diff --git a/dev/import-beats/fields_base_fields.go b/dev/import-beats/fields_base_fields.go index 46fccbaca27..2fadd39e657 100644 --- a/dev/import-beats/fields_base_fields.go +++ b/dev/import-beats/fields_base_fields.go @@ -8,6 +8,23 @@ var baseFields = createBaseFields() func createBaseFields() []fieldDefinition { return []fieldDefinition{ + { + Name: "datastream.type", + Type: "constant_keyword", + Description: "Datastream type.", + }, + { + Name: "datastream.dataset", + Type: "constant_keyword", + Description: "Datastream dataset name.", + }, + { + Name: "datastream.namespace", + Type: "constant_keyword", + Description: "Datastream namespace.", + }, + // TODO: This should be removed as soon as it is not a requirement anymore by the validation + // PR to change this can be found here: https://github.com/elastic/package-registry/pull/618 { Name: "dataset.type", Type: "constant_keyword", diff --git a/dev/import-beats/kibana.go b/dev/import-beats/kibana.go index 3cdbfaf42c0..156141db546 100644 --- a/dev/import-beats/kibana.go +++ b/dev/import-beats/kibana.go @@ -356,7 +356,7 @@ func stripReferencesToEventModuleInFilter(object mapStr, filterKey, moduleName s return nil, errors.Wrapf(err, "setting meta.type failed") } - _, err = filterObject.put("meta.value", fmt.Sprintf("{\"prefix\":{\"dataset.name\":\"%s.\"}}", moduleName)) + _, err = filterObject.put("meta.value", fmt.Sprintf("{\"prefix\":{\"datastream.dataset\":\"%s.\"}}", moduleName)) if err != nil { return nil, errors.Wrapf(err, "setting meta.value failed") } @@ -368,7 +368,7 @@ func stripReferencesToEventModuleInFilter(object mapStr, filterKey, moduleName s q := map[string]interface{}{ "prefix": map[string]interface{}{ - "dataset.name": moduleName + ".", + "datastream.dataset": moduleName + ".", }, } _, err = filterObject.put("query", q) @@ -415,8 +415,8 @@ func stripReferencesToEventModuleInQuery(object mapStr, objectKey, moduleName st query = strings.ReplaceAll(query, `"`, "") if strings.Contains(query, "event.module:"+moduleName) && (strings.Contains(query, "metricset.name:") || strings.Contains(query, "fileset.name:")) { query = strings.ReplaceAll(query, "event.module:"+moduleName, "") - query = strings.ReplaceAll(query, "metricset.name:", fmt.Sprintf("dataset.name:%s.", moduleName)) - query = strings.ReplaceAll(query, "fileset.name:", fmt.Sprintf("dataset.name:%s.", moduleName)) + query = strings.ReplaceAll(query, "metricset.name:", fmt.Sprintf("datastream.dataset:%s.", moduleName)) + query = strings.ReplaceAll(query, "fileset.name:", fmt.Sprintf("datastream.dataset:%s.", moduleName)) query = strings.TrimSpace(query) if strings.HasPrefix(query, "AND ") { query = query[4:] @@ -429,7 +429,7 @@ func stripReferencesToEventModuleInQuery(object mapStr, objectKey, moduleName st } else if strings.Contains(query, "event.module:"+moduleName) { var eventDatasets []string for _, datasetName := range datasetNames { - eventDatasets = append(eventDatasets, fmt.Sprintf("dataset.name:%s.%s", moduleName, datasetName)) + eventDatasets = append(eventDatasets, fmt.Sprintf("datastream.dataset:%s.%s", moduleName, datasetName)) } value := " (" + strings.Join(eventDatasets, " OR ") + ") " @@ -450,7 +450,7 @@ func stripReferencesToEventModuleInQuery(object mapStr, objectKey, moduleName st } func replaceFieldEventDatasetWithStreamDataset(data []byte) []byte { - return bytes.ReplaceAll(data, []byte("event.dataset"), []byte("dataset.name")) + return bytes.ReplaceAll(data, []byte("event.dataset"), []byte("datastream.dataset")) } func replaceBlacklistedWords(data []byte) []byte { diff --git a/dev/import-beats/packages.go b/dev/import-beats/packages.go index c79543215cc..f74c2aa259d 100644 --- a/dev/import-beats/packages.go +++ b/dev/import-beats/packages.go @@ -40,9 +40,9 @@ func newPackageContent(name string) packageContent { Name: name, Version: "0.0.1", // TODO Type: "integration", + Release: "experimental", }, License: "basic", - Release: "experimental", Owner: &util.Owner{ Github: "elastic/integrations", }, diff --git a/go.mod b/go.mod index b25d490f992..f7bbf3c85c7 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.12 require ( github.com/blang/semver v3.5.1+incompatible github.com/elastic/elastic-package v0.0.0-20200731114746-b0437f8f05ca - github.com/elastic/package-registry v0.4.1-0.20200702132954-41c150c8020e + github.com/elastic/package-registry v0.8.1-0.20200804105354-737fb54752ce github.com/magefile/mage v1.10.0 github.com/pkg/errors v0.9.1 gopkg.in/yaml.v2 v2.3.0 diff --git a/go.sum b/go.sum index 54733f24ec0..1efcae6e705 100644 --- a/go.sum +++ b/go.sum @@ -30,8 +30,8 @@ github.com/elastic/elastic-package v0.0.0-20200731114746-b0437f8f05ca h1:ikRqi/Z github.com/elastic/elastic-package v0.0.0-20200731114746-b0437f8f05ca/go.mod h1:6PbJXE4kwZc49bi/ckY2IXzAFwHuR+OyYUy2iJ386os= github.com/elastic/go-ucfg v0.8.4-0.20200415140258-1232bd4774a6 h1:Ehbr7du4rSSEypR8zePr0XRbMhO4PJgcHC9f8fDbgAg= github.com/elastic/go-ucfg v0.8.4-0.20200415140258-1232bd4774a6/go.mod h1:iaiY0NBIYeasNgycLyTvhJftQlQEUO2hpF+FX0JKxzo= -github.com/elastic/package-registry v0.4.1-0.20200702132954-41c150c8020e h1:B0i7PeWOSzKCX+Xba1SSTq7jAJKZK1IMwGfMOTOO/5I= -github.com/elastic/package-registry v0.4.1-0.20200702132954-41c150c8020e/go.mod h1:ERTTIxAsQOCVZJDqR4LJbDDAtxV+pz4wdPPrKheiAUc= +github.com/elastic/package-registry v0.8.1-0.20200804105354-737fb54752ce h1:8z0Zhk4an7XsDJSvOLWQ4hxhpUMl/4o4hCZwoL5AQ3Q= +github.com/elastic/package-registry v0.8.1-0.20200804105354-737fb54752ce/go.mod h1:oQx3Tg9ynuC6APd0o0OHud9kyPX6S6IzdJp/R4Hj1HY= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= @@ -94,8 +94,6 @@ github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y8 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/radovskyb/watcher v1.0.7 h1:AYePLih6dpmS32vlHfhCeli8127LzkIgwJGcwwe8tUE= -github.com/radovskyb/watcher v1.0.7/go.mod h1:78okwvY5wPdzcb1UYnip1pvrZNIVEIh/Cm+ZuvsUYIg= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= diff --git a/packages/apache/dataset/access/fields/base-fields.yml b/packages/apache/dataset/access/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/apache/dataset/access/fields/base-fields.yml +++ b/packages/apache/dataset/access/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/apache/dataset/error/fields/base-fields.yml b/packages/apache/dataset/error/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/apache/dataset/error/fields/base-fields.yml +++ b/packages/apache/dataset/error/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/apache/dataset/status/fields/base-fields.yml b/packages/apache/dataset/status/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/apache/dataset/status/fields/base-fields.yml +++ b/packages/apache/dataset/status/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/apache/docs/README.md b/packages/apache/docs/README.md index bd35c5fa9c8..e4e40c69e0e 100644 --- a/packages/apache/docs/README.md +++ b/packages/apache/docs/README.md @@ -24,6 +24,9 @@ Access logs collects the Apache access logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | http.request.method | HTTP request method. Prior to ECS 1.6.0 the following guidance was provided: "The field value must be normalized to lowercase for querying." As of ECS 1.6.0, the guidance is deprecated because the original case of the method may be useful in anomaly detection. Original case will be mandated in ECS 2.0.0 | keyword | | http.request.referrer | Referrer for this HTTP request. | keyword | | http.response.body.bytes | Size in bytes of the response body. | long | @@ -63,6 +66,9 @@ Error logs collects the Apache error logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | http.request.method | HTTP request method. Prior to ECS 1.6.0 the following guidance was provided: "The field value must be normalized to lowercase for querying." As of ECS 1.6.0, the guidance is deprecated because the original case of the method may be useful in anomaly detection. Original case will be mandated in ECS 2.0.0 | keyword | | http.request.referrer | Referrer for this HTTP request. | keyword | | http.response.body.bytes | Size in bytes of the response body. | long | @@ -235,4 +241,7 @@ An example event for `status` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | diff --git a/packages/apache/manifest.yml b/packages/apache/manifest.yml index 75e292b0c15..a2c5dc7d065 100644 --- a/packages/apache/manifest.yml +++ b/packages/apache/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: apache title: Apache -version: 0.1.2 +version: 0.1.3 license: basic description: Apache Integration type: integration diff --git a/packages/aws/dataset/billing/fields/base-fields.yml b/packages/aws/dataset/billing/fields/base-fields.yml index 932b03ae6b9..513860bc241 100644 --- a/packages/aws/dataset/billing/fields/base-fields.yml +++ b/packages/aws/dataset/billing/fields/base-fields.yml @@ -1,16 +1,23 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. + diff --git a/packages/aws/dataset/cloudtrail/fields/base-fields.yml b/packages/aws/dataset/cloudtrail/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/cloudtrail/fields/base-fields.yml +++ b/packages/aws/dataset/cloudtrail/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/cloudwatch_logs/fields/base-fields.yml b/packages/aws/dataset/cloudwatch_logs/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/cloudwatch_logs/fields/base-fields.yml +++ b/packages/aws/dataset/cloudwatch_logs/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/cloudwatch_metrics/fields/base-fields.yml b/packages/aws/dataset/cloudwatch_metrics/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/cloudwatch_metrics/fields/base-fields.yml +++ b/packages/aws/dataset/cloudwatch_metrics/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/dynamodb/fields/base-fields.yml b/packages/aws/dataset/dynamodb/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/dynamodb/fields/base-fields.yml +++ b/packages/aws/dataset/dynamodb/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/ebs/fields/base-fields.yml b/packages/aws/dataset/ebs/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/ebs/fields/base-fields.yml +++ b/packages/aws/dataset/ebs/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/ec2_logs/fields/base-fields.yml b/packages/aws/dataset/ec2_logs/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/ec2_logs/fields/base-fields.yml +++ b/packages/aws/dataset/ec2_logs/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/ec2_metrics/fields/base-fields.yml b/packages/aws/dataset/ec2_metrics/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/ec2_metrics/fields/base-fields.yml +++ b/packages/aws/dataset/ec2_metrics/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/elb_logs/fields/base-fields.yml b/packages/aws/dataset/elb_logs/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/elb_logs/fields/base-fields.yml +++ b/packages/aws/dataset/elb_logs/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/elb_metrics/fields/base-fields.yml b/packages/aws/dataset/elb_metrics/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/elb_metrics/fields/base-fields.yml +++ b/packages/aws/dataset/elb_metrics/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/lambda/fields/base-fields.yml b/packages/aws/dataset/lambda/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/lambda/fields/base-fields.yml +++ b/packages/aws/dataset/lambda/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/natgateway/fields/base-fields.yml b/packages/aws/dataset/natgateway/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/natgateway/fields/base-fields.yml +++ b/packages/aws/dataset/natgateway/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/rds/fields/base-fields.yml b/packages/aws/dataset/rds/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/rds/fields/base-fields.yml +++ b/packages/aws/dataset/rds/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/s3_daily_storage/fields/base-fields.yml b/packages/aws/dataset/s3_daily_storage/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/s3_daily_storage/fields/base-fields.yml +++ b/packages/aws/dataset/s3_daily_storage/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/s3_request/fields/base-fields.yml b/packages/aws/dataset/s3_request/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/s3_request/fields/base-fields.yml +++ b/packages/aws/dataset/s3_request/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/s3access/fields/base-fields.yml b/packages/aws/dataset/s3access/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/s3access/fields/base-fields.yml +++ b/packages/aws/dataset/s3access/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/sns/fields/base-fields.yml b/packages/aws/dataset/sns/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/sns/fields/base-fields.yml +++ b/packages/aws/dataset/sns/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/sqs/fields/base-fields.yml b/packages/aws/dataset/sqs/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/sqs/fields/base-fields.yml +++ b/packages/aws/dataset/sqs/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/transitgateway/fields/base-fields.yml b/packages/aws/dataset/transitgateway/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/transitgateway/fields/base-fields.yml +++ b/packages/aws/dataset/transitgateway/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/usage/fields/base-fields.yml b/packages/aws/dataset/usage/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/usage/fields/base-fields.yml +++ b/packages/aws/dataset/usage/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/vpcflow/fields/base-fields.yml b/packages/aws/dataset/vpcflow/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/vpcflow/fields/base-fields.yml +++ b/packages/aws/dataset/vpcflow/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/dataset/vpn/fields/base-fields.yml b/packages/aws/dataset/vpn/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/aws/dataset/vpn/fields/base-fields.yml +++ b/packages/aws/dataset/vpn/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/aws/docs/README.md b/packages/aws/docs/README.md index ace64634f21..7102c0c37eb 100644 --- a/packages/aws/docs/README.md +++ b/packages/aws/docs/README.md @@ -54,6 +54,9 @@ events for the account. If user creates a trail, it delivers those events as log | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.action | The action captured by the event. | keyword | | event.kind | Event kind (e.g. event, alert, metric, state, pipeline_error, signal) | keyword | | event.original | Raw text message of entire event. Used to demonstrate log integrity. | keyword | @@ -94,6 +97,9 @@ setup already. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### ec2 @@ -112,6 +118,9 @@ and `process.name`. For logs from other services, please use `cloudwatch` datase | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | process.name | Process name. | keyword | @@ -162,6 +171,9 @@ For network load balancer, please follow [enable access log for network load bal | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | destination.bytes | Bytes sent from the destination to the source. | long | | destination.domain | Destination domain. | keyword | | event.category | Event category (e.g. database) | keyword | @@ -235,6 +247,9 @@ for sending server access logs to S3 bucket. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.action | The action captured by the event. | keyword | | event.code | Identification code for this event, if one exists. | keyword | | event.duration | Duration of the event in nanoseconds. | long | @@ -288,6 +303,9 @@ for sending server access logs to S3 bucket. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | destination.address | Some event destination addresses are defined ambiguously. The event will sometimes list an IP, a domain or a unix socket. You should always store the raw address in the .address field. | keyword | | destination.as.number | Unique number allocated to the autonomous system. The autonomous system number (ASN) uniquely identifies each network on the Internet. | long | | destination.as.organization.name | Organization name. | keyword | @@ -423,6 +441,9 @@ An example event for `billing` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### cloudwatch @@ -524,6 +545,9 @@ An example event for `cloudwatch` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### dynamodb @@ -657,6 +681,9 @@ An example event for `dynamodb` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### ebs @@ -787,6 +814,9 @@ An example event for `ebs` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### ec2 @@ -987,6 +1017,9 @@ An example event for `ec2` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### elb @@ -1159,6 +1192,9 @@ An example event for `elb` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### lambda @@ -1280,6 +1316,9 @@ An example event for `lambda` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### natgateway @@ -1431,6 +1470,9 @@ An example event for `natgateway` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### rds @@ -1653,6 +1695,9 @@ An example event for `rds` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### s3_daily_storage @@ -1758,6 +1803,9 @@ An example event for `s3_daily_storage` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### s3_request @@ -1890,6 +1938,9 @@ An example event for `s3_request` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### sns @@ -2016,6 +2067,9 @@ An example event for `sns` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### sqs @@ -2132,6 +2186,9 @@ An example event for `sqs` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### transitgateway @@ -2255,6 +2312,9 @@ An example event for `transitgateway` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### usage @@ -2364,6 +2424,9 @@ An example event for `usage` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | ### vpn @@ -2472,4 +2535,7 @@ An example event for `vpn` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | diff --git a/packages/aws/manifest.yml b/packages/aws/manifest.yml index 3b785981b27..157d69bf686 100644 --- a/packages/aws/manifest.yml +++ b/packages/aws/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: aws title: AWS -version: 0.2.2 +version: 0.2.3 license: basic description: AWS Integration type: integration diff --git a/packages/cisco/dataset/asa/fields/base-fields.yml b/packages/cisco/dataset/asa/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/cisco/dataset/asa/fields/base-fields.yml +++ b/packages/cisco/dataset/asa/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/cisco/dataset/ftd/fields/base-fields.yml b/packages/cisco/dataset/ftd/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/cisco/dataset/ftd/fields/base-fields.yml +++ b/packages/cisco/dataset/ftd/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/cisco/dataset/ios/fields/base-fields.yml b/packages/cisco/dataset/ios/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/cisco/dataset/ios/fields/base-fields.yml +++ b/packages/cisco/dataset/ios/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/cisco/docs/README.md b/packages/cisco/docs/README.md index 85e2575924e..41cfeeeaca4 100644 --- a/packages/cisco/docs/README.md +++ b/packages/cisco/docs/README.md @@ -19,7 +19,7 @@ The `asa` dataset collects the Cisco firewall logs. | Field | Description | Type | |---|---|---| -| @timestamp | Event timestamp. | date | +| @timestamp | Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events. example: '2016-05-23T08:05:34.853Z' | date | | cisco.asa.connection_id | Unique identifier for a flow. | keyword | | cisco.asa.connection_type | The VPN connection type | keyword | | cisco.asa.dap_records | The assigned DAP records | keyword | @@ -41,9 +41,12 @@ The `asa` dataset collects the Cisco firewall logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.category | Event category (e.g. database) | keyword | | event.code | Identification code for this event | keyword | -| event.created | The date/time when the event was first read by an agent, or by your pipeline. | date | +| event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | | event.duration | Duration of the event in nanoseconds. | long | | event.end | The date when the event ended or when the activity was last observed. | keyword | | event.kind | Event kind (e.g. event) | keyword | @@ -63,7 +66,7 @@ The `ftd` dataset collects the Firepower Threat Defense logs. | Field | Description | Type | |---|---|---| -| @timestamp | Event timestamp. | date | +| @timestamp | Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events. example: '2016-05-23T08:05:34.853Z' | date | | cisco.ftd.connection_id | Unique identifier for a flow. | keyword | | cisco.ftd.connection_type | The VPN connection type | keyword | | cisco.ftd.dap_records | The assigned DAP records | keyword | @@ -86,9 +89,12 @@ The `ftd` dataset collects the Firepower Threat Defense logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.category | Event category (e.g. database) | keyword | | event.code | Identification code for this event | keyword | -| event.created | The date/time when the event was first read by an agent, or by your pipeline. | date | +| event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | | event.duration | Duration of the event in nanoseconds. | long | | event.end | The date when the event ended or when the activity was last observed. | keyword | | event.kind | Event kind (e.g. event) | keyword | @@ -114,9 +120,12 @@ The `ios` dataset collects the Cisco IOS router and switch logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.category | Event category (e.g. database) | keyword | | event.code | Identification code for this event | keyword | -| event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | +| event.created | The date/time when the event was first read by an agent, or by your pipeline. | date | | event.duration | Duration of the event in nanoseconds. | long | | event.end | The date when the event ended or when the activity was last observed. | keyword | | event.kind | Event kind (e.g. event) | keyword | diff --git a/packages/cisco/manifest.yml b/packages/cisco/manifest.yml