https://www.elastic.co/blog/elastic-common-schema-the-journey-so-far
May 19, 2021 - It's been just over two years since we introduced the Elastic Common Schema (ECS), and what a journey it’s been. ECS has evolved rapidly over these two years....
elastic common schemajourneyfarblog
https://www.elastic.co/docs/reference/ecs/ecs-observer
An observer is defined as a special network, security, or application device used to detect, observe, or create network, security, or application-related...
elastic common schemaobserverfieldsecs
https://www.elastic.co/docs/reference/elasticsearch/clients/ruby/ecs
The Elastic Common Schema (ECS) is an open source format that defines a common set of fields to be used when storing event data like logs in Elasticsearch...
elastic common schemaecsruby
https://www.elastic.co/docs/reference/ecs/ecs-converting
A common schema helps you correlate and use data from various sources. Fields for most Elastic modules and solutions (version 7.0 and later) are mapped...
elastic common schemacustom datamapecs
https://www.elastic.co/docs/reference/ecs/ecs-file
A file is defined as a set of information that has been created on, or has existed on a filesystem. File objects can be associated with host events, network...
elastic common schemafilefieldsecs
https://www.elastic.co/docs/reference/ecs/ecs-destination
Destination fields capture details about the receiver of a network exchange/packet. These fields are populated from a network event, packet, or other...
elastic common schemadestinationfieldsecs