Reformat yaml

- mage check changes
elastic · Sep 18, 2020 · 36c7a2f · 36c7a2f
1 parent 2a0ed63
commit 36c7a2f
Show file tree

Hide file tree

Showing 194 changed files with 3,355 additions and 3,405 deletions.
diff --git a/packages/zeek/dataset/capture_loss/fields/beats.yml b/packages/zeek/dataset/capture_loss/fields/beats.yml
@@ -1,4 +1,3 @@
----
 - description: Unique container id.
   ignore_above: 1024
   name: container.id

diff --git a/packages/zeek/dataset/capture_loss/fields/ecs.yml b/packages/zeek/dataset/capture_loss/fields/ecs.yml
@@ -1,4 +1,3 @@
----
 - description: ECS version this event conforms to.
   example: 1.0.0
   ignore_above: 1024

diff --git a/packages/zeek/dataset/capture_loss/fields/fields.yml b/packages/zeek/dataset/capture_loss/fields/fields.yml
@@ -1,23 +1,23 @@
 - name: zeek.capture_loss
   type: group
   fields:
-  - name: ts_delta
-    type: integer
-    description: |
-      The time delay between this measurement and the last.
-  - name: peer
-    type: keyword
-    description: |
-      In the event that there are multiple Bro instances logging to the same host, this distinguishes each peer with its individual name.
-  - name: gaps
-    type: integer
-    description: |
-      Number of missed ACKs from the previous measurement interval.
-  - name: acks
-    type: integer
-    description: |
-      Total number of ACKs seen in the previous measurement interval.
-  - name: percent_lost
-    type: double
-    description: |
-      Percentage of ACKs seen where the data being ACKed wasn't seen.
+    - name: ts_delta
+      type: integer
+      description: |
+        The time delay between this measurement and the last.
+    - name: peer
+      type: keyword
+      description: |
+        In the event that there are multiple Bro instances logging to the same host, this distinguishes each peer with its individual name.
+    - name: gaps
+      type: integer
+      description: |
+        Number of missed ACKs from the previous measurement interval.
+    - name: acks
+      type: integer
+      description: |
+        Total number of ACKs seen in the previous measurement interval.
+    - name: percent_lost
+      type: double
+      description: |
+        Percentage of ACKs seen where the data being ACKed wasn't seen.
diff --git a/packages/zeek/dataset/capture_loss/fields/package-fields.yml b/packages/zeek/dataset/capture_loss/fields/package-fields.yml
@@ -1,7 +1,7 @@
 - name: zeek
   type: group
   fields:
-  - name: session_id
-    type: keyword
-    description: |
-      A unique identifier of the session
+    - name: session_id
+      type: keyword
+      description: |
+        A unique identifier of the session
diff --git a/packages/zeek/dataset/capture_loss/manifest.yml b/packages/zeek/dataset/capture_loss/manifest.yml
@@ -2,24 +2,24 @@ type: logs
 title: Zeek capture_loss logs
 release: experimental
 streams:
-- input: logfile
-  vars:
-  - name: paths
-    type: text
-    title: capture_loss.log paths
-    multi: true
-    required: true
-    show_user: true
-    default:
-    - /var/log/bro/current/capture_loss.log
-  - name: tags
-    type: text
-    title: Tags
-    multi: true
-    required: true
-    show_user: true
-    default:
-    - zeek.capture_loss
-  template_path: log.yml.hbs
-  title: Zeek capture_loss.log
-  description: Collect Zeek capture_loss logs
+  - input: logfile
+    vars:
+      - name: paths
+        type: text
+        title: capture_loss.log paths
+        multi: true
+        required: true
+        show_user: true
+        default:
+          - /var/log/bro/current/capture_loss.log
+      - name: tags
+        type: text
+        title: Tags
+        multi: true
+        required: true
+        show_user: true
+        default:
+          - zeek.capture_loss
+    template_path: log.yml.hbs
+    title: Zeek capture_loss.log
+    description: Collect Zeek capture_loss logs
diff --git a/packages/zeek/dataset/connection/fields/beats.yml b/packages/zeek/dataset/connection/fields/beats.yml
@@ -1,4 +1,3 @@
----
 - description: Unique container id.
   ignore_above: 1024
   name: container.id