index beb8d164936..3e8146c6cb8 100644 --- a/packages/cisco/manifest.yml +++ b/packages/cisco/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: cisco title: Cisco -version: 0.2.1 +version: 0.2.2 license: basic description: Cisco Integration type: integration diff --git a/packages/haproxy/dataset/info/fields/base-fields.yml b/packages/haproxy/dataset/info/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/haproxy/dataset/info/fields/base-fields.yml +++ b/packages/haproxy/dataset/info/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/haproxy/dataset/log/fields/base-fields.yml b/packages/haproxy/dataset/log/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/haproxy/dataset/log/fields/base-fields.yml +++ b/packages/haproxy/dataset/log/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/haproxy/dataset/stat/fields/base-fields.yml b/packages/haproxy/dataset/stat/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/haproxy/dataset/stat/fields/base-fields.yml +++ b/packages/haproxy/dataset/stat/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/haproxy/docs/README.md b/packages/haproxy/docs/README.md index d73ba905da1..bbcc37bdd27 100644 --- a/packages/haproxy/docs/README.md +++ b/packages/haproxy/docs/README.md @@ -22,6 +22,9 @@ The `log` dataset collects the HAProxy application logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | destination.ip | IP address of the destination (IPv4 or IPv6). | ip | | destination.port | Port of the destination. | long | | haproxy.backend_name | Name of the backend (or listener) which was selected to manage the connection to the server. | keyword | @@ -197,6 +200,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | haproxy.info.busy_polling | Number of busy polling. | long | | haproxy.info.bytes.out.rate | Average bytes output rate. | long | | haproxy.info.bytes.out.total | Number of bytes sent out. | long | @@ -361,6 +367,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | haproxy.stat.agent.check.description | Human readable version of check. | keyword | | haproxy.stat.agent.check.fall | Fall value of server. | integer | | haproxy.stat.agent.check.health | Health parameter of server. Between 0 and `agent.check.rise`+`agent.check.fall`-1. | integer | diff --git a/packages/haproxy/manifest.yml b/packages/haproxy/manifest.yml index bfb31b4a7bd..5d180233a76 100644 --- a/packages/haproxy/manifest.yml +++ b/packages/haproxy/manifest.yml @@ -1,6 +1,6 @@ name: haproxy title: HAProxy -version: 0.1.1 +version: 0.1.2 description: HAProxy Integration type: integration icons: diff --git a/packages/iis/dataset/access/fields/base-fields.yml b/packages/iis/dataset/access/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/iis/dataset/access/fields/base-fields.yml +++ b/packages/iis/dataset/access/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/iis/dataset/application_pool/fields/base-fields.yml b/packages/iis/dataset/application_pool/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/iis/dataset/application_pool/fields/base-fields.yml +++ b/packages/iis/dataset/application_pool/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/iis/dataset/error/fields/base-fields.yml b/packages/iis/dataset/error/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/iis/dataset/error/fields/base-fields.yml +++ b/packages/iis/dataset/error/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/iis/dataset/webserver/fields/base-fields.yml b/packages/iis/dataset/webserver/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/iis/dataset/webserver/fields/base-fields.yml +++ b/packages/iis/dataset/webserver/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/iis/dataset/website/fields/base-fields.yml b/packages/iis/dataset/website/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/iis/dataset/website/fields/base-fields.yml +++ b/packages/iis/dataset/website/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/iis/docs/README.md b/packages/iis/docs/README.md index 18b98b60ef3..d3f4401bded 100644 --- a/packages/iis/docs/README.md +++ b/packages/iis/docs/README.md @@ -120,6 +120,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | iis.webserver.*.* | webserver | object | @@ -188,6 +191,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | iis.website.name | website name | keyword | @@ -255,6 +261,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | iis.application_pool.name | application pool name | keyword | @@ -368,6 +377,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | destination.address | Some event destination addresses are defined ambiguously. The event will sometimes list an IP, a domain or a unix socket. You should always store the raw address in the `.address` field. Then it should be duplicated to `.ip` or `.domain`, depending on which one it is. | keyword | | destination.port | Port of the destination. | long | | host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | @@ -477,6 +489,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | destination.address | Some event destination addresses are defined ambiguously. The event will sometimes list an IP, a domain or a unix socket. You should always store the raw address in the `.address` field. Then it should be duplicated to `.ip` or `.domain`, depending on which one it is. | keyword | | destination.port | Port of the destination. | long | | http.request.method | HTTP request method. Prior to ECS 1.6.0 the following guidance was provided: "The field value must be normalized to lowercase for querying." As of ECS 1.6.0, the guidance is deprecated because the original case of the method may be useful in anomaly detection. Original case will be mandated in ECS 2.0.0 | keyword | diff --git a/packages/iis/manifest.yml b/packages/iis/manifest.yml index 455afbd9337..25ded1c03aa 100644 --- a/packages/iis/manifest.yml +++ b/packages/iis/manifest.yml @@ -1,6 +1,6 @@ name: iis title: IIS -version: 0.1.1 +version: 0.1.2 description: IIS Integration type: integration icons: diff --git a/packages/kafka/dataset/broker/fields/base-fields.yml b/packages/kafka/dataset/broker/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/kafka/dataset/broker/fields/base-fields.yml +++ b/packages/kafka/dataset/broker/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/kafka/dataset/consumergroup/fields/base-fields.yml b/packages/kafka/dataset/consumergroup/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/kafka/dataset/consumergroup/fields/base-fields.yml +++ b/packages/kafka/dataset/consumergroup/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/kafka/dataset/log/fields/base-fields.yml b/packages/kafka/dataset/log/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/kafka/dataset/log/fields/base-fields.yml +++ b/packages/kafka/dataset/log/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/kafka/dataset/partition/fields/base-fields.yml b/packages/kafka/dataset/partition/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/kafka/dataset/partition/fields/base-fields.yml +++ b/packages/kafka/dataset/partition/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/kafka/docs/README.md b/packages/kafka/docs/README.md index 55e09106a06..a464d48ba86 100644 --- a/packages/kafka/docs/README.md +++ b/packages/kafka/docs/README.md @@ -24,6 +24,9 @@ The `log` dataset collects and parses logs from Kafka servers. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kafka.log.class | Java class the log is coming from. | keyword | | kafka.log.component | Component the log is coming from. | keyword | | kafka.log.trace.class | Java class the trace is coming from. | keyword | @@ -94,6 +97,9 @@ An example event for `broker` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kafka.broker.address | Broker advertised address | keyword | | kafka.broker.id | Broker id | long | | kafka.broker.log.flush_rate | The log flush rate | float | @@ -203,6 +209,9 @@ An example event for `consumergroup` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kafka.broker.address | Broker advertised address | keyword | | kafka.broker.id | Broker id | long | | kafka.consumergroup.broker.address | Broker address | keyword | @@ -302,6 +311,9 @@ An example event for `partition` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kafka.broker.address | Broker advertised address | keyword | | kafka.broker.id | Broker id | long | | kafka.partition.broker.address | Broker address | keyword | diff --git a/packages/kafka/manifest.yml b/packages/kafka/manifest.yml index a52f9213895..0cf3243f7a0 100644 --- a/packages/kafka/manifest.yml +++ b/packages/kafka/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: kafka title: Kafka -version: 0.2.2 +version: 0.2.3 license: basic description: Kafka Integration type: integration diff --git a/packages/kubernetes/dataset/apiserver/fields/base-fields.yml b/packages/kubernetes/dataset/apiserver/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/apiserver/fields/base-fields.yml +++ b/packages/kubernetes/dataset/apiserver/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/container/fields/base-fields.yml b/packages/kubernetes/dataset/container/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/container/fields/base-fields.yml +++ b/packages/kubernetes/dataset/container/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/controllermanager/fields/base-fields.yml b/packages/kubernetes/dataset/controllermanager/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/controllermanager/fields/base-fields.yml +++ b/packages/kubernetes/dataset/controllermanager/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/event/fields/base-fields.yml b/packages/kubernetes/dataset/event/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/event/fields/base-fields.yml +++ b/packages/kubernetes/dataset/event/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/node/fields/base-fields.yml b/packages/kubernetes/dataset/node/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/node/fields/base-fields.yml +++ b/packages/kubernetes/dataset/node/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/pod/fields/base-fields.yml b/packages/kubernetes/dataset/pod/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/pod/fields/base-fields.yml +++ b/packages/kubernetes/dataset/pod/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/proxy/fields/base-fields.yml b/packages/kubernetes/dataset/proxy/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/proxy/fields/base-fields.yml +++ b/packages/kubernetes/dataset/proxy/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/scheduler/fields/base-fields.yml b/packages/kubernetes/dataset/scheduler/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/scheduler/fields/base-fields.yml +++ b/packages/kubernetes/dataset/scheduler/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_container/fields/base-fields.yml b/packages/kubernetes/dataset/state_container/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_container/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_container/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_cronjob/fields/base-fields.yml