diff --git a/CHANGELOG.next.md b/CHANGELOG.next.md index bc78ca8138..0cad5ab971 100644 --- a/CHANGELOG.next.md +++ b/CHANGELOG.next.md @@ -20,6 +20,7 @@ Thanks, you're awesome :-) --> * Added `http.request.id`. #1208 * Added `cloud.service.name`. #1204 * Added `hash.ssdeep`. #1169 +* Added `geo.timezone`, `geo.postal_code`, and `geo.continent_code`. #1229 #### Improvements diff --git a/code/go/ecs/geo.go b/code/go/ecs/geo.go index 89bfd81704..4033ac1d57 100644 --- a/code/go/ecs/geo.go +++ b/code/go/ecs/geo.go @@ -26,6 +26,9 @@ type Geo struct { // Longitude and latitude. Location string `ecs:"location"` + // Two-letter code representing continent's name. + ContinentCode string `ecs:"continent_code"` + // Name of the continent. ContinentName string `ecs:"continent_name"` @@ -41,9 +44,17 @@ type Geo struct { // Country ISO code. CountryIsoCode string `ecs:"country_iso_code"` + // Postal code associated with the location. + // Values appropriate for this field may also be known as a postcode or ZIP + // code and will vary widely from country to country. + PostalCode string `ecs:"postal_code"` + // Region ISO code. RegionIsoCode string `ecs:"region_iso_code"` + // The time zone of the location, such as IANA time zone name. + Timezone string `ecs:"timezone"` + // User-defined description of a location, at the level of granularity they // care about. // Could be the name of their data centers, the floor number, if this diff --git a/docs/field-details.asciidoc b/docs/field-details.asciidoc index b1d4dbe8be..64379b2aaf 100644 --- a/docs/field-details.asciidoc +++ b/docs/field-details.asciidoc @@ -2788,6 +2788,22 @@ example: `Montreal` // =============================================================== +| +[[field-geo-continent-code]] +<> + +| Two-letter code representing continent's name. + +type: keyword + + + +example: `NA` + +| core + +// =============================================================== + | [[field-geo-continent-name]] <> @@ -2872,6 +2888,24 @@ example: `boston-dc` // =============================================================== +| +[[field-geo-postal-code]] +<> + +| Postal code associated with the location. + +Values appropriate for this field may also be known as a postcode or ZIP code and will vary widely from country to country. + +type: keyword + + + +example: `94040` + +| core + +// =============================================================== + | [[field-geo-region-iso-code]] <> @@ -2904,6 +2938,22 @@ example: `Quebec` // =============================================================== +| +[[field-geo-timezone]] +<> + +| The time zone of the location, such as IANA time zone name. + +type: keyword + + + +example: `America/Argentina/Buenos_Aires` + +| core + +// =============================================================== + |===== [discrete] diff --git a/experimental/generated/beats/fields.ecs.yml b/experimental/generated/beats/fields.ecs.yml index 23727e859f..8a88804d62 100644 --- a/experimental/generated/beats/fields.ecs.yml +++ b/experimental/generated/beats/fields.ecs.yml @@ -205,6 +205,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -239,6 +246,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -251,6 +268,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: ip level: core type: ip @@ -683,6 +707,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -717,6 +748,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -729,6 +770,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: ip level: core type: ip @@ -2007,6 +2055,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: continent_name level: core type: keyword @@ -2041,6 +2096,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: region_iso_code level: core type: keyword @@ -2053,6 +2118,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: group title: Group group: 2 @@ -2173,6 +2245,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -2207,6 +2286,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -2219,6 +2308,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: hostname level: core type: wildcard @@ -2925,6 +3021,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -2959,6 +3062,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -2971,6 +3084,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: hostname level: core type: keyword @@ -4183,6 +4303,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -4217,6 +4344,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -4229,6 +4366,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: ip level: core type: ip @@ -4512,6 +4656,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -4546,6 +4697,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -4558,6 +4719,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: ip level: core type: ip diff --git a/experimental/generated/csv/fields.csv b/experimental/generated/csv/fields.csv index d7cded544d..cc2fce2539 100644 --- a/experimental/generated/csv/fields.csv +++ b/experimental/generated/csv/fields.csv @@ -16,13 +16,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev+exp,true,client,client.bytes,long,core,,184,Bytes sent from the client to the server. 1.9.0-dev+exp,true,client,client.domain,wildcard,core,,,Client domain. 1.9.0-dev+exp,true,client,client.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev+exp,true,client,client.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev+exp,true,client,client.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev+exp,true,client,client.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev+exp,true,client,client.