diff --git a/packages/zeek/dataset/connection/fields/ecs.yml b/packages/zeek/dataset/connection/fields/ecs.yml
@@ -1,4 +1,3 @@
----
 - description: Destination network address.
   ignore_above: 1024
   name: destination.address
@@ -11,10 +10,10 @@
   example: Google LLC
   ignore_above: 1024
   multi_fields:
-  - flat_name: destination.as.organization.name.text
-    name: text
-    norms: false
-    type: text
+    - flat_name: destination.as.organization.name.text
+      name: text
+      norms: false
+      type: text
   name: destination.as.organization.name
   type: keyword
 - description: Bytes sent from the destination to the source.
@@ -155,10 +154,10 @@
   example: Google LLC
   ignore_above: 1024
   multi_fields:
-  - flat_name: source.as.organization.name.text
-    name: text
-    norms: false
-    type: text
+    - flat_name: source.as.organization.name.text
+      name: text
+      norms: false
+      type: text
   name: source.as.organization.name
   type: keyword
 - description: Bytes sent from the source to the destination.

diff --git a/packages/zeek/dataset/connection/fields/fields.yml b/packages/zeek/dataset/connection/fields/fields.yml
@@ -1,46 +1,46 @@
 - name: zeek.connection
   type: group
   fields:
-  - name: local_orig
-    type: boolean
-    description: |
-      Indicates whether the session is originated locally.
-  - name: local_resp
-    type: boolean
-    description: |
-      Indicates whether the session is responded locally.
-  - name: missed_bytes
-    type: long
-    description: |
-      Missed bytes for the session.
-  - name: state
-    type: keyword
-    description: |
-      Code indicating the state of the session.
-  - name: state_message
-    type: keyword
-    description: |
-      The state of the session.
-  - name: icmp
-    type: group
-    fields:
-    - name: type
+    - name: local_orig
+      type: boolean
+      description: |
+        Indicates whether the session is originated locally.
+    - name: local_resp
+      type: boolean
+      description: |
+        Indicates whether the session is responded locally.
+    - name: missed_bytes
+      type: long
+      description: |
+        Missed bytes for the session.
+    - name: state
+      type: keyword
+      description: |
+        Code indicating the state of the session.
+    - name: state_message
+      type: keyword
+      description: |
+        The state of the session.
+    - name: icmp
+      type: group
+      fields:
+        - name: type
+          type: integer
+          description: |
+            ICMP message type.
+        - name: code
+          type: integer
+          description: |
+            ICMP message code.
+    - name: history
+      type: keyword
+      description: |
+        Flags indicating the history of the session.
+    - name: vlan
       type: integer
       description: |
-        ICMP message type.
-    - name: code
+        VLAN identifier.
+    - name: inner_vlan
       type: integer
       description: |
-        ICMP message code.
-  - name: history
-    type: keyword
-    description: |
-      Flags indicating the history of the session.
-  - name: vlan
-    type: integer
-    description: |
-      VLAN identifier.
-  - name: inner_vlan
-    type: integer
-    description: |
-      VLAN identifier.
+        VLAN identifier.
diff --git a/packages/zeek/dataset/connection/fields/package-fields.yml b/packages/zeek/dataset/connection/fields/package-fields.yml
@@ -1,7 +1,7 @@
 - name: zeek
   type: group
   fields:
-  - name: session_id
-    type: keyword
-    description: |
-      A unique identifier of the session
+    - name: session_id
+      type: keyword
+      description: |
+        A unique identifier of the session
diff --git a/packages/zeek/dataset/connection/manifest.yml b/packages/zeek/dataset/connection/manifest.yml
@@ -2,24 +2,24 @@ type: logs
 title: Zeek connection logs
 release: experimental
 streams:
-- input: logfile
-  vars:
-  - name: paths
-    type: text
-    title: conn.log paths
-    multi: true
-    required: true
-    show_user: true
-    default:
-    - /var/log/bro/current/conn.log
-  - name: tags
-    type: text
-    title: Tags
-    multi: true
-    required: true
-    show_user: true
-    default:
-    - zeek.connection
-  template_path: log.yml.hbs
-  title: Zeek conn.log
-  description: Collect Zeek connection logs
+  - input: logfile
+    vars:
+      - name: paths
+        type: text
+        title: conn.log paths
+        multi: true
+        required: true
+        show_user: true
+        default:
+          - /var/log/bro/current/conn.log
+      - name: tags
+        type: text
+        title: Tags
+        multi: true
+        required: true
+        show_user: true
+        default:
+          - zeek.connection
+    template_path: log.yml.hbs
+    title: Zeek conn.log
+    description: Collect Zeek connection logs
diff --git a/packages/zeek/dataset/dce_rpc/fields/beats.yml b/packages/zeek/dataset/dce_rpc/fields/beats.yml
@@ -1,4 +1,3 @@
----
 - description: Unique container id.
   ignore_above: 1024
   name: container.id