b/packages/kubernetes/dataset/state_cronjob/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_cronjob/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_cronjob/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_deployment/fields/base-fields.yml b/packages/kubernetes/dataset/state_deployment/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_deployment/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_deployment/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_node/fields/base-fields.yml b/packages/kubernetes/dataset/state_node/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_node/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_node/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_persistentvolume/fields/base-fields.yml b/packages/kubernetes/dataset/state_persistentvolume/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_persistentvolume/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_persistentvolume/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_persistentvolumeclaim/fields/base-fields.yml b/packages/kubernetes/dataset/state_persistentvolumeclaim/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_persistentvolumeclaim/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_persistentvolumeclaim/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_pod/fields/base-fields.yml b/packages/kubernetes/dataset/state_pod/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_pod/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_pod/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_replicaset/fields/base-fields.yml b/packages/kubernetes/dataset/state_replicaset/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_replicaset/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_replicaset/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_resourcequota/fields/base-fields.yml b/packages/kubernetes/dataset/state_resourcequota/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_resourcequota/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_resourcequota/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_service/fields/base-fields.yml b/packages/kubernetes/dataset/state_service/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_service/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_service/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_statefulset/fields/base-fields.yml b/packages/kubernetes/dataset/state_statefulset/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_statefulset/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_statefulset/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/state_storageclass/fields/base-fields.yml b/packages/kubernetes/dataset/state_storageclass/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/state_storageclass/fields/base-fields.yml +++ b/packages/kubernetes/dataset/state_storageclass/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/system/fields/base-fields.yml b/packages/kubernetes/dataset/system/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/system/fields/base-fields.yml +++ b/packages/kubernetes/dataset/system/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/dataset/volume/fields/base-fields.yml b/packages/kubernetes/dataset/volume/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/kubernetes/dataset/volume/fields/base-fields.yml +++ b/packages/kubernetes/dataset/volume/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/kubernetes/docs/README.md b/packages/kubernetes/docs/README.md index 899187bf3ad..be86a058b3a 100644 --- a/packages/kubernetes/docs/README.md +++ b/packages/kubernetes/docs/README.md @@ -205,6 +205,9 @@ An example event for `apiserver` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.apiserver.audit.event.count | Number of audit events | long | | kubernetes.apiserver.audit.rejected.count | Number of audit rejected events | long | | kubernetes.apiserver.client.request.count | Number of requests as client | long | @@ -445,6 +448,9 @@ An example event for `container` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.container.cpu.usage.core.ns | Container CPU Core usage nanoseconds | long | | kubernetes.container.cpu.usage.limit.pct | CPU usage as a percentage of the defined limit for the container (or total node allocatable CPU if unlimited) | scaled_float | | kubernetes.container.cpu.usage.nanocores | CPU used nanocores | long | @@ -605,6 +611,9 @@ An example event for `controllermanager` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.controllermanager.client.request.count | Number of requests as client | long | | kubernetes.controllermanager.code | HTTP code | keyword | | kubernetes.controllermanager.handler | Request handler | keyword | @@ -768,6 +777,9 @@ An example event for `event` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.event.count | Count field records the number of times the particular event has occurred | long | | kubernetes.event.involved_object.api_version | API version of the object | keyword | | kubernetes.event.involved_object.kind | API kind of the object | keyword | @@ -983,6 +995,9 @@ An example event for `node` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.node.cpu.usage.core.ns | Node CPU Core usage nanoseconds | long | | kubernetes.node.cpu.usage.nanocores | CPU used nanocores | long | | kubernetes.node.fs.available.bytes | Filesystem total available in bytes | long | @@ -1177,6 +1192,9 @@ An example event for `pod` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.pod.cpu.usage.limit.pct | CPU usage as a percentage of the defined limit for the pod containers (or total node CPU if one or more containers of the pod are unlimited) | scaled_float | | kubernetes.pod.cpu.usage.nanocores | CPU used nanocores | long | | kubernetes.pod.cpu.usage.node.pct | CPU usage as a percentage of the total node CPU | scaled_float | @@ -1453,6 +1471,9 @@ An example event for `proxy` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.proxy.client.request.count | Number of requests as client | long | | kubernetes.proxy.code | HTTP code | keyword | | kubernetes.proxy.handler | Request handler | keyword | @@ -1602,6 +1623,9 @@ An example event for `scheduler` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.scheduler.client.request.count | Number of requests as client | long | | kubernetes.scheduler.code | HTTP code | keyword | | kubernetes.scheduler.handler | Request handler | keyword | @@ -1758,6 +1782,9 @@ An example event for `state_container` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.container.cpu.limit.cores | Container CPU cores limit | float | | kubernetes.container.cpu.limit.nanocores | Container CPU nanocores limit | long | | kubernetes.container.cpu.request.cores | Container CPU requested cores | float | @@ -1879,6 +1906,9 @@ An example event for `state_cronjob` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.cronjob.active.count | Number of active pods for the cronjob | long | | kubernetes.cronjob.concurrency | Concurrency policy | keyword | | kubernetes.cronjob.created.sec | Epoch seconds since the cronjob was created | double | @@ -1995,6 +2025,9 @@ An example event for `state_deployment` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.deployment.paused | Kubernetes deployment paused status | boolean | | kubernetes.deployment.replicas.available | Deployment available replicas | integer | | kubernetes.deployment.replicas.desired | Deployment number of desired replicas (spec) | integer | @@ -2132,6 +2165,9 @@ An example event for `state_node` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.node.cpu.allocatable.cores | Node CPU allocatable cores | float | | kubernetes.node.cpu.capacity.cores | Node CPU capacity cores | long | | kubernetes.node.memory.allocatable.bytes | Node allocatable memory in bytes | long | @@ -2244,6 +2280,9 @@ An example event for `state_persistentvolume` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.persistentvolume.capacity.bytes | Volume capacity | long | | kubernetes.persistentvolume.name | Volume name. | keyword | | kubernetes.persistentvolume.phase | Volume phase according to kubernetes | keyword | @@ -2352,6 +2391,9 @@ An example event for `state_persistentvolumeclaim` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.persistentvolumeclaim.access_mode | Access mode. | keyword | | kubernetes.persistentvolumeclaim.name | PVC name. | keyword | | kubernetes.persistentvolumeclaim.phase | PVC phase. | keyword | @@ -2471,6 +2513,9 @@ An example event for `state_pod` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.pod.host_ip | Kubernetes pod host IP | ip | | kubernetes.pod.ip | Kubernetes pod IP | ip | | kubernetes.pod.status.phase | Kubernetes pod phase (Running, Pending...) | keyword | @@ -2589,6 +2634,9 @@ An example event for `state_replicaset` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.replicaset.replicas.available | The number of replicas per ReplicaSet | long | | kubernetes.replicaset.replicas.desired | The number of replicas per ReplicaSet | long | | kubernetes.replicaset.replicas.labeled | The number of fully labeled replicas per ReplicaSet | long | @@ -2694,6 +2742,9 @@ An example event for `state_resourcequota` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.resourcequota.created.sec | Epoch seconds since the ResourceQuota was created | double | | kubernetes.resourcequota.name | ResourceQuota name | keyword | | kubernetes.resourcequota.quota | Quota informed (hard or used) for the resource | double | @@ -2808,6 +2859,9 @@ An example event for `state_service` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.service.cluster_ip | Internal IP for the service. | ip | | kubernetes.service.created | Service creation date | date | | kubernetes.service.external_ip | Service external IP | keyword | @@ -2925,6 +2979,9 @@ An example event for `state_statefulset` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.statefulset.created | The creation timestamp (epoch) for StatefulSet | long | | kubernetes.statefulset.generation.desired | The desired generation per StatefulSet | long | | kubernetes.statefulset.generation.observed | The observed generation per StatefulSet | long | @@ -3036,6 +3093,9 @@ An example event for `state_storageclass` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.storageclass.created | Storage class creation date | date | | kubernetes.storageclass.name | Storage class name. | keyword | | kubernetes.storageclass.provisioner | Volume provisioner for the storage class. | keyword | @@ -3189,6 +3249,9 @@ An example event for `system` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.system.container | Container name | keyword | | kubernetes.system.cpu.usage.core.ns | CPU Core usage nanoseconds | long | | kubernetes.system.cpu.usage.nanocores | CPU used nanocores | long | @@ -3341,6 +3404,9 @@ An example event for `volume` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | kubernetes.volume.fs.available.bytes | Filesystem total available in bytes | long | | kubernetes.volume.fs.capacity.bytes | Filesystem total capacity in bytes | long | | kubernetes.volume.fs.inodes.count | Total inodes | long | diff --git a/packages/kubernetes/manifest.yml b/packages/kubernetes/manifest.yml index 6f299f6025e..d0125b27ab3 100644 --- a/packages/kubernetes/manifest.yml +++ b/packages/kubernetes/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: kubernetes title: Kubernetes -version: 0.1.4 +version: 0.1.5 license: basic description: Kubernetes Integration type: integration diff --git a/packages/log/dataset/log/fields/base-fields.yml b/packages/log/dataset/log/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/log/dataset/log/fields/base-fields.yml +++ b/packages/log/dataset/log/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/log/manifest.yml b/packages/log/manifest.yml index 18565a3fa4e..8c17c42debf 100644 --- a/packages/log/manifest.yml +++ b/packages/log/manifest.yml @@ -4,7 +4,7 @@ title: Custom logs description: > Collect your custom logs. type: integration -version: 0.3.2 +version: 0.3.3 release: experimental license: basic categories: diff --git a/packages/mongodb/dataset/collstats/fields/base-fields.yml b/packages/mongodb/dataset/collstats/fields/base-fields.yml index 27eb09d56c1..bb9e8886089 100644 --- a/packages/mongodb/dataset/collstats/fields/base-fields.yml +++ b/packages/mongodb/dataset/collstats/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,6 +20,7 @@ - name: '@timestamp' type: date description: Event timestamp. + - name: service.address type: keyword description: Address of the machine where the service is running. diff --git a/packages/mongodb/dataset/dbstats/fields/base-fields.yml b/packages/mongodb/dataset/dbstats/fields/base-fields.yml index 27eb09d56c1..bb9e8886089 100644 --- a/packages/mongodb/dataset/dbstats/fields/base-fields.yml +++ b/packages/mongodb/dataset/dbstats/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,6 +20,7 @@ - name: '@timestamp' type: date description: Event timestamp. + - name: service.address type: keyword description: Address of the machine where the service is running. diff --git a/packages/mongodb/dataset/log/fields/base-fields.yml b/packages/mongodb/dataset/log/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/mongodb/dataset/log/fields/base-fields.yml +++ b/packages/mongodb/dataset/log/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/mongodb/dataset/metrics/fields/base-fields.yml b/packages/mongodb/dataset/metrics/fields/base-fields.yml index 27eb09d56c1..bb9e8886089 100644 --- a/packages/mongodb/dataset/metrics/fields/base-fields.yml +++ b/packages/mongodb/dataset/metrics/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,6 +20,7 @@ - name: '@timestamp' type: date description: Event timestamp. + - name: service.address type: keyword description: Address of the machine where the service is running. diff --git a/packages/mongodb/dataset/replstatus/fields/base-fields.yml b/packages/mongodb/dataset/replstatus/fields/base-fields.yml index 27eb09d56c1..bb9e8886089 100644 --- a/packages/mongodb/dataset/replstatus/fields/base-fields.yml +++ b/packages/mongodb/dataset/replstatus/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,6 +20,7 @@ - name: '@timestamp' type: date description: Event timestamp. + - name: service.address type: keyword description: Address of the machine where the service is running. diff --git a/packages/mongodb/dataset/status/fields/base-fields.yml b/packages/mongodb/dataset/status/fields/base-fields.yml index 27eb09d56c1..bb9e8886089 100644 --- a/packages/mongodb/dataset/status/fields/base-fields.yml +++ b/packages/mongodb/dataset/status/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,6 +20,7 @@ - name: '@timestamp' type: date description: Event timestamp. + - name: service.address type: keyword description: Address of the machine where the service is running. diff --git a/packages/mongodb/docs/README.md b/packages/mongodb/docs/README.md index b0cdd496a4c..4f8bcdc3996 100644 --- a/packages/mongodb/docs/README.md +++ b/packages/mongodb/docs/README.md @@ -50,6 +50,9 @@ The `log` dataset collects the MongoDB logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.created | event.created contains the date/time when the event was first read by an agent, or by your pipeline. | date | | log.file.path | Full path to the log file this event came from, including the file name. | keyword | | log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | @@ -196,6 +199,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | mongodb.collstats.collection | Collection name. | keyword | | mongodb.collstats.commands.count | Number of database commands executed. | long | | mongodb.collstats.commands.time.us | Time executing database commands in microseconds. | long | @@ -317,6 +323,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | mongodb.dbstats.avg_obj_size.bytes | | long | | mongodb.dbstats.collections | | integer | | mongodb.dbstats.data_file_version.major | | long | @@ -619,6 +628,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | mongodb.metrics.commands.aggregate.failed | | long | | mongodb.metrics.commands.aggregate.total | | long | | mongodb.metrics.commands.build_info.failed | | long | @@ -817,6 +829,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | mongodb.replstatus.headroom.max | Difference between primary's oplog window and the replication lag of the fastest secondary | long | | mongodb.replstatus.headroom.min | Difference between primary's oplog window and the replication lag of the slowest secondary | long | | mongodb.replstatus.lag.max | Difference between optime of primary and slowest secondary | long | @@ -1106,6 +1121,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | mongodb.status.asserts.msg | Number of msg assertions produced by the server. | long | | mongodb.status.asserts.regular | Number of regular assertions produced by the server. | long | | mongodb.status.asserts.rollovers | Number of rollovers assertions produced by the server. | long | diff --git a/packages/mongodb/manifest.yml b/packages/mongodb/manifest.yml index 04a5143c0eb..05fcafd755a 100644 --- a/packages/mongodb/manifest.yml +++ b/packages/mongodb/manifest.yml @@ -1,6 +1,6 @@ name: mongodb title: MongoDB -version: 0.1.2 +version: 0.1.3 description: MongoDB Integration type: integration categories: diff --git a/packages/mysql/dataset/error/fields/base-fields.yml b/packages/mysql/dataset/error/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/mysql/dataset/error/fields/base-fields.yml +++ b/packages/mysql/dataset/error/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/mysql/dataset/galera_status/fields/base-fields.yml b/packages/mysql/dataset/galera_status/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/mysql/dataset/galera_status/fields/base-fields.yml +++ b/packages/mysql/dataset/galera_status/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/mysql/dataset/slowlog/fields/base-fields.yml b/packages/mysql/dataset/slowlog/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/mysql/dataset/slowlog/fields/base-fields.yml +++ b/packages/mysql/dataset/slowlog/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/mysql/dataset/status/fields/base-fields.yml b/packages/mysql/dataset/status/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/mysql/dataset/status/fields/base-fields.yml +++ b/packages/mysql/dataset/status/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/mysql/docs/README.md b/packages/mysql/docs/README.md index 31dbe2139fa..0b5f3e4b50c 100644 --- a/packages/mysql/docs/README.md +++ b/packages/mysql/docs/README.md @@ -23,6 +23,9 @@ The `error` dataset collects the MySQL error logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.category | Event category (e.g. database) | keyword | | event.code | Identification code for this event | keyword | | event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | @@ -47,6 +50,9 @@ The `slowlog` dataset collects the MySQL slow logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.duration | Duration of the event in nanoseconds. | long | | mysql.slowlog.bytes_received | The number of bytes received from client. | long | | mysql.slowlog.bytes_sent | The number of bytes sent to client. | long | @@ -216,6 +222,9 @@ An example event for `galera_status` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | mysql.galera_status.apply.oooe | How often applier started write-set applying out-of-order (parallelization efficiency). | double | | mysql.galera_status.apply.oool | How often write-set was so slow to apply that write-set with higher seqno's were applied earlier. Values closer to 0 refer to a greater gap between slow and fast write-sets. | double | | mysql.galera_status.apply.window | Average distance between highest and lowest concurrently applied seqno. | double | @@ -410,6 +419,9 @@ An example event for `status` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | mysql.status.aborted.clients | The number of connections that were aborted because the client died without closing the connection properly. | long | | mysql.status.aborted.connects | The number of failed attempts to connect to the MySQL server. | long | | mysql.status.binlog.cache.disk_use | | long | diff --git a/packages/mysql/manifest.yml b/packages/mysql/manifest.yml index bc7eec82a61..88c07746ef8 100644 --- a/packages/mysql/manifest.yml +++ b/packages/mysql/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: mysql title: MySQL -version: 0.2.2 +version: 0.2.3 license: basic description: MySQL Integration type: integration diff --git a/packages/netflow/dataset/log/fields/base-fields.yml b/packages/netflow/dataset/log/fields/base-fields.yml index d2792ff8fdf..a7e83eff712 100644 --- a/packages/netflow/dataset/log/fields/base-fields.yml +++ b/packages/netflow/dataset/log/fields/base-fields.yml @@ -1,33 +1,45 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. + +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/netflow/docs/README.md b/packages/netflow/docs/README.md index b9ac3203a14..920f0079658 100644 --- a/packages/netflow/docs/README.md +++ b/packages/netflow/docs/README.md @@ -20,7 +20,7 @@ The `log` dataset collects netflow logs. | Field | Description | Type | |---|---|---| -| @timestamp | Event timestamp. | date | +| @timestamp | Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events. | date | | agent.ephemeral_id | Ephemeral identifier of this agent (if one exists). This id normally changes across restarts, but `agent.id` does not. | keyword | | agent.id | Unique identifier of this agent (if one exists). Example: For Beats this would be beat.id. | keyword | | agent.name | Custom name of the agent. This is a name that can be given to an agent. This can be helpful if for example two Filebeat instances are running on the same host but a human readable separation is needed on which Filebeat instance data is coming from. If no name is given, the name is often left empty. | keyword | @@ -74,6 +74,9 @@ The `log` dataset collects netflow logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | destination.address | Some event destination addresses are defined ambiguously. The event