripts/yaml_merger/process_yaml.py	21