"use strict";

Object.defineProperty(exports, "__esModule", {
  value: true
});
exports.TAGS = exports.EVENT_KIND = exports.EVENT_ACTION = exports.ECS_VERSION = exports.ALERT_WORKFLOW_USER = exports.ALERT_WORKFLOW_REASON = exports.ALERT_SYSTEM_STATUS = exports.ALERT_SUPPRESSION_VALUE = exports.ALERT_SUPPRESSION_TERMS = exports.ALERT_SUPPRESSION_START = exports.ALERT_SUPPRESSION_FIELD = exports.ALERT_SUPPRESSION_END = exports.ALERT_SUPPRESSION_DOCS_COUNT = exports.ALERT_SEVERITY = exports.ALERT_RULE_VERSION = exports.ALERT_RULE_UPDATED_BY = exports.ALERT_RULE_UPDATED_AT = exports.ALERT_RULE_TYPE = exports.ALERT_RULE_TO = exports.ALERT_RULE_RULE_NAME_OVERRIDE = exports.ALERT_RULE_RULE_ID = exports.ALERT_RULE_REFERENCES = exports.ALERT_RULE_NOTE = exports.ALERT_RULE_LICENSE = exports.ALERT_RULE_INTERVAL = exports.ALERT_RULE_FROM = exports.ALERT_RULE_ENABLED = exports.ALERT_RULE_DESCRIPTION = exports.ALERT_RULE_CREATED_BY = exports.ALERT_RULE_CREATED_AT = exports.ALERT_RULE_AUTHOR = exports.ALERT_RISK_SCORE = void 0;
var _default_alerts_as_data = require("./default_alerts_as_data");
/*
 * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
 * or more contributor license agreements. Licensed under the Elastic License
 * 2.0 and the Server Side Public License, v 1; you may not use this file except
 * in compliance with, at your election, the Elastic License 2.0 or the Server
 * Side Public License, v 1.
 */

const ECS_VERSION = 'ecs.version';
exports.ECS_VERSION = ECS_VERSION;
const EVENT_ACTION = 'event.action';
exports.EVENT_ACTION = EVENT_ACTION;
const EVENT_KIND = 'event.kind';
exports.EVENT_KIND = EVENT_KIND;
const TAGS = 'tags';

// These are the fields that are in the rule registry technical component template
// that are NOT in the framework alerts as data common component template

// We will maintain a legacy component template that can be used by legacy
// rule registry rules with these fields.
exports.TAGS = TAGS;
const ALERT_RISK_SCORE = `${_default_alerts_as_data.ALERT_NAMESPACE}.risk_score`;
exports.ALERT_RISK_SCORE = ALERT_RISK_SCORE;
const ALERT_RULE_AUTHOR = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.author`;
exports.ALERT_RULE_AUTHOR = ALERT_RULE_AUTHOR;
const ALERT_RULE_CREATED_AT = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.created_at`;
exports.ALERT_RULE_CREATED_AT = ALERT_RULE_CREATED_AT;
const ALERT_RULE_CREATED_BY = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.created_by`;
exports.ALERT_RULE_CREATED_BY = ALERT_RULE_CREATED_BY;
const ALERT_RULE_DESCRIPTION = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.description`;
exports.ALERT_RULE_DESCRIPTION = ALERT_RULE_DESCRIPTION;
const ALERT_RULE_ENABLED = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.enabled`;
exports.ALERT_RULE_ENABLED = ALERT_RULE_ENABLED;
const ALERT_RULE_FROM = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.from`;
exports.ALERT_RULE_FROM = ALERT_RULE_FROM;
const ALERT_RULE_INTERVAL = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.interval`;
exports.ALERT_RULE_INTERVAL = ALERT_RULE_INTERVAL;
const ALERT_RULE_LICENSE = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.license`;
exports.ALERT_RULE_LICENSE = ALERT_RULE_LICENSE;
const ALERT_RULE_NOTE = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.note`;
exports.ALERT_RULE_NOTE = ALERT_RULE_NOTE;
const ALERT_RULE_REFERENCES = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.references`;
exports.ALERT_RULE_REFERENCES = ALERT_RULE_REFERENCES;
const ALERT_RULE_RULE_ID = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.rule_id`;
exports.ALERT_RULE_RULE_ID = ALERT_RULE_RULE_ID;
const ALERT_RULE_RULE_NAME_OVERRIDE = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.rule_name_override`;
exports.ALERT_RULE_RULE_NAME_OVERRIDE = ALERT_RULE_RULE_NAME_OVERRIDE;
const ALERT_RULE_TO = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.to`;
exports.ALERT_RULE_TO = ALERT_RULE_TO;
const ALERT_RULE_TYPE = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.type`;
exports.ALERT_RULE_TYPE = ALERT_RULE_TYPE;
const ALERT_RULE_UPDATED_AT = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.updated_at`;
exports.ALERT_RULE_UPDATED_AT = ALERT_RULE_UPDATED_AT;
const ALERT_RULE_UPDATED_BY = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.updated_by`;
exports.ALERT_RULE_UPDATED_BY = ALERT_RULE_UPDATED_BY;
const ALERT_RULE_VERSION = `${_default_alerts_as_data.ALERT_RULE_NAMESPACE}.version`;
exports.ALERT_RULE_VERSION = ALERT_RULE_VERSION;
const ALERT_SEVERITY = `${_default_alerts_as_data.ALERT_NAMESPACE}.severity`;
exports.ALERT_SEVERITY = ALERT_SEVERITY;
const ALERT_SUPPRESSION_META = `${_default_alerts_as_data.ALERT_NAMESPACE}.suppression`;
const ALERT_SUPPRESSION_TERMS = `${ALERT_SUPPRESSION_META}.terms`;
exports.ALERT_SUPPRESSION_TERMS = ALERT_SUPPRESSION_TERMS;
const ALERT_SUPPRESSION_FIELD = `${ALERT_SUPPRESSION_TERMS}.field`;
exports.ALERT_SUPPRESSION_FIELD = ALERT_SUPPRESSION_FIELD;
const ALERT_SUPPRESSION_VALUE = `${ALERT_SUPPRESSION_TERMS}.value`;
exports.ALERT_SUPPRESSION_VALUE = ALERT_SUPPRESSION_VALUE;
const ALERT_SUPPRESSION_START = `${ALERT_SUPPRESSION_META}.start`;
exports.ALERT_SUPPRESSION_START = ALERT_SUPPRESSION_START;
const ALERT_SUPPRESSION_END = `${ALERT_SUPPRESSION_META}.end`;
exports.ALERT_SUPPRESSION_END = ALERT_SUPPRESSION_END;
const ALERT_SUPPRESSION_DOCS_COUNT = `${ALERT_SUPPRESSION_META}.docs_count`;
exports.ALERT_SUPPRESSION_DOCS_COUNT = ALERT_SUPPRESSION_DOCS_COUNT;
const ALERT_SYSTEM_STATUS = `${_default_alerts_as_data.ALERT_NAMESPACE}.system_status`;
exports.ALERT_SYSTEM_STATUS = ALERT_SYSTEM_STATUS;
const ALERT_WORKFLOW_REASON = `${_default_alerts_as_data.ALERT_NAMESPACE}.workflow_reason`;
exports.ALERT_WORKFLOW_REASON = ALERT_WORKFLOW_REASON;
const ALERT_WORKFLOW_USER = `${_default_alerts_as_data.ALERT_NAMESPACE}.workflow_user`;
exports.ALERT_WORKFLOW_USER = ALERT_WORKFLOW_USER;