will sometimes list an IP, a domain or a unix socket. You should always store the raw address in the `.address` field. Then it should be duplicated to `.ip` or `.domain`, depending on which one it is. | keyword | | destination.as.number | Unique number allocated to the autonomous system. The autonomous system number (ASN) uniquely identifies each network on the Internet. | long | | destination.as.organization.name | Organization name. | keyword | diff --git a/packages/netflow/manifest.yml b/packages/netflow/manifest.yml index 2c4687b5a87..cce1580960f 100644 --- a/packages/netflow/manifest.yml +++ b/packages/netflow/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: netflow title: NetFlow -version: 0.2.1 +version: 0.2.2 license: basic description: NetFlow Integration type: integration diff --git a/packages/nginx/dataset/access/fields/base-fields.yml b/packages/nginx/dataset/access/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/nginx/dataset/access/fields/base-fields.yml +++ b/packages/nginx/dataset/access/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/nginx/dataset/error/fields/base-fields.yml b/packages/nginx/dataset/error/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/nginx/dataset/error/fields/base-fields.yml +++ b/packages/nginx/dataset/error/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/nginx/dataset/ingress_controller/fields/base-fields.yml b/packages/nginx/dataset/ingress_controller/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/nginx/dataset/ingress_controller/fields/base-fields.yml +++ b/packages/nginx/dataset/ingress_controller/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/nginx/dataset/stubstatus/fields/base-fields.yml b/packages/nginx/dataset/stubstatus/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/nginx/dataset/stubstatus/fields/base-fields.yml +++ b/packages/nginx/dataset/stubstatus/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/nginx/docs/README.md b/packages/nginx/docs/README.md index 6ce5d72ffb5..1a32ae7932b 100644 --- a/packages/nginx/docs/README.md +++ b/packages/nginx/docs/README.md @@ -34,6 +34,9 @@ Access logs collects the nginx access logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | | http.request.method | HTTP request method. The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". | keyword | | http.request.referrer | Referrer for this HTTP request. | keyword | @@ -69,6 +72,9 @@ Error logs collects the nginx error logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | | log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | text | @@ -89,6 +95,9 @@ Error logs collects the ingress controller logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | | http.request.method | HTTP request method. The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". | keyword | | http.request.referrer | Referrer for this HTTP request. | keyword | @@ -187,6 +196,9 @@ An example event for `stubstatus` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | nginx.stubstatus.accepts | The total number of accepted client connections. | long | | nginx.stubstatus.active | The current number of active client connections including Waiting connections. | long | | nginx.stubstatus.current | The current number of client requests. | long | diff --git a/packages/nginx/manifest.yml b/packages/nginx/manifest.yml index fc21d110ba7..a164bcc211d 100644 --- a/packages/nginx/manifest.yml +++ b/packages/nginx/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: nginx title: Nginx -version: 0.2.2 +version: 0.2.3 license: basic description: Nginx Integration type: integration diff --git a/packages/postgresql/dataset/activity/fields/base-fields.yml b/packages/postgresql/dataset/activity/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/postgresql/dataset/activity/fields/base-fields.yml +++ b/packages/postgresql/dataset/activity/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/postgresql/dataset/bgwriter/fields/base-fields.yml b/packages/postgresql/dataset/bgwriter/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/postgresql/dataset/bgwriter/fields/base-fields.yml +++ b/packages/postgresql/dataset/bgwriter/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/postgresql/dataset/database/fields/base-fields.yml b/packages/postgresql/dataset/database/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/postgresql/dataset/database/fields/base-fields.yml +++ b/packages/postgresql/dataset/database/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/postgresql/dataset/log/fields/base-fields.yml b/packages/postgresql/dataset/log/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/postgresql/dataset/log/fields/base-fields.yml +++ b/packages/postgresql/dataset/log/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/postgresql/dataset/statement/fields/base-fields.yml b/packages/postgresql/dataset/statement/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/postgresql/dataset/statement/fields/base-fields.yml +++ b/packages/postgresql/dataset/statement/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/postgresql/docs/README.md b/packages/postgresql/docs/README.md index ebfa64869c0..971be61ce6f 100644 --- a/packages/postgresql/docs/README.md +++ b/packages/postgresql/docs/README.md @@ -22,6 +22,9 @@ The `log` dataset collects the PostgreSQL logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.category | Event category (e.g. database) | keyword | | event.code | Identification code for this event | keyword | | event.kind | Event kind (e.g. event) | keyword | @@ -104,6 +107,9 @@ An example event for `activity` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | postgresql.activity.application_name | Name of the application that is connected to this backend. | keyword | | postgresql.activity.backend_start | Time when this process was started, i.e., when the client connected to the server. | date | | postgresql.activity.client.address | IP address of the client connected to this backend. | keyword | @@ -183,6 +189,9 @@ An example event for `bgwriter` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | postgresql.bgwriter.buffers.allocated | Number of buffers allocated. | long | | postgresql.bgwriter.buffers.backend | Number of buffers written directly by a backend. | long | | postgresql.bgwriter.buffers.backend_fsync | Number of times a backend had to execute its own fsync call (normally the background writer handles those even when the backend does its own write) | long | @@ -262,6 +271,9 @@ An example event for `database` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | postgresql.database.blocks.hit | Number of times disk blocks were found already in the buffer cache, so that a read was not necessary (this only includes hits in the PostgreSQL buffer cache, not the operating system's file system cache). | long | | postgresql.database.blocks.read | Number of disk blocks read in this database. | long | | postgresql.database.blocks.time.read.ms | Time spent reading data file blocks by backends in this database, in milliseconds. | long | @@ -370,6 +382,9 @@ An example event for `statement` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | postgresql.statement.database.oid | OID of the database the query was run on. | long | | postgresql.statement.query.calls | Number of times the query has been run. | long | | postgresql.statement.query.id | ID of the statement. | long | diff --git a/packages/postgresql/manifest.yml b/packages/postgresql/manifest.yml index 257fd0c1273..877d49e2114 100644 --- a/packages/postgresql/manifest.yml +++ b/packages/postgresql/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: postgresql title: PostgreSQL -version: 0.1.1 +version: 0.1.2 license: basic description: PostgreSQL Integration type: integration diff --git a/packages/prometheus/dataset/collector/fields/base-fields.yml b/packages/prometheus/dataset/collector/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/prometheus/dataset/collector/fields/base-fields.yml +++ b/packages/prometheus/dataset/collector/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/prometheus/dataset/query/fields/base-fields.yml b/packages/prometheus/dataset/query/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/prometheus/dataset/query/fields/base-fields.yml +++ b/packages/prometheus/dataset/query/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/prometheus/dataset/remote_write/fields/base-fields.yml b/packages/prometheus/dataset/remote_write/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/prometheus/dataset/remote_write/fields/base-fields.yml +++ b/packages/prometheus/dataset/remote_write/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/prometheus/docs/README.md b/packages/prometheus/docs/README.md index c24d42ced1b..aec5939c261 100644 --- a/packages/prometheus/docs/README.md +++ b/packages/prometheus/docs/README.md @@ -197,6 +197,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | prometheus.*.counter | Prometheus counter metric | object | | prometheus.*.histogram | Prometheus histogram metric | object | | prometheus.*.rate | Prometheus rated counter metric | object | @@ -333,6 +336,9 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | prometheus.labels.* | Prometheus metric labels | object | | prometheus.metrics.* | Prometheus metric | object | @@ -456,5 +462,8 @@ The fields reported are: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | prometheus.labels.* | Prometheus metric labels | object | | prometheus.query.