IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
Overview »

Elastic Common Schema (ECS) Reference

  • Elastic Common Schema (ECS) Reference: other versions:
  • Overview
  • Using ECS
    • Getting Started
    • Guidelines and Best Practices
    • Conventions
    • Custom Fields
  • ECS Field Reference
    • Base Fields
    • Agent Fields
    • Autonomous System Fields
    • Client Fields
    • Cloud Fields
    • Code Signature Fields
    • Container Fields
    • Destination Fields
    • DLL Fields
    • DNS Fields
    • ECS Fields
    • Error Fields
    • Event Fields
    • File Fields
    • Geo Fields
    • Group Fields
    • Hash Fields
    • Host Fields
    • HTTP Fields
    • Interface Fields
    • Log Fields
    • Network Fields
    • Observer Fields
    • Organization Fields
    • Operating System Fields
    • Package Fields
    • PE Header Fields
    • Process Fields
    • Registry Fields
    • Related Fields
    • Rule Fields
    • Server Fields
    • Service Fields
    • Source Fields
    • Threat Fields
    • TLS Fields
    • Tracing Fields
    • URL Fields
    • User Fields
    • User agent Fields
    • VLAN Fields
    • Vulnerability Fields
  • ECS Categorization Fields
    • ECS Categorization Field: event.kind
    • ECS Categorization Field: event.category
    • ECS Categorization Field: event.type
    • ECS Categorization Field: event.outcome
  • Migrating to ECS
    • Products and Solutions that Support ECS
    • Converting a Custom Implementation
  • Additional Information
    • Questions and Answers
    • Glossary of ECS Terms
    • Contributing to ECS
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.
Overview »

Most Popular

Video

Get Started with Elasticsearch

Video

Intro to Kibana

Video

ELK for Logs & Metrics