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev+exp,true,client,client.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev+exp,true,client,client.geo.name,wildcard,extended,,boston-dc,User-defined description of a location. +1.9.0-dev+exp,true,client,client.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev+exp,true,client,client.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev+exp,true,client,client.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev+exp,true,client,client.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev+exp,true,client,client.ip,ip,core,,,IP address of the client. 1.9.0-dev+exp,true,client,client.mac,keyword,core,,,MAC address of the client. 1.9.0-dev+exp,true,client,client.nat.ip,ip,extended,,,Client NAT ip address @@ -71,13 +74,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev+exp,true,destination,destination.bytes,long,core,,184,Bytes sent from the destination to the source. 1.9.0-dev+exp,true,destination,destination.domain,wildcard,core,,,Destination domain. 1.9.0-dev+exp,true,destination,destination.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev+exp,true,destination,destination.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev+exp,true,destination,destination.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev+exp,true,destination,destination.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev+exp,true,destination,destination.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev+exp,true,destination,destination.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev+exp,true,destination,destination.geo.name,wildcard,extended,,boston-dc,User-defined description of a location. +1.9.0-dev+exp,true,destination,destination.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev+exp,true,destination,destination.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev+exp,true,destination,destination.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev+exp,true,destination,destination.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev+exp,true,destination,destination.ip,ip,core,,,IP address of the destination. 1.9.0-dev+exp,true,destination,destination.mac,keyword,core,,,MAC address of the destination. 1.9.0-dev+exp,true,destination,destination.nat.ip,ip,extended,,,Destination NAT ip @@ -241,13 +247,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev+exp,true,host,host.disk.write.bytes,long,extended,,,The number of bytes written on all disks. 1.9.0-dev+exp,true,host,host.domain,keyword,extended,,CONTOSO,Name of the directory the group is a member of. 1.9.0-dev+exp,true,host,host.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev+exp,true,host,host.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev+exp,true,host,host.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev+exp,true,host,host.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev+exp,true,host,host.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev+exp,true,host,host.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev+exp,true,host,host.geo.name,wildcard,extended,,boston-dc,User-defined description of a location. +1.9.0-dev+exp,true,host,host.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev+exp,true,host,host.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev+exp,true,host,host.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev+exp,true,host,host.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev+exp,true,host,host.hostname,wildcard,core,,,Hostname of the host. 1.9.0-dev+exp,true,host,host.id,keyword,core,,,Unique host id. 1.9.0-dev+exp,true,host,host.ip,ip,core,array,,Host ip addresses. @@ -332,13 +341,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev+exp,true,observer,observer.egress.vlan.name,keyword,extended,,outside,Optional VLAN name as reported by the observer. 1.9.0-dev+exp,true,observer,observer.egress.zone,keyword,extended,,Public_Internet,Observer Egress zone 1.9.0-dev+exp,true,observer,observer.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev+exp,true,observer,observer.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev+exp,true,observer,observer.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev+exp,true,observer,observer.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev+exp,true,observer,observer.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev+exp,true,observer,observer.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev+exp,true,observer,observer.geo.name,wildcard,extended,,boston-dc,User-defined description of a location. +1.9.0-dev+exp,true,observer,observer.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev+exp,true,observer,observer.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev+exp,true,observer,observer.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev+exp,true,observer,observer.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev+exp,true,observer,observer.hostname,keyword,core,,,Hostname of the observer. 1.9.0-dev+exp,true,observer,observer.ingress,object,extended,,,Object field for ingress information 1.9.0-dev+exp,true,observer,observer.ingress.interface.alias,keyword,extended,,outside,Interface alias @@ -484,13 +496,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev+exp,true,server,server.bytes,long,core,,184,Bytes sent from the server to the client. 1.9.0-dev+exp,true,server,server.domain,wildcard,core,,,Server domain. 1.9.0-dev+exp,true,server,server.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev+exp,true,server,server.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev+exp,true,server,server.