Following the instructions for the DETECT DNS DATA EXFILTRATION lab, I hit this wall, any ideas?
Cheers,
Mark
Following the instructions for the DETECT DNS DATA EXFILTRATION lab, I hit this wall, any ideas?
Cheers,
Mark
Hi @Mark3,
Thanks for trying out our machine learning anomaly detection jobs for DNS.
Please try using field host.name
instead of beat.hostname
.
beat.hostname
was used prior to the introduction of Elastic Common Schema, and may no longer be available in your packetbeat data.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.