Skip to content

Commit

Permalink
add expected values to dns.header field in firewall_logs data stream
Browse files Browse the repository at this point in the history
  • Loading branch information
@harnish-elastic
harnish-elastic committed Jun 26, 2024
1 parent b4138a6 commit f452d01
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 2 deletions.
12 changes: 11 additions & 1 deletion packages/azure/data_stream/firewall_logs/fields/ecs.yml
View file
Original file line number Diff line number Diff line change
@@ -1 +1,11 @@
- name: dns.response_code
- name: dns.header_flags
external: ecs
expected_values:
- AA
- TC
- RD
- RA
- AD
- CD
- DO
- QR
2 changes: 1 addition & 1 deletion packages/azure/docs/firewall_logs.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@ Please refer to the following [document](https://www.elastic.co/guide/en/ecs/cur
| data_stream.dataset | Data stream dataset. | constant_keyword |
| data_stream.namespace | Data stream namespace. | constant_keyword |
| data_stream.type | Data stream type. | constant_keyword |
| dns.response_code | | |
| dns.header_flags | Array of 2 letter DNS header flags. | keyword |
| event.dataset | Event dataset | constant_keyword |
| event.module | Event module | constant_keyword |
| geo.city_name | City name. | keyword |
Expand Down

0 comments on commit f452d01

Please sign in to comment.