custom_subsets/elastic_endpoint/metadata/metadata.yaml (79 lines of code) (raw):
---
name: metadata
fields:
base:
fields:
"@timestamp": {}
data_stream:
fields: "*"
ecs:
fields:
version: {}
event:
fields:
action: {}
category: {}
created: {}
code: {}
dataset: {}
hash: {}
id: {}
ingested: {}
kind: {}
module: {}
outcome: {}
provider: {}
sequence: {}
severity: {}
type: {}
Endpoint:
fields:
status: {}
policy:
fields:
applied:
fields:
id: {}
status: {}
name: {}
configuration:
fields:
isolation: {}
state:
fields:
isolation: {}
capabilities: {}
elastic:
fields:
agent:
fields:
id: {}
agent:
fields:
version: {}
id: {}
name: {}
type: {}
host:
fields:
architecture: {}
domain: {}
hostname: {}
id: {}
ip: {}
mac: {}
name: {}
type: {}
uptime: {}
os:
fields:
family: {}
full: {}
kernel: {}
platform: {}
version: {}
name: {}
type: {}
Ext:
fields:
variant: {}