Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
Proposed new fields:
Common
- session_id (string)
- length (int)
Device
- dvc_mac (string)
Network
- src_mac (string)
- dst_mac (string
- src_tos (string)
- dst_tos (string)
File
- file_uid (string)
Flow
- flow_fwd_status (string)
- flow_snmp_in (string)
- flow_snmp_out (string)
Agent (New)
- agent_severity (string)
- agent_mac (string)
- agent_time (bigint)
- agent_id (string)
- agent_description (string)
- agent_type (string)
- agent_ip4 (bigint)
- agent_ip4_str (string)
- agent_ip6_str (string)
- agent_host (string)
Proposed fields to type change:
- http_response_resp_fuids (string) -> (array<string>)
- tls_cert_chain_fuids (string) -> (array<string>)
- tls_client_cert_chain_fuids string) -> (array<string>)
Proposed fields to remove:
Reason for removal - Inability to store 128bit integers as 'bigint' type fields. For now ip6 fields will be stored as strings.
- dvc_ip6 (bigint)
- dvc_fwd_ip6 (bigint)
- src_ip6 (bigint)
- dst_ip6 (bigint)
Attachments
Issue Links
- links to
