« 8.8.0 8.6.1 »
Elastic Docs Elastic Common Schema (ECS) Reference [8.17] Release Notes

8.7.0

edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

8.7.0

edit

Schema changes

edit
Bugfixes
edit
  • Remove duplicated client.domain definition #2120
Added
edit
  • Adding name field to threat.indicator #2121
  • Adding api option to event.category #2147
  • Adding library option to event.category #2154
Improvements
edit
  • Description for host.name definition updated to encourage use of FDQN #2122

Tooling and artifact changes

edit
Improvements
edit
  • Updated usage docs to include threat.indicator.url.domain and changed indicator.marking.tlp and indicator.enrichments.marking.tlp from "WHITE" to "CLEAR" to align with TLP 2.0. #2124
  • Bump gitpython from 3.1.27 to 3.1.30 in /scripts. #2139
« 8.8.0 8.6.1 »