|
…
|
||
|---|---|---|
| .. | ||
| date | ||
| double | ||
| double_as_string | ||
| float | ||
| float_as_string | ||
| integer | ||
| integer_as_string | ||
| ip | ||
| ip_as_array | ||
| keyword | ||
| keyword_as_array | ||
| long | ||
| long_as_string | ||
| text | ||
| text_as_array | ||
| text_no_spaces | ||
| wildcard | ||
| README.md | ||
Within this folder is input test data for tests such as:
security_and_spaces/tests/rule_exceptions.ts
where these are small ECS compliant input indexes that try to express tests that exercise different parts of the detection engine around creating and validating that the exceptions part of the detection engine functions. Compliant meaning that these might contain extra fields but should not clash with ECS. Nothing stopping anyone from being ECS strict and not having additional extra fields but the extra fields and mappings are to just try and keep these tests simple and small.