forked from elastic/ecs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloud.yml
101 lines (88 loc) · 2.73 KB
/
cloud.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
---
- name: cloud
title: Cloud
group: 2
short: Fields about the cloud resource.
description: >
Fields related to the cloud or infrastructure the events
are coming from.
footnote: >
Examples: If Metricbeat is running on an EC2 host and fetches data from its
host, the cloud info contains the data about this machine. If Metricbeat
runs on a remote machine outside the cloud and fetches data from a service
running in the cloud, the field contains cloud data from the machine the
service is running on.
type: group
fields:
- name: provider
level: extended
example: aws
type: keyword
short: Name of the cloud provider.
description: >
Name of the cloud provider. Example values are aws, azure, gcp, or
digitalocean.
- name: availability_zone
level: extended
example: us-east-1c
type: keyword
description: >
Availability zone in which this host is running.
- name: region
level: extended
type: keyword
example: us-east-1
description: >
Region in which this host is running.
- name: instance.id
level: extended
type: keyword
example: i-1234567890abcdef0
description: >
Instance ID of the host machine.
- name: instance.name
level: extended
type: keyword
description: >
Instance name of the host machine.
- name: machine.type
level: extended
type: keyword
example: t2.medium
description: >
Machine type of the host machine.
- name: account.id
level: extended
type: keyword
example: 666777888999
short: The cloud account or organization id.
description: >
The cloud account or organization id used to identify different
entities in a multi-tenant environment.
Examples: AWS account id, Google Cloud ORG Id, or other unique
identifier.
- name: account.name
level: extended
type: keyword
example: elastic-dev
short: The cloud account name.
description: >
The cloud account name or alias used to identify different entities in
a multi-tenant environment.
Examples: AWS account name, Google Cloud ORG display name.
- name: project.id
level: extended
type: keyword
example: my-project
short: The cloud project id.
description: >
The cloud project identifier.
Examples: Google Cloud Project id, Azure Project id.
- name: project.name
level: extended
type: keyword
example: my project
short: The cloud project name.
description: >
The cloud project name.
Examples: Google Cloud Project name, Azure Project name.