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev+exp,true,server,server.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev+exp,true,server,server.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev+exp,true,server,server.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev+exp,true,server,server.geo.name,wildcard,extended,,boston-dc,User-defined description of a location. +1.9.0-dev+exp,true,server,server.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev+exp,true,server,server.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev+exp,true,server,server.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev+exp,true,server,server.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev+exp,true,server,server.ip,ip,core,,,IP address of the server. 1.9.0-dev+exp,true,server,server.mac,keyword,core,,,MAC address of the server. 1.9.0-dev+exp,true,server,server.nat.ip,ip,extended,,,Server NAT ip @@ -526,13 +541,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev+exp,true,source,source.bytes,long,core,,184,Bytes sent from the source to the destination. 1.9.0-dev+exp,true,source,source.domain,wildcard,core,,,Source domain. 1.9.0-dev+exp,true,source,source.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev+exp,true,source,source.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev+exp,true,source,source.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev+exp,true,source,source.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev+exp,true,source,source.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev+exp,true,source,source.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev+exp,true,source,source.geo.name,wildcard,extended,,boston-dc,User-defined description of a location. +1.9.0-dev+exp,true,source,source.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev+exp,true,source,source.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev+exp,true,source,source.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev+exp,true,source,source.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev+exp,true,source,source.ip,ip,core,,,IP address of the source. 1.9.0-dev+exp,true,source,source.mac,keyword,core,,,MAC address of the source. 1.9.0-dev+exp,true,source,source.nat.ip,ip,extended,,,Source NAT ip diff --git a/experimental/generated/ecs/ecs_flat.yml b/experimental/generated/ecs/ecs_flat.yml index 4cab1099ae..2b4dc2772b 100644 --- a/experimental/generated/ecs/ecs_flat.yml +++ b/experimental/generated/ecs/ecs_flat.yml @@ -175,6 +175,18 @@ client.geo.city_name: original_fieldset: geo short: City name. type: keyword +client.geo.continent_code: + dashed_name: client-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: client.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword client.geo.continent_name: dashed_name: client-geo-continent-name description: Name of the continent. @@ -239,6 +251,21 @@ client.geo.name: original_fieldset: geo short: User-defined description of a location. type: wildcard +client.geo.postal_code: + dashed_name: client-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: client.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword client.geo.region_iso_code: dashed_name: client-geo-region-iso-code description: Region ISO code. @@ -263,6 +290,18 @@ client.geo.region_name: original_fieldset: geo short: Region name. type: keyword +client.geo.timezone: + dashed_name: client-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: client.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword client.ip: dashed_name: client-ip description: IP address of the client (IPv4 or IPv6). @@ -825,6 +864,18 @@ destination.geo.city_name: original_fieldset: geo short: City name. type: keyword +destination.geo.continent_code: + dashed_name: destination-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: destination.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword destination.geo.continent_name: dashed_name: destination-geo-continent-name description: Name of the continent. @@ -889,6 +940,21 @@ destination.geo.name: original_fieldset: geo short: User-defined description of a location. type: wildcard +destination.geo.postal_code: + dashed_name: destination-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: destination.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword destination.geo.region_iso_code: dashed_name: destination-geo-region-iso-code description: Region ISO code. @@ -913,6 +979,18 @@ destination.geo.region_name: original_fieldset: geo short: Region name. type: keyword +destination.geo.timezone: + dashed_name: destination-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: destination.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword destination.ip: dashed_name: destination-ip description: IP address of the destination (IPv4 or IPv6). @@ -3326,6 +3404,18 @@ host.geo.city_name: original_fieldset: geo short: City name. type: keyword +host.geo.continent_code: + dashed_name: host-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: host.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword host.geo.continent_name: dashed_name: host-geo-continent-name description: Name of the continent. @@ -3390,6 +3480,21 @@ host.geo.name: original_fieldset: geo short: User-defined description of a location. type: wildcard +host.geo.postal_code: + dashed_name: host-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: host.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword host.geo.region_iso_code: dashed_name: host-geo-region-iso-code description: Region ISO code. @@ -3414,6 +3519,18 @@ host.geo.region_name: original_fieldset: geo short: Region name. type: keyword +host.geo.timezone: + dashed_name: host-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: host.