file.directory missing #71
Description
Hello
As I did some investigation on all my defend logs, for example for data leakage.
I noticed, that it would we very helpfull, if I had the ECS field "file.directory" each time I have a field file.path. This could speed up my investigations. Can you add this in the ingest pipelines and fill up this field? I would like to do statistics over this field.