Update wazuh-states-vulnerabilities index mapping

wazuh · Mar 19, 2024 · 98d42e8 · 98d42e8
1 parent 0958ec3
commit 98d42e8
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 4 deletions.
diff --git a/ecs/vulnerability-detector/event-generator/event_generator.py b/ecs/vulnerability-detector/event-generator/event_generator.py
@@ -179,7 +179,9 @@ def generate_random_wazuh():
         },
         'schema': {
             'version': '1.7.0'
-        }
+        },
+        'detected_at': generate_random_date(),
+        'published_at': generate_random_date()
     }
     return wazuh
 
@@ -188,7 +190,7 @@ def generate_random_data(number):
     data = []
     for _ in range(number):
         event_data = {
-            '@timestamp': generate_random_date(),
+            # '@timestamp': generate_random_date(),
             'agent': generate_random_agent(),
             # 'ecs': {'version': '1.7.0'},
             # 'event': generate_random_event(),

diff --git a/ecs/vulnerability-detector/fields/custom/wazuh.yml b/ecs/vulnerability-detector/fields/custom/wazuh.yml
@@ -23,4 +23,14 @@
       type: keyword
       level: custom
       description: >
-        Wazuh schema version.
+        Wazuh schema version.
+    - name: detected_at
+      type: date
+      level: custom
+      description: >
+        Vulnerability's detection date.
+    - name: published_at
+      type: date
+      level: custom
+      description: >
+        Vulnerability's publication date.
diff --git a/ecs/vulnerability-detector/fields/subset.yml b/ecs/vulnerability-detector/fields/subset.yml
@@ -3,7 +3,6 @@ name: vulnerability_detector
 fields:
   base:
     fields: 
-      "@timestamp": {}
       tags: []
       message: ""
   agent:
-Original file line number
+Diff line change
@@ Expand Up / @@ -3,7 +3,6 @@ name: vulnerability_detector @@
     fields:
       base:
         fields:
-          "@timestamp": {}
           tags: []
           message: ""
       agent:
@@ Expand Down @@