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword host.hostname: dashed_name: host-hostname description: 'Hostname of the host. @@ -4462,6 +4579,18 @@ observer.geo.city_name: original_fieldset: geo short: City name. type: keyword +observer.geo.continent_code: + dashed_name: observer-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: observer.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword observer.geo.continent_name: dashed_name: observer-geo-continent-name description: Name of the continent. @@ -4526,6 +4655,21 @@ observer.geo.name: original_fieldset: geo short: User-defined description of a location. type: wildcard +observer.geo.postal_code: + dashed_name: observer-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: observer.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword observer.geo.region_iso_code: dashed_name: observer-geo-region-iso-code description: Region ISO code. @@ -4550,6 +4694,18 @@ observer.geo.region_name: original_fieldset: geo short: Region name. type: keyword +observer.geo.timezone: + dashed_name: observer-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: observer.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword observer.hostname: dashed_name: observer-hostname description: Hostname of the observer. @@ -6208,6 +6364,18 @@ server.geo.city_name: original_fieldset: geo short: City name. type: keyword +server.geo.continent_code: + dashed_name: server-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: server.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword server.geo.continent_name: dashed_name: server-geo-continent-name description: Name of the continent. @@ -6272,6 +6440,21 @@ server.geo.name: original_fieldset: geo short: User-defined description of a location. type: wildcard +server.geo.postal_code: + dashed_name: server-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: server.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword server.geo.region_iso_code: dashed_name: server-geo-region-iso-code description: Region ISO code. @@ -6296,6 +6479,18 @@ server.geo.region_name: original_fieldset: geo short: Region name. type: keyword +server.geo.timezone: + dashed_name: server-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: server.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword server.ip: dashed_name: server-ip description: IP address of the server (IPv4 or IPv6). @@ -6727,6 +6922,18 @@ source.geo.city_name: original_fieldset: geo short: City name. type: keyword +source.geo.continent_code: + dashed_name: source-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: source.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword source.geo.continent_name: dashed_name: source-geo-continent-name description: Name of the continent. @@ -6791,6 +6998,21 @@ source.geo.name: original_fieldset: geo short: User-defined description of a location. type: wildcard +source.geo.postal_code: + dashed_name: source-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: source.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword source.geo.region_iso_code: dashed_name: source-geo-region-iso-code description: Region ISO code. @@ -6815,6 +7037,18 @@ source.geo.region_name: original_fieldset: geo short: Region name. type: keyword +source.geo.timezone: + dashed_name: source-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: source.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword source.ip: dashed_name: source-ip description: IP address of the source (IPv4 or IPv6). diff --git a/experimental/generated/ecs/ecs_nested.yml b/experimental/generated/ecs/ecs_nested.yml index ef1e3567d2..878d68757c 100644 --- a/experimental/generated/ecs/ecs_nested.yml +++ b/experimental/generated/ecs/ecs_nested.yml @@ -320,6 +320,18 @@ client: original_fieldset: geo short: City name. type: keyword + client.geo.continent_code: + dashed_name: client-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: client.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword client.geo.continent_name: dashed_name: client-geo-continent-name description: Name of the continent. @@ -384,6 +396,21 @@ client: original_fieldset: geo short: User-defined description of a location. type: wildcard + client.geo.postal_code: + dashed_name: client-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: client.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword client.geo.region_iso_code: dashed_name: client-geo-region-iso-code description: Region ISO code. @@ -408,6 +435,18 @@ client: original_fieldset: geo short: Region name. type: keyword + client.geo.timezone: + dashed_name: client-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: client.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword client.ip: dashed_name: client-ip description: IP address of the client (IPv4 or IPv6). @@ -1135,6 +1174,18 @@ destination: original_fieldset: geo short: City name. type: keyword + destination.geo.continent_code: + dashed_name: destination-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: destination.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword destination.geo.continent_name: dashed_name: destination-geo-continent-name description: Name of the continent. @@ -1199,6 +1250,21 @@ destination: original_fieldset: geo short: User-defined description of a location. type: wildcard + destination.geo.postal_code: + dashed_name: destination-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: destination.