forked from elastic/ecs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloud.yml
70 lines (63 loc) · 1.92 KB
/
cloud.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
---
- name: cloud
title: Cloud
group: 2
short: Fields about the cloud resource.
description: >
Fields related to the cloud or infrastructure the events
are coming from.
footnote: >
Examples: If Metricbeat is running on an EC2 host and fetches data from its
host, the cloud info contains the data about this machine. If Metricbeat
runs on a remote machine outside the cloud and fetches data from a service
running in the cloud, the field contains cloud data from the machine the
service is running on.
type: group
fields:
- name: provider
level: extended
example: aws
type: keyword
short: Name of the cloud provider.
description: >
Name of the cloud provider. Example values are aws, azure, gcp, or
digitalocean.
- name: availability_zone
level: extended
example: us-east-1c
type: keyword
description: >
Availability zone in which this host is running.
- name: region
level: extended
type: keyword
example: us-east-1
description: >
Region in which this host is running.
- name: instance.id
level: extended
type: keyword
example: i-1234567890abcdef0
description: >
Instance ID of the host machine.
- name: instance.name
level: extended
type: keyword
description: >
Instance name of the host machine.
- name: machine.type
level: extended
type: keyword
example: t2.medium
description: >
Machine type of the host machine.
- name: account.id
level: extended
type: keyword
example: 666777888999
short: The cloud account or organization id.
description: >
The cloud account or organization id used to identify different
entities in a multi-tenant environment.
Examples: AWS account id, Google Cloud ORG Id, or other unique
identifier.