Skip to content

Commit d70a12c

Browse files
stanek-michalstanek-michal
committed
Add entropy and header_bytes for Linux file events
1 parent 7689c98 commit d70a12c

File tree

3 files changed

+5
-0
lines changed

3 files changed

+5
-0
lines changed

custom_documentation/src/endpoint/data_stream/file/linux/linux_file_create.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,8 @@ fields:
3333
- event.outcome
3434
- event.sequence
3535
- event.type
36+
- file.Ext.entropy
37+
- file.Ext.header_bytes
3638
- file.extension
3739
- file.hash.sha256
3840
- file.name

custom_documentation/src/endpoint/data_stream/file/linux/linux_file_delete.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@ fields:
3333
- event.outcome
3434
- event.sequence
3535
- event.type
36+
- file.Ext.entropy
3637
- file.extension
3738
- file.name
3839
- file.path

custom_documentation/src/endpoint/data_stream/file/linux/linux_file_rename.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,8 @@ fields:
3333
- event.outcome
3434
- event.sequence
3535
- event.type
36+
- file.Ext.entropy
37+
- file.Ext.header_bytes
3638
- file.Ext.original.extension
3739
- file.Ext.original.name
3840
- file.Ext.original.path

0 commit comments

Comments
 (0)