Fields and object schemas

This section lists Elastic Common Schema (ECS) fields the Infrastructure apps use to display data.

ECS is an open source specification that defines a standard set of fields to use when storing event data in Elasticsearch, such as logs and metrics.

Beat modules (for example, Filebeat modules) are ECS-compliant, so manual field mapping is not required, and all data is populated automatically in the Infrastructure app. If you cannot use Beats, map your data to ECS fields). You can also try using the experimental ECS Mapper tool.

This reference covers Infrastructure app fields.