Whether you’re conducting security analytics, operations analytics, or a different use case altogether, you likely perform centralized analysis of data from diverse sources. Wouldn’t it be useful if you could apply a common data model to all that data to simplify the cross-source analysis and correlation? Say hello to the Elastic Common Schema!
The Elastic Common Schema (ECS) defines a common set of fields and naming guidelines for ingesting data into Elasticsearch, helping you correlate data from diverse vendors and technologies (e.g., Apache web logs, Cisco NetFlow, Tanium endpoint events). Whether you’re searching your data, exploring it with Kibana, configuring a machine learning job, or configuring an alert, ECS will enhance your productivity and power.
This webinar will include:
- An overview of ECS and its benefits
- A demo for implementing ECS
- Best practices for using ECS for your data
- View the ECS GitHub repository to find a list of standard fields, a contribution guide, and more