* | Prometheus value resulted from PromQL | object | diff --git a/packages/prometheus/manifest.yml b/packages/prometheus/manifest.yml index f7852454167..66e8fb8efaa 100644 --- a/packages/prometheus/manifest.yml +++ b/packages/prometheus/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: prometheus title: Prometheus -version: 0.1.1 +version: 0.1.2 license: basic description: Prometheus Integration type: integration diff --git a/packages/rabbitmq/dataset/connection/fields/base-fields.yml b/packages/rabbitmq/dataset/connection/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/rabbitmq/dataset/connection/fields/base-fields.yml +++ b/packages/rabbitmq/dataset/connection/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/rabbitmq/dataset/exchange/fields/base-fields.yml b/packages/rabbitmq/dataset/exchange/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/rabbitmq/dataset/exchange/fields/base-fields.yml +++ b/packages/rabbitmq/dataset/exchange/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/rabbitmq/dataset/log/fields/base-fields.yml b/packages/rabbitmq/dataset/log/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/rabbitmq/dataset/log/fields/base-fields.yml +++ b/packages/rabbitmq/dataset/log/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/rabbitmq/dataset/node/fields/base-fields.yml b/packages/rabbitmq/dataset/node/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/rabbitmq/dataset/node/fields/base-fields.yml +++ b/packages/rabbitmq/dataset/node/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/rabbitmq/dataset/queue/fields/base-fields.yml b/packages/rabbitmq/dataset/queue/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/rabbitmq/dataset/queue/fields/base-fields.yml +++ b/packages/rabbitmq/dataset/queue/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/rabbitmq/docs/README.md b/packages/rabbitmq/docs/README.md index 36780cac89e..24339ba0d2b 100644 --- a/packages/rabbitmq/docs/README.md +++ b/packages/rabbitmq/docs/README.md @@ -28,6 +28,9 @@ Application logs collects standard RabbitMQ logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | rabbitmq.log.pid | The Erlang process id | keyword | @@ -106,6 +109,9 @@ An example event for `connection` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | rabbitmq.connection.channel_max | The maximum number of channels allowed on the connection. | long | | rabbitmq.connection.channels | The number of channels on the connection. | long | | rabbitmq.connection.client_provided.name | User specified connection name. | keyword | @@ -184,6 +190,9 @@ An example event for `exchange` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | rabbitmq.exchange.auto_delete | Whether the queue will be deleted automatically when no longer used. | boolean | | rabbitmq.exchange.durable | Whether or not the queue survives server restarts. | boolean | | rabbitmq.exchange.internal | Whether the exchange is internal, i.e. cannot be directly published to by a client. | boolean | @@ -261,6 +270,9 @@ An example event for `node` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | rabbitmq.node.disk.free.bytes | Disk free space in bytes. | long | | rabbitmq.node.disk.free.limit.bytes | Point at which the disk alarm will go off. | long | | rabbitmq.node.fd.total | File descriptors available. | long | @@ -393,6 +405,9 @@ An example event for `queue` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | rabbitmq.queue.arguments.max_priority | Maximum number of priority levels for the queue to support. | long | | rabbitmq.queue.auto_delete | Whether the queue will be deleted automatically when no longer used. | boolean | | rabbitmq.queue.consumers.count | Number of consumers. | long | diff --git a/packages/rabbitmq/manifest.yml b/packages/rabbitmq/manifest.yml index fa194445625..6aedb659a43 100644 --- a/packages/rabbitmq/manifest.yml +++ b/packages/rabbitmq/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: rabbitmq title: RabbitMQ -version: 0.1.2 +version: 0.1.3 license: basic description: RabbitMQ Integration type: integration diff --git a/packages/redis/dataset/info/fields/base-fields.yml b/packages/redis/dataset/info/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/redis/dataset/info/fields/base-fields.yml +++ b/packages/redis/dataset/info/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/redis/dataset/key/fields/base-fields.yml b/packages/redis/dataset/key/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/redis/dataset/key/fields/base-fields.yml +++ b/packages/redis/dataset/key/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/redis/dataset/keyspace/fields/base-fields.yml b/packages/redis/dataset/keyspace/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/redis/dataset/keyspace/fields/base-fields.yml +++ b/packages/redis/dataset/keyspace/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/redis/dataset/log/fields/base-fields.yml b/packages/redis/dataset/log/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/redis/dataset/log/fields/base-fields.yml +++ b/packages/redis/dataset/log/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/redis/dataset/slowlog/fields/base-fields.yml b/packages/redis/dataset/slowlog/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/redis/dataset/slowlog/fields/base-fields.yml +++ b/packages/redis/dataset/slowlog/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/redis/docs/README.md b/packages/redis/docs/README.md index 46c14015c37..aff4a9c8f4c 100644 --- a/packages/redis/docs/README.md +++ b/packages/redis/docs/README.md @@ -24,6 +24,9 @@ The `log` dataset collects the Redis standard logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | | log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | text | @@ -43,6 +46,9 @@ The `slowlog` dataset collects the Redis slow logs. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | | log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | text | @@ -263,6 +269,9 @@ An example event for `info` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | os.full | Operating system name, including the version or code name. | keyword | | process.pid | Process id. | long | | redis.info.clients.biggest_input_buf | Biggest input buffer among current client connections (replaced by max_input_buffer). | long | @@ -372,7 +381,7 @@ An example event for `info` looks as following: | redis.info.stats.sync.partial.err | The number of denied partial resync requests | long | | redis.info.stats.sync.partial.ok | The number of accepted partial resync requests | long | | service.address | Client address | keyword | -| service.version | Version of the service the data was collected from. This allows to look at a data set only for a specific version of a service. | keyword | +| service.version | Version of the service the data was collected from | keyword | ### key @@ -444,6 +453,9 @@ An example event for `key` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | redis.key.expire.ttl | Seconds to expire. | long | | redis.key.id | Unique id for this key (With the form :). | keyword | | redis.key.length | Length of the key (Number of elements for lists, length for strings, cardinality for sets). | long | @@ -506,6 +518,9 @@ An example event for `keyspace` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | redis.keyspace.avg_ttl | Average ttl. | long | | redis.keyspace.expires | | long | | redis.keyspace.id | Keyspace identifier. | keyword | diff --git a/packages/redis/manifest.yml b/packages/redis/manifest.yml index 0bbf7503127..914b2618da6 100644 --- a/packages/redis/manifest.yml +++ b/packages/redis/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: redis title: Redis -version: 0.2.2 +version: 0.2.3 license: basic description: Redis Integration type: integration diff --git a/packages/system/dataset/auth/fields/base-fields.yml b/packages/system/dataset/auth/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/auth/fields/base-fields.yml +++ b/packages/system/dataset/auth/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/core/fields/base-fields.yml b/packages/system/dataset/core/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/core/fields/base-fields.yml +++ b/packages/system/dataset/core/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/cpu/fields/base-fields.yml b/packages/system/dataset/cpu/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/cpu/fields/base-fields.yml +++ b/packages/system/dataset/cpu/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/diskio/fields/base-fields.yml b/packages/system/dataset/diskio/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/diskio/fields/base-fields.yml +++ b/packages/system/dataset/diskio/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/entropy/fields/base-fields.yml b/packages/system/dataset/entropy/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/entropy/fields/base-fields.yml +++ b/packages/system/dataset/entropy/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/filesystem/fields/base-fields.yml b/packages/system/dataset/filesystem/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/filesystem/fields/base-fields.yml +++ b/packages/system/dataset/filesystem/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/fsstat/fields/base-fields.yml b/packages/system/dataset/fsstat/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/fsstat/fields/base-fields.yml +++ b/packages/system/dataset/fsstat/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/load/fields/base-fields.yml b/packages/system/dataset/load/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/load/fields/base-fields.yml +++ b/packages/system/dataset/load/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/memory/fields/base-fields.yml b/packages/system/dataset/memory/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/memory/fields/base-fields.yml +++ b/packages/system/dataset/memory/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/network/fields/base-fields.yml b/packages/system/dataset/network/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/network/fields/base-fields.yml +++ b/packages/system/dataset/network/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/network_summary/fields/base-fields.yml b/packages/system/dataset/network_summary/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/network_summary/fields/base-fields.yml +++ b/packages/system/dataset/network_summary/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/process/fields/base-fields.yml b/packages/system/dataset/process/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/process/fields/base-fields.yml +++ b/packages/system/dataset/process/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/process_summary/fields/base-fields.yml b/packages/system/dataset/process_summary/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/process_summary/fields/base-fields.yml +++ b/packages/system/dataset/process_summary/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/raid/fields/base-fields.yml b/packages/system/dataset/raid/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/raid/fields/base-fields.yml +++ b/packages/system/dataset/raid/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/service/fields/base-fields.yml b/packages/system/dataset/service/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/service/fields/base-fields.yml +++ b/packages/system/dataset/service/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/socket/fields/base-fields.yml b/packages/system/dataset/socket/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/socket/fields/base-fields.yml +++ b/packages/system/dataset/socket/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/socket_summary/fields/base-fields.yml b/packages/system/dataset/socket_summary/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/socket_summary/fields/base-fields.yml +++ b/packages/system/dataset/socket_summary/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/syslog/fields/base-fields.yml b/packages/system/dataset/syslog/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/syslog/fields/base-fields.yml +++ b/packages/system/dataset/syslog/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/uptime/fields/base-fields.yml b/packages/system/dataset/uptime/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/uptime/fields/base-fields.yml +++ b/packages/system/dataset/uptime/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/dataset/users/fields/base-fields.yml b/packages/system/dataset/users/fields/base-fields.yml index 932b03ae6b9..7c7d69a3c68 100644 --- a/packages/system/dataset/users/fields/base-fields.yml +++ b/packages/system/dataset/users/fields/base-fields.yml @@ -1,16 +1,22 