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword destination.geo.region_iso_code: dashed_name: destination-geo-region-iso-code description: Region ISO code. @@ -1223,6 +1289,18 @@ destination: original_fieldset: geo short: Region name. type: keyword + destination.geo.timezone: + dashed_name: destination-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: destination.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword destination.ip: dashed_name: destination-ip description: IP address of the destination (IPv4 or IPv6). @@ -3711,6 +3789,17 @@ geo: normalize: [] short: City name. type: keyword + geo.continent_code: + dashed_name: geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + short: Continent code. + type: keyword geo.continent_name: dashed_name: geo-continent-name description: Name of the continent. @@ -3770,6 +3859,20 @@ geo: normalize: [] short: User-defined description of a location. type: wildcard + geo.postal_code: + dashed_name: geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + short: Postal code. + type: keyword geo.region_iso_code: dashed_name: geo-region-iso-code description: Region ISO code. @@ -3792,6 +3895,17 @@ geo: normalize: [] short: Region name. type: keyword + geo.timezone: + dashed_name: geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + short: Time zone. + type: keyword group: 2 name: geo prefix: geo. @@ -4026,6 +4140,18 @@ host: original_fieldset: geo short: City name. type: keyword + host.geo.continent_code: + dashed_name: host-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: host.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword host.geo.continent_name: dashed_name: host-geo-continent-name description: Name of the continent. @@ -4090,6 +4216,21 @@ host: original_fieldset: geo short: User-defined description of a location. type: wildcard + host.geo.postal_code: + dashed_name: host-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: host.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword host.geo.region_iso_code: dashed_name: host-geo-region-iso-code description: Region ISO code. @@ -4114,6 +4255,18 @@ host: original_fieldset: geo short: Region name. type: keyword + host.geo.timezone: + dashed_name: host-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: host.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword host.hostname: dashed_name: host-hostname description: 'Hostname of the host. @@ -5280,6 +5433,18 @@ observer: original_fieldset: geo short: City name. type: keyword + observer.geo.continent_code: + dashed_name: observer-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: observer.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword observer.geo.continent_name: dashed_name: observer-geo-continent-name description: Name of the continent. @@ -5344,6 +5509,21 @@ observer: original_fieldset: geo short: User-defined description of a location. type: wildcard + observer.geo.postal_code: + dashed_name: observer-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: observer.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword observer.geo.region_iso_code: dashed_name: observer-geo-region-iso-code description: Region ISO code. @@ -5368,6 +5548,18 @@ observer: original_fieldset: geo short: Region name. type: keyword + observer.geo.timezone: + dashed_name: observer-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: observer.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword observer.hostname: dashed_name: observer-hostname description: Hostname of the observer. @@ -7399,6 +7591,18 @@ server: original_fieldset: geo short: City name. type: keyword + server.geo.continent_code: + dashed_name: server-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: server.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword server.geo.continent_name: dashed_name: server-geo-continent-name description: Name of the continent. @@ -7463,6 +7667,21 @@ server: original_fieldset: geo short: User-defined description of a location. type: wildcard + server.geo.postal_code: + dashed_name: server-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: server.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword server.geo.region_iso_code: dashed_name: server-geo-region-iso-code description: Region ISO code. @@ -7487,6 +7706,18 @@ server: original_fieldset: geo short: Region name. type: keyword + server.geo.timezone: + dashed_name: server-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: server.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword server.ip: dashed_name: server-ip description: IP address of the server (IPv4 or IPv6). @@ -7962,6 +8193,18 @@ source: original_fieldset: geo short: City name. type: keyword + source.geo.continent_code: + dashed_name: source-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: source.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword source.geo.continent_name: dashed_name: source-geo-continent-name description: Name of the continent. @@ -8026,6 +8269,21 @@ source: original_fieldset: geo short: User-defined description of a location. type: wildcard + source.geo.postal_code: + dashed_name: source-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: source.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword source.geo.region_iso_code: dashed_name: source-geo-region-iso-code description: Region ISO code. @@ -8050,6 +8308,18 @@ source: original_fieldset: geo short: Region name. type: keyword + source.geo.timezone: + dashed_name: source-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: source.