Skip to content

[sentinel_one] ECS 8.4.0 network.direction expected value mismatch #3887

New issue
New issue
Closed
#3910
Closed
[sentinel_one] ECS 8.4.0 network.direction expected value mismatch#3887
#3910
Assignees
leehinman
Labels
bugSomething isn't working, use only for issues
@leehinman

Description

@leehinman
leehinman
opened on Jul 28, 2022

When upgrading to ECS 8.4.0 you get the following error in the alert datastream:

 one or more errors found in documents stored in logs-sentinel_one.alert-ep data stream: [0] parsing field value failed: field "network.direction"'s value "string" is not one of the expected values (ingress, egress, inbound, outbound, internal, external, unknown)

Metadata

Metadata

Assignees

Labels

bugSomething isn't working, use only for issues

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions