Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ECS field for package.vendor to ecs-packages #2203

Open
epicsilence99 opened this issue Apr 28, 2023 · 1 comment
Open

Add ECS field for package.vendor to ecs-packages #2203

epicsilence99 opened this issue Apr 28, 2023 · 1 comment
Labels
enhancement New feature or request

Comments

@epicsilence99
Copy link

Summary

Add an ECS field for package.vendor for the ECS package fields
https://www.elastic.co/guide/en/ecs/current/ecs-package.html

Motivation:

Most security tooling that captures installed software/packages at minimum includes Software/Package Name, Software/Package Vendor, and Package/Software Version. While having package.name and package.version is really helpful that we can map too, it would be beneficial to include a field called package.vendor too since it's a very common data point.
@epicsilence99 epicsilence99 added the enhancement New feature or request label Apr 28, 2023
This was referenced May 1, 2023
Closed
Open
@vinit-chauhan
Copy link

Exactly, I can see a use case, where there were multiple products from the same vendor and the user might want aggregated data across the vendor. In this case, having such ECS mapping would surely be beneficial.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@epicsilence99 @vinit-chauhan