Skip to content

Commit

Permalink
Use the documentation IP address range
Browse files Browse the repository at this point in the history
  • Loading branch information
Mathieu Martin committed Jan 3, 2020
1 parent b8c0f6f commit fe43b29
Show file tree
Hide file tree
Showing 5 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion code/go/ecs/related.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion docs/field-details.asciidoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3632,7 +3632,7 @@ This field set is meant to facilitate pivoting around a piece of data.

Some pieces of information can be seen in many places in an ECS event. To facilitate searching for them, store an array of all seen values to their corresponding field in `related.`.

A concrete example is IP addresses, which can be under host, observer, source, destination, client, server, and network.forwarded_ip. If you append all IPs to `related.ip`, you can then search for a given IP trivially, no matter where it appeared, by querying `related.ip:192.168.1.15`.
A concrete example is IP addresses, which can be under host, observer, source, destination, client, server, and network.forwarded_ip. If you append all IPs to `related.ip`, you can then search for a given IP trivially, no matter where it appeared, by querying `related.ip:192.0.2.15`.

==== Related Field Details

Expand Down
2 changes: 1 addition & 1 deletion generated/beats/fields.ecs.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2705,7 +2705,7 @@
A concrete example is IP addresses, which can be under host, observer, source,
destination, client, server, and network.forwarded_ip. If you append all IPs
to `related.ip`, you can then search for a given IP trivially, no matter where
it appeared, by querying `related.ip:192.168.1.15`.'
it appeared, by querying `related.ip:192.0.2.15`.'
type: group
fields:
- name: hash
Expand Down
2 changes: 1 addition & 1 deletion generated/ecs/ecs_nested.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4789,7 +4789,7 @@ related:
A concrete example is IP addresses, which can be under host, observer, source,
destination, client, server, and network.forwarded_ip. If you append all IPs to
`related.ip`, you can then search for a given IP trivially, no matter where it
appeared, by querying `related.ip:192.168.1.15`.'
appeared, by querying `related.ip:192.0.2.15`.'
fields:
hash:
dashed_name: related-hash
Expand Down
2 changes: 1 addition & 1 deletion schemas/related.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
A concrete example is IP addresses, which can be under host, observer, source,
destination, client, server, and network.forwarded_ip.
If you append all IPs to `related.ip`, you can then search for a given IP trivially,
no matter where it appeared, by querying `related.ip:192.168.1.15`.
no matter where it appeared, by querying `related.ip:192.0.2.15`.
type: group
fields:

Expand Down

0 comments on commit fe43b29

Please sign in to comment.