Cloud Fieldsedit

Fields related to the cloud or infrastructure the events are coming from.

Cloud Field Detailsedit

Field Description Level

cloud.account.id

The cloud account or organization id used to identify different entities in a multi-tenant environment.

Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.

type: keyword

example: 666777888999

extended

cloud.availability_zone

Availability zone in which this host is running.

type: keyword

example: us-east-1c

extended

cloud.instance.id

Instance ID of the host machine.

type: keyword

example: i-1234567890abcdef0

extended

cloud.instance.name

Instance name of the host machine.

type: keyword

extended

cloud.machine.type

Machine type of the host machine.

type: keyword

example: t2.medium

extended

cloud.provider

Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean.

type: keyword

example: aws

extended

cloud.region

Region in which this host is running.

type: keyword

example: us-east-1

extended