Commit ac244fb
Linux Audit Logs: OCSF pipeline style guide fixes (DataDog#24304)
* Apply OCSF style guide fixes to linux audit logs pipeline.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* Fix EXECVE actor mapper and facet conflicts flagged by CI.
Add ocsf.actor.app_name self-map to Process Activity EXECVE pipeline
so the backend validator sees at least one actor mapper. Fix three
facet definitions conflicting with other integrations: rename
ocsf.device.ip to "Device IP", add facetType/type to
ocsf.dst_endpoint.port and ocsf.time.
---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>1 parent 86510c4 commit ac244fb
2 files changed
Lines changed: 1284 additions & 1004 deletions
0 commit comments