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword - description: > - Dataset type. + description: Dataset type. - name: dataset.name type: constant_keyword - description: > - Dataset name. + description: Dataset name. - name: dataset.namespace type: constant_keyword - description: > - Dataset namespace. -- name: "@timestamp" + description: Dataset namespace. +- name: '@timestamp' type: date - description: > - Event timestamp. + description: Event timestamp. diff --git a/packages/system/docs/README.md b/packages/system/docs/README.md index 7a14a800069..94d0ae5d761 100644 --- a/packages/system/docs/README.md +++ b/packages/system/docs/README.md @@ -40,6 +40,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | host.architecture | Operating system architecture. | keyword | | host.ip | Host ip address. | ip | | host.mac | Host mac address. | keyword | @@ -90,6 +93,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | host.architecture | Operating system architecture. | keyword | | host.ip | Host ip address. | ip | | host.mac | Host mac address. | keyword | @@ -150,6 +156,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | host.architecture | Operating system architecture. | keyword | | host.ip | Host ip address. | ip | | host.mac | Host mac address. | keyword | @@ -203,6 +212,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | system.entropy.available_bits | The available bits of entropy | long | | system.entropy.pct | The percentage of available entropy, relative to the pool size of 4096 | scaled_float | @@ -228,6 +240,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | system.filesystem.available | The disk space available to an unprivileged user in bytes. | long | | system.filesystem.device_name | The disk name. For example: `/dev/disk1` | keyword | | system.filesystem.files | The total number of file nodes in the file system. | long | @@ -260,6 +275,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | host.architecture | Operating system architecture. | keyword | | host.ip | Host ip address. | ip | | host.mac | Host mac address. | keyword | @@ -297,6 +315,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | host.architecture | Operating system architecture. | keyword | | host.ip | Host ip address. | ip | | host.mac | Host mac address. | keyword | @@ -337,6 +358,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | host.architecture | Operating system architecture. | keyword | | host.ip | Host ip address. | ip | | host.mac | Host mac address. | keyword | @@ -401,6 +425,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | group.id | Unique identifier for the group on the system/platform. | keyword | | group.name | Name of the group. | keyword | | host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | @@ -445,6 +472,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | system.network_summary.icmp.* | ICMP counters | object | | system.network_summary.ip.* | IP counters | object | | system.network_summary.tcp.* | TCP counters | object | @@ -472,6 +502,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | host.architecture | Operating system architecture. | keyword | | host.ip | Host ip address. | ip | | host.mac | Host mac address. | keyword | @@ -584,6 +617,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | group.id | Unique identifier for the group on the system/platform. | keyword | | group.name | Name of the group. | keyword | | host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | @@ -626,6 +662,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | system.raid.blocks.synced | Number of blocks on the device that are in sync, in 1024-byte blocks. | long | | system.raid.blocks.total | Number of blocks the device holds, in 1024-byte blocks. | long | | system.raid.disks.active | Number of active disks. | long | @@ -655,6 +694,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | system.service.exec_code | The SIGCHLD code from the service's main process | keyword | | system.service.load_state | The load state of the service | keyword | | system.service.name | The name of the service | keyword | @@ -688,6 +730,9 @@ missing short-lived connections. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | network.direction | Direction of the network traffic. Recommended values are: * inbound * outbound * internal * external * unknown When mapping events from a host-based monitoring context, populate this field from the host's point of view. When mapping events from a network or perimeter-based monitoring context, populate this field from the point of view of your network perimeter. | keyword | | network.type | In the OSI Model this would be the Network Layer. ipv4, ipv6, ipsec, pim, etc The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". | keyword | | process.executable | Absolute path to the process executable. | keyword | @@ -728,6 +773,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | group.id | Unique identifier for the group on the system/platform. | keyword | | group.name | Name of the group. | keyword | | host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | @@ -783,6 +831,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | system.uptime.duration.ms | The OS uptime in milliseconds. | long | @@ -802,6 +853,9 @@ This dataset is available on: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | system.users.id | The ID of the session | keyword | | system.users.leader | The root PID of the session | long | | system.users.path | The DBus object path of the session | keyword | diff --git a/packages/system/manifest.yml b/packages/system/manifest.yml index 68fbebe7661..f70726fe7fa 100644 --- a/packages/system/manifest.yml +++ b/packages/system/manifest.yml @@ -1,7 +1,7 @@ format_version: 1.0.0 name: system title: System -version: 0.5.1 +version: 0.5.2 license: basic description: System Integration type: integration diff --git a/packages/windows/dataset/perfmon/fields/base-fields.yml b/packages/windows/dataset/perfmon/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/windows/dataset/perfmon/fields/base-fields.yml +++ b/packages/windows/dataset/perfmon/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/windows/dataset/service/fields/base-fields.yml b/packages/windows/dataset/service/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/windows/dataset/service/fields/base-fields.yml +++ b/packages/windows/dataset/service/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/windows/docs/README.md b/packages/windows/docs/README.md index aabb1f2d5d0..592ff83ba20 100644 --- a/packages/windows/docs/README.md +++ b/packages/windows/docs/README.md @@ -22,6 +22,9 @@ The Windows `service` dataset provides service details. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | windows.service.display_name | The display name of the service. | keyword | | windows.service.exit_code | For `Stopped` services this is the error code that service reports when starting to stopping. This will be the generic Windows service error code unless the service provides a service-specific error code. | keyword | | windows.service.id | A unique ID for the service. It is a hash of the machine's GUID and the service name. | keyword | @@ -47,6 +50,9 @@ The Windows `perfmon` dataset provides performance counter values. | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | windows.perfmon.instance | Instance value. | keyword | | windows.perfmon.metrics.*.* | Metric values returned. | object | | windows.perfmon.object | Object value. | keyword | diff --git a/packages/windows/manifest.yml b/packages/windows/manifest.yml index 53da65335a7..3c40989d908 100644 --- a/packages/windows/manifest.yml +++ b/packages/windows/manifest.yml @@ -1,6 +1,6 @@ name: windows title: Windows -version: 0.1.2 +version: 0.1.3 description: Windows Integration type: integration categories: diff --git a/packages/zookeeper/dataset/connection/fields/base-fields.yml b/packages/zookeeper/dataset/connection/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/zookeeper/dataset/connection/fields/base-fields.yml +++ b/packages/zookeeper/dataset/connection/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/zookeeper/dataset/mntr/fields/base-fields.yml b/packages/zookeeper/dataset/mntr/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/zookeeper/dataset/mntr/fields/base-fields.yml +++ b/packages/zookeeper/dataset/mntr/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/zookeeper/dataset/server/fields/base-fields.yml b/packages/zookeeper/dataset/server/fields/base-fields.yml index 6e9cee170ab..513860bc241 100644 --- a/packages/zookeeper/dataset/server/fields/base-fields.yml +++ b/packages/zookeeper/dataset/server/fields/base-fields.yml @@ -1,3 +1,13 @@ +- name: datastream.type + type: constant_keyword + description: Datastream type. +- name: datastream.dataset + type: constant_keyword + description: Datastream dataset. +- name: datastream.namespace + type: constant_keyword + description: Datastream namespace. + - name: dataset.type type: constant_keyword description: Dataset type. @@ -10,3 +20,4 @@ - name: '@timestamp' type: date description: Event timestamp. + diff --git a/packages/zookeeper/docs/README.md b/packages/zookeeper/docs/README.md index 78eba20a1dd..87d7643ddbb 100644 --- a/packages/zookeeper/docs/README.md +++ b/packages/zookeeper/docs/README.md @@ -77,6 +77,9 @@ An example event for `connection` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | zookeeper.connection.interest_ops | Interest ops | long | | zookeeper.connection.queued | Queued connections | long | | zookeeper.connection.received | Received connections | long | @@ -163,6 +166,9 @@ An example event for `mntr` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | service.version | Version of the service the data was collected from. This allows to look at a data set only for a specific version of a service. | keyword | | zookeeper.mntr.approximate_data_size | Approximate size of ZooKeeper data. | long | | zookeeper.mntr.ephemerals_count | Number of ephemeral znodes. | long | @@ -264,6 +270,9 @@ An example event for `server` looks as following: | dataset.name | Dataset name. | constant_keyword | | dataset.namespace | Dataset namespace. | constant_keyword | | dataset.type | Dataset type. | constant_keyword | +| datastream.dataset | Datastream dataset. | constant_keyword | +| datastream.namespace | Datastream namespace. | constant_keyword | +| datastream.type | Datastream type. | constant_keyword | | zookeeper.server.connections | Number of clients currently connected to the server | long | | zookeeper.server.count | Total transactions of the leader in epoch | long | | zookeeper.server.epoch | Epoch value of the Zookeeper transaction ID. An epoch signifies the period in which a server is a leader | long | diff --git a/packages/zookeeper/manifest.yml b/packages/zookeeper/manifest.yml index db35918f8f3..3e31afc2f3b 100644 --- a/packages/zookeeper/manifest.yml +++ b/packages/zookeeper/manifest.yml @@ -1,6 +1,6 @@ name: zookeeper title: ZooKeeper -version: 0.1.1 +version: 0.1.2 description: ZooKeeper Integration type: integration icons: