Skip to content

Releases: elastic/ecs

ECS 9.3.0 RC1

18 Dec 19:52
@kgeller kgeller
v9.3.0-rc1
d4ebc7c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 9.3.0 RC1 Pre-release
Pre-release

Schema Changes

Added

  • Added cloud and orchestrator as allowed values for entity.type. #2567
  • Allow entity fields at root level. #2567
  • Added entity.target for self-nesting. #2567
  • Added the target field to be nested under host #2571

Improvements

  • Added details for implementation of url.query to avoid ambiguity #2488
Loading

ECS 9.2.0

24 Oct 18:32
@mjwolf mjwolf
v9.2.0
6d26a0b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 9.2.0 Latest
Latest

Schema Changes

Added

  • Add device value to event.type #2524
  • Add new device fields #2530
  • Added entity fieldset as beta #2537
Assets 2
Loading

ECS 9.2.0 RC1

26 Sep 18:21
@mjwolf mjwolf
v9.2.0-rc1
76aead5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 9.2.0 RC1 Pre-release
Pre-release

Schema Changes

Added

  • Add device value to event.type #2524
  • Add new device fields #2530
  • Added entity fieldset as beta #2537
Loading

ECS 9.1.0

13 Aug 19:26
@mjwolf mjwolf
v9.1.0
d3d3c52
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 9.1.0

Schema Changes

Bugfixes

  • Add origin_referrer_url and origin_url fields, which indicate the origin information to the file, process and dll schemas #2441
  • Add thumbprint_sha256 to code_signature schema. #2452

Added

  • Add gen_ai fields to schema as beta. #2475

Tooling and Artifact Changes

Bugfixes

  • Fix otel urls for fieldsets with underscores. #2486

Improvements

  • Allow Unicode characters in generated ECS yml files. #2478
  • Update semconv version used in file generation to v1.34.0 #2483
Loading

ECS 9.0.0

25 Apr 04:13
@mjwolf mjwolf
v9.0.0
da73ff1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 9.0.0

Schema Changes

Breaking changes

  • Remove deprecated fields from previous major release; process.pgid, service.node.role, and inherited users. #2410

Bugfixes

  • Fix link rendering issues and usage of http in links. #2423
  • Fix link rendering for additional fields. #2458

Added

  • Add origin_referrer_url and origin_url fields, which indicate the origin information to the file, process and dll schemas. #2441

Improvements

  • Define base encoding of x509.serial_number. #2383
  • Restrict the encoding of x509.serial_number to base 16. #2398
  • Promote beta fields to GA. #2411
  • Set synthetic_source_keep = none on fields that represent sets. #2422
  • Increase ignore_above value for url.query. #2424

Tooling and Artifact Changes

Added

  • Add mapping between ECS and OpenTelemetry. #2415
Loading

ECS 9.0.0-rc1

05 Mar 03:24
@mjwolf mjwolf
v9.0.0-rc1
20f81cd
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 9.0.0-rc1 Pre-release
Pre-release

Schema Changes

Breaking changes

  • Remove deprecated fields from previous major release; process.pgid, service.node.role, and inherited users. #2410

Bugfixes

  • Fix link rendering issues and usage of http in links. #2423

Added

  • Add origin_referrer_url and origin_url fields, which indicate the origin information to the file, process and dll schemas. #2441

Improvements

  • Increase ignore_above value for url.query. #2424
  • Set synthetic_source_keep = none on fields that represent sets. #2422
  • Promote beta fields to GA. #2411
  • Restrict the encoding of x509.serial_number to base 16. #2398
  • Define base encoding of x509.serial_number. #2383

Tooling and Artifact Changes

Added

  • Add mapping between ECS and OpenTelemetry. #2415

Improvements

  • Update data_stream.yml with top level type: group. #2414
Loading

ECS 8.17.0

29 Jan 22:34
@mjwolf mjwolf
v8.17.0
This tag was signed with the committer’s verified signature.
mjwolf Michael Wolf
GPG key ID: 9724F9B10C066D7F
Verified
Learn about vigilant mode.
e3103a2
This commit was signed with the committer’s verified signature.
mjwolf Michael Wolf
GPG key ID: 9724F9B10C066D7F
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 8.17.0

Schema Changes

Bugfixes

  • Fix link rendering issues and usage of http in links. #2423

Improvements

  • Increase ignore_above value for url.query. #2424
  • Set synthetic_source_keep = none on fields that represent sets. #2422
Loading

ECS 8.16.0

13 Nov 21:25
@mjwolf mjwolf
v8.16.0
ba56ea8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 8.16.0

Schema Changes

Bugfixes

  • Fix broken link in docs for vulnerability.id. #2328

Added

  • Added volume.* as beta field set. #2269
  • Advanced process.env_vars to GA. #2315
  • Advanced process.io and process.tty fields to GA. #2317
  • Added threat.indicator.id. #2324
  • Added process.group to generated schemas. #2335

Improvements

  • Define base encoding of x509.serial_number. #2383

Tooling and Artifact Changes

Bugfixes

  • Fix broken link for vulnerabilty.id #2328

Added

  • Documentation in README.md providing instruction on contributions to ECS during the OTel donation #2325
Loading

ECS 8.11.0

07 Nov 20:27
@taylor-swanson taylor-swanson
v8.11.0
ce703ab
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 8.11.0

Schema Changes

Bugfixes

  • Remove expected_values from threat.*.indicator.name fields. #2281

Tooling and Artifact Changes

Bugfixes

  • Respect reusable.top_level in Beats generator #2278
Loading

ECS 8.10.0

12 Sep 19:50
@chrisberkhout chrisberkhout
v8.10.0
43a1a61
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
ECS 8.10.0

ECS 8.10.0

Schema Changes

Added

  • Added container.security_context.privileged to indicated whether a container was started in privileged mode. #2219, #2225, #2246
  • Added process.thread.capabilities.permitted to contain the current thread's possible capabilities. #2245
  • Added process.thread.capabilities.effective to contain the current thread's effective capabilities. #2245

Improvements

  • Permit ignore_above if explicitly set on a flattened field. #2248

Tooling and Artifact Changes

Improvements

  • Improved documentation formatting to better follow the contributing guide. #2226
  • Bump gitpython dependency from 3.1.30 to 3.1.35 for security fixes. #2251, #2264, #2265
Loading