This integration sets up templates and index patterns required for Endpoint Security.
For compatibility information view our documentation.
The log type of documents are stored in the logs-endpoint.*
indices. The following sections define the mapped fields
sent by the endpoint.
{{fields "alerts"}}
{{fields "file"}}
{{fields "library"}}
{{fields "network"}}
{{fields "process"}}
{{fields "registry"}}
{{fields "security"}}
The metrics type of documents are stored in metrics-endpoint.*
indices. The following sections define the mapped fields
sent by the endpoint.
{{fields "metadata"}}
Metrics documents contain performance information about the endpoint executable and the host it is running on.
{{fields "metrics"}}
{{fields "policy"}}