Unset default_field on more new fields

elastic · Dec 13, 2019 · 2bbebc0 · 2bbebc0
1 parent ef2da98
commit 2bbebc0
Show file tree

Hide file tree

Showing 6 changed files with 12 additions and 0 deletions.
diff --git a/generated/beats/fields.ecs.yml b/generated/beats/fields.ecs.yml
@@ -1166,6 +1166,7 @@
         that are expected in this field: archive, compressed, directory, encrypted,
         execute, hidden, read, readonly, system, write.'
       example: '["readonly", "system"]'
+      default_field: false
     - name: created
       level: extended
       type: date
@@ -1201,6 +1202,7 @@
 
         The value should be uppercase, and not include the colon.'
       example: C
+      default_field: false
     - name: extension
       level: extended
       type: keyword

diff --git a/generated/ecs/ecs_flat.yml b/generated/ecs/ecs_flat.yml
@@ -1739,6 +1739,7 @@ file.accessed:
   short: Last time the file was accessed.
   type: date
 file.attributes:
+  beats.default_field: false
   dashed_name: file-attributes
   description: 'Array of file attributes.
 
@@ -1800,6 +1801,7 @@ file.directory:
   short: Directory where the file is located.
   type: keyword
 file.drive_letter:
+  beats.default_field: false
   dashed_name: file-drive-letter
   description: 'Drive letter where the file is located. This field is only relevant
     on Windows.

diff --git a/generated/ecs/ecs_nested.yml b/generated/ecs/ecs_nested.yml
@@ -1971,6 +1971,7 @@ file:
       short: Last time the file was accessed.
       type: date
     attributes:
+      beats.default_field: false
       dashed_name: file-attributes
       description: 'Array of file attributes.
 
@@ -2032,6 +2033,7 @@ file:
       short: Directory where the file is located.
       type: keyword
     drive_letter:
+      beats.default_field: false
       dashed_name: file-drive-letter
       description: 'Drive letter where the file is located. This field is only relevant
         on Windows.
@@ -4469,6 +4471,7 @@ process:
   title: Process
   type: group
 registry:
+  beats.default_field: false
   description: Fields related to Windows Registry operations.
   fields:
     data.bytes:
@@ -4593,6 +4596,7 @@ related:
   title: Related
   type: group
 rule:
+  beats.default_field: false
   description: 'Rule fields are used to capture the specifics of any observer or agent
     rules that generate alerts or other notable events.
 

diff --git a/schemas/file.yml b/schemas/file.yml
@@ -21,6 +21,7 @@
   - name: attributes
     level: extended
     type: keyword
+    beats.default_field: false
     short: Array of file attributes.
     description: >
       Array of file attributes.
@@ -43,6 +44,7 @@
     level: extended
     type: keyword
     ignore_above: 1
+    beats.default_field: false
     short: Drive letter where the file is located.
     description: >
       Drive letter where the file is located. This field is only relevant on Windows.

diff --git a/schemas/registry.yml b/schemas/registry.yml
@@ -2,6 +2,7 @@
 - name: registry
   title: Registry
   group: 2
+  beats.default_field: false
   description: Fields related to Windows Registry operations.
   type: group
   fields:

diff --git a/schemas/rule.yml b/schemas/rule.yml
@@ -2,6 +2,7 @@
 - name: rule
   title: Rule
   group: 2
+  beats.default_field: false
   short: Fields to capture details about rules used to generate alerts or other notable events.
   description: >
    Rule fields are used to capture the specifics of any observer or agent rules that generate alerts or other notable events.