Add entropy and header_bytes for Linux file events

Author: stanek-michal

custom_documentation/doc/endpoint/file/linux/linux_file_create.md

@@ -28,6 +28,8 @@ This event is generated when a file is created.
 | event.outcome |
 | event.sequence |
 | event.type |
+| file.Ext.entropy |
+| file.Ext.header_bytes |
 | file.extension |
 | file.hash.sha256 |
 | file.name |

custom_documentation/doc/endpoint/file/linux/linux_file_delete.md

@@ -28,6 +28,7 @@ This event is generated when a file is deleted.
 | event.outcome |
 | event.sequence |
 | event.type |
+| file.Ext.entropy |
 | file.extension |
 | file.name |
 | file.path |

custom_documentation/doc/endpoint/file/linux/linux_file_rename.md

@@ -28,6 +28,8 @@ This event is generated when a file is renamed.
 | event.outcome |
 | event.sequence |
 | event.type |
+| file.Ext.entropy |
+| file.Ext.header_bytes |
 | file.Ext.original.extension |
 | file.Ext.original.name |
 | file.Ext.original.path |

custom_documentation/src/endpoint/data_stream/file/linux/linux_file_create.yaml

@@ -33,6 +33,8 @@ fields:
   - event.outcome
   - event.sequence
   - event.type
+  - file.Ext.entropy
+  - file.Ext.header_bytes
   - file.extension
   - file.hash.sha256
   - file.name

custom_documentation/src/endpoint/data_stream/file/linux/linux_file_delete.yaml

@@ -33,6 +33,7 @@ fields:
   - event.outcome
   - event.sequence
   - event.type
+  - file.Ext.entropy
   - file.extension
   - file.name
   - file.path

custom_documentation/src/endpoint/data_stream/file/linux/linux_file_rename.yaml

@@ -33,6 +33,8 @@ fields:
   - event.outcome
   - event.sequence
   - event.type
+  - file.Ext.entropy
+  - file.Ext.header_bytes
   - file.Ext.original.extension
   - file.Ext.original.name
   - file.Ext.original.path