I'm looking to integrate Sigma rules into my SOC ecosystem, and am bumping into issues with using Sigma rules.
Specifically, auditd includes a "type" field which tags logs with some category, while Auditbeat doesn't.
Is there a way to add such a "type" field to Auditbeat logs?