From 123cd3e3635bfe58ebf299cb99140a04f5b12445 Mon Sep 17 00:00:00 2001 From: quebim Date: Thu, 28 Nov 2024 13:19:28 -0300 Subject: [PATCH] Move delivery_timestamp to doc level Update command event_generator Remove delivery_timestamp from custom command fields --- ecs/command/event-generator/event_generator.py | 2 +- ecs/command/fields/custom/command.yml | 5 ----- ecs/command/fields/subset.yml | 5 +++++ 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/ecs/command/event-generator/event_generator.py b/ecs/command/event-generator/event_generator.py index 02a6a48a293b5..0ffcda7c1a967 100644 --- a/ecs/command/event-generator/event_generator.py +++ b/ecs/command/event-generator/event_generator.py @@ -54,6 +54,7 @@ def generate_random_command(include_all_fields=False): if include_all_fields: document["@timestamp"] = generate_random_date() + document["delivery_timestamp"] = generate_random_date(parse_date(document["@timestamp"])) document["agent"]["groups"] = [f"group{random.randint(1, 5)}"], document["command"]["status"] = random.choice( ["pending", "sent", "success", "failure"]) @@ -65,7 +66,6 @@ def generate_random_command(include_all_fields=False): # Generate UUIDs for request_id and order_id document["command"]["request_id"] = str(uuid.uuid4()) document["command"]["order_id"] = str(uuid.uuid4()) - document["command"]["delivery_timestamp"] = generate_random_date(parse_date(document["@timestamp"])) return document diff --git a/ecs/command/fields/custom/command.yml b/ecs/command/fields/custom/command.yml index d011b6f6b5648..749f49fe23835 100644 --- a/ecs/command/fields/custom/command.yml +++ b/ecs/command/fields/custom/command.yml @@ -77,8 +77,3 @@ level: custom description: > UUID generated by the Command Manager. - - name: delivery_timestamp - type: date - level: custom - description: > - The latest date-time for the command to be delivered. Calculated as the current timestamp plus the timeout. diff --git a/ecs/command/fields/subset.yml b/ecs/command/fields/subset.yml index e136cb67a1230..ac9dcaa68ff8c 100644 --- a/ecs/command/fields/subset.yml +++ b/ecs/command/fields/subset.yml @@ -10,3 +10,8 @@ fields: groups: {} command: fields: "*" + delivery_timestamp: + type: date + level: custom + description: > + The latest date-time for the command to be delivered. Calculated as the current timestamp plus the timeout.