subject:"\[DISCUSS\] Metron standard field names"

Re: [DISCUSS] Metron standard field names

2016-09-21 Thread Yohann Lepage

2016-09-21 22:00 GMT+02:00 zeo...@gmail.com : > Elasticsearch can't use periods in field names, It's possible again since the latest release https://www.elastic.co/blog/elasticsearch-2-4-0-released -- Yohann L.

Re: [DISCUSS] Metron standard field names

2016-09-21 Thread zeo...@gmail.com

Elasticsearch can't use periods in field names, I think that's part of why they aren't used generally. I think this is a worthwhile discussion though, specifically regarding the timestamp and protocol discussion you started above. On Wed, Sep 21, 2016, 15:52 Yohann Lepage

[DISCUSS] Metron standard field names

2016-09-21 Thread Yohann Lepage

Hi everyone, I wanted to solicit some discussion around Metron standard field names. I would love to have "convenient" field names. As convenient, I mean: short, not ambiguous, well-known, documented. Here is my feeling regarding the actual standard field names[0]: - ip_src_addr: too long,

Re: [DISCUSS] Metron standard field names

Re: [DISCUSS] Metron standard field names

[DISCUSS] Metron standard field names

3 matches

Site Navigation

Mail list logo

Footer information