diff --git a/packages/zeek/dataset/dce_rpc/fields/ecs.yml b/packages/zeek/dataset/dce_rpc/fields/ecs.yml
@@ -1,4 +1,3 @@
----
 - description: Destination network address.
   ignore_above: 1024
   name: destination.address
@@ -11,10 +10,10 @@
   example: Google LLC
   ignore_above: 1024
   multi_fields:
-  - flat_name: destination.as.organization.name.text
-    name: text
-    norms: false
-    type: text
+    - flat_name: destination.as.organization.name.text
+      name: text
+      norms: false
+      type: text
   name: destination.as.organization.name
   type: keyword
 - description: Bytes sent from the destination to the source.
@@ -126,10 +125,10 @@
   example: Google LLC
   ignore_above: 1024
   multi_fields:
-  - flat_name: source.as.organization.name.text
-    name: text
-    norms: false
-    type: text
+    - flat_name: source.as.organization.name.text
+      name: text
+      norms: false
+      type: text
   name: source.as.organization.name
   type: keyword
 - description: Bytes sent from the source to the destination.

diff --git a/packages/zeek/dataset/dce_rpc/fields/fields.yml b/packages/zeek/dataset/dce_rpc/fields/fields.yml
@@ -1,19 +1,19 @@
 - name: zeek.dce_rpc
   type: group
   fields:
-  - name: rtt
-    type: integer
-    description: |
-      Round trip time from the request to the response. If either the request or response wasn't seen, this will be null.
-  - name: named_pipe
-    type: keyword
-    description: |
-      Remote pipe name.
-  - name: endpoint
-    type: keyword
-    description: |
-      Endpoint name looked up from the uuid.
-  - name: operation
-    type: keyword
-    description: |
-      Operation seen in the call.
+    - name: rtt
+      type: integer
+      description: |
+        Round trip time from the request to the response. If either the request or response wasn't seen, this will be null.
+    - name: named_pipe
+      type: keyword
+      description: |
+        Remote pipe name.
+    - name: endpoint
+      type: keyword
+      description: |
+        Endpoint name looked up from the uuid.
+    - name: operation
+      type: keyword
+      description: |
+        Operation seen in the call.
diff --git a/packages/zeek/dataset/dce_rpc/fields/package-fields.yml b/packages/zeek/dataset/dce_rpc/fields/package-fields.yml
@@ -1,7 +1,7 @@
 - name: zeek
   type: group
   fields:
-  - name: session_id
-    type: keyword
-    description: |
-      A unique identifier of the session
+    - name: session_id
+      type: keyword
+      description: |
+        A unique identifier of the session