Clarify geo field set description. (elastic#333)

Loosened up the definition of `geo` fieldset. Not necessarily geo-ip based.
kgeller · Feb 22, 2019 · 405676b · 405676b
1 parent 34b391c
commit 405676b
Show file tree

Hide file tree

Showing 6 changed files with 16 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -24,6 +24,7 @@ All notable changes to this project will be documented in this file based on the
 ### Improvements
 * Clarified the definition of the host fields #325
 * Specify the `object_type` for field `labels`. #331
+* Loosen up definition of `geo` field set. Not necessarily geo-ip based, since `geo.name`. #333
 
 ### Deprecated
 

diff --git a/README.md b/README.md
@@ -261,7 +261,9 @@ File objects can be associated with host events, network events, and/or file eve
 
 ## <a name="geo"></a> Geo fields
 
-Geo fields can carry data about a specific location related to an event or geo information derived from an IP field.
+Geo fields can carry data about a specific location related to an event.
+
+This geolocation information can be derived from techniques such as Geo IP, or be user-supplied.
 
 
 The `geo` fields are expected to be nested at: `client.geo`, `destination.geo`, `host.geo`, `observer.geo`, `server.geo`, `source.geo`.

diff --git a/code/go/ecs/geo.go b/code/go/ecs/geo.go
diff --git a/fields.yml b/fields.yml
@@ -745,8 +745,10 @@
       group: 2
       short: Fields describing a location.
       description: >
-        Geo fields can carry data about a specific location related to an event
-        or geo information derived from an IP field.
+        Geo fields can carry data about a specific location related to an event.
+    
+        This geolocation information can be derived from techniques such as Geo IP,
+        or be user-supplied.
       reusable:
         top_level: false
         expected:

diff --git a/schema.json b/schema.json
@@ -810,7 +810,7 @@
     "type": "group"
   }, 
   "geo": {
-    "description": "Geo fields can carry data about a specific location related to an event or geo information derived from an IP field.\n", 
+    "description": "Geo fields can carry data about a specific location related to an event.\nThis geolocation information can be derived from techniques such as Geo IP, or be user-supplied.\n", 
     "fields": {
       "geo.city_name": {
         "description": "City name.", 

diff --git a/schemas/geo.yml b/schemas/geo.yml
@@ -4,8 +4,10 @@
   group: 2
   short: Fields describing a location.
   description: >
-    Geo fields can carry data about a specific location related to an event
-    or geo information derived from an IP field.
+    Geo fields can carry data about a specific location related to an event.
+
+    This geolocation information can be derived from techniques such as Geo IP,
+    or be user-supplied.
   reusable:
     top_level: false
     expected: