Skip to content

Commit

Permalink
Adds link to Endpoint event documentation (#4105)
Browse files Browse the repository at this point in the history
* Adds link to Endpoint event documentation

* Updates terminology

(cherry picked from commit 9f39ec1)
  • Loading branch information
natasha-moore-elastic authored and mergify[bot] committed Oct 31, 2023
1 parent a7204fe commit db683f2
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions docs/reference/field-ref.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@ This section lists {ecs-ref}[Elastic Common Schema] (ECS) fields used by {elasti
IMPORTANT: We recommend you use {agent} integrations or {beats} to ship your data to {elastic-sec}. {agent} integrations and Beat modules (for example, {filebeat-ref}/filebeat-modules.html[{filebeat} modules]) are ECS-compliant, which means data they ship to {elastic-sec} will automatically populate the relevant ECS fields.
If you plan to use a custom implementation to map your data to ECS fields (see {ecs-ref}/ecs-converting.html[how to map data to ECS]), ensure the <<siem-always-required-fields, always required fields>> are populated. Ideally, all relevant ECS fields should be populated as well.

For detailed information about which ECS fields can appear in documents generated by {elastic-endpoint}, refer to the https://github.com/elastic/endpoint-package/tree/main/custom_documentation/doc/endpoint[Endpoint event documentation].

[float]
[[siem-always-required-fields]]
== Always required fields
Expand Down

0 comments on commit db683f2

Please sign in to comment.