Alexander A

Hi @jsoriano! If we have *.ip field then there should exist related.ip field and if there is user.name field then related.user must exist. It's obvious from field [description](https://www.elastic.co/guide/en/ecs/current/ecs-related.html): > All...

**POSTFIX_CLEANUP_REPLACE** example: ``` Aug 6 16:46:42 mr01 postfix/cleanup[7548]: 127DC5E156: replace: header Message-Id: from unknown[10.10.10.10]; from= to= proto=ESMTP helo=: Message-ID: ``` **POSTFIX_SMTP_SSLAUTHERR** example: ``` Aug 6 16:47:42 mr01 postfix/mr/smtp[11361]: D0F29603B4: SASL...

This is not a bug and not an issue and should not be posted here. As said in description questions should be posted on https://discuss.elastic.co/

Hello @jasonacox! Actually I have tried it cause seen in other issues. All I can catch using this script is DPS of counters (137-144). ``` > Begin Monitor Loop <...

> I'm not following what you mean. These are all TCP packets. Do you mean running a packet capture? Yes I would like to get device DPs (reads state) and...

Nothing changed only counters broadcasted all other DP should be polled. ``` > Begin Monitor Loop < Received Payload: {'dps': {'114': 'AwMDAw=='}, 't': 1717624282} > Send Request for Status <...

Hello @jasonacox! Sorry for delay. I have tested a new version and got nothing. Scan is working fine but the new script and old ones don't work. Made rollback to...

Caught this bug today.