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword source.ip: dashed_name: source-ip description: IP address of the source (IPv4 or IPv6). diff --git a/experimental/generated/elasticsearch/7/template.json b/experimental/generated/elasticsearch/7/template.json index aebee4c182..451c03c849 100644 --- a/experimental/generated/elasticsearch/7/template.json +++ b/experimental/generated/elasticsearch/7/template.json @@ -91,6 +91,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -109,6 +113,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -116,6 +124,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -362,6 +374,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -380,6 +396,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -387,6 +407,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -1111,6 +1135,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -1129,6 +1157,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -1136,6 +1168,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -1564,6 +1600,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -1582,6 +1622,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -1589,6 +1633,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -2241,6 +2289,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -2259,6 +2311,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -2266,6 +2322,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -2436,6 +2496,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -2454,6 +2518,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -2461,6 +2529,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/experimental/generated/elasticsearch/component/client.json b/experimental/generated/elasticsearch/component/client.json index bb1003070f..df7ef337a3 100644 --- a/experimental/generated/elasticsearch/component/client.json +++ b/experimental/generated/elasticsearch/component/client.json @@ -44,6 +44,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -62,6 +66,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -69,6 +77,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/experimental/generated/elasticsearch/component/destination.json b/experimental/generated/elasticsearch/component/destination.json index be3448e658..cff46d3ea5 100644 --- a/experimental/generated/elasticsearch/component/destination.json +++ b/experimental/generated/elasticsearch/component/destination.json @@ -44,6 +44,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -62,6 +66,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -69,6 +77,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/experimental/generated/elasticsearch/component/host.json b/experimental/generated/elasticsearch/component/host.json index f5645b0920..2d503d0b39 100644 --- a/experimental/generated/elasticsearch/component/host.json +++ b/experimental/generated/elasticsearch/component/host.json @@ -48,6 +48,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -66,6 +70,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -73,6 +81,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/experimental/generated/elasticsearch/component/observer.json b/experimental/generated/elasticsearch/component/observer.json index bc53052962..6a36b4bbaf 100644 --- a/experimental/generated/elasticsearch/component/observer.json +++ b/experimental/generated/elasticsearch/component/observer.json @@ -51,6 +51,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -69,6 +73,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -76,6 +84,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/experimental/generated/elasticsearch/component/server.json b/experimental/generated/elasticsearch/component/server.json index 16cd5781f8..6bb1f55c3c 100644 --- a/experimental/generated/elasticsearch/component/server.json +++ b/experimental/generated/elasticsearch/component/server.json @@ -44,6 +44,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -62,6 +66,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -69,6 +77,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/experimental/generated/elasticsearch/component/source.json b/experimental/generated/elasticsearch/component/source.json index 43edaf2f09..9832312beb 100644 --- a/experimental/generated/elasticsearch/component/source.json +++ b/experimental/generated/elasticsearch/component/source.json @@ -44,6 +44,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -62,6 +66,10 @@ "name": { "type": "wildcard" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -69,6 +77,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/generated/beats/fields.ecs.yml b/generated/beats/fields.ecs.yml index 1c6cea3a9a..66a0122ae4 100644 --- a/generated/beats/fields.ecs.yml +++ b/generated/beats/fields.ecs.yml @@ -209,6 +209,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -244,6 +251,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -256,6 +273,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: ip level: core type: ip @@ -642,6 +666,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -677,6 +708,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -689,6 +730,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: ip level: core type: ip @@ -1983,6 +2031,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: continent_name level: core type: keyword @@ -2018,6 +2073,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: region_iso_code level: core type: keyword @@ -2030,6 +2095,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: group title: Group group: 2 @@ -2128,6 +2200,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -2163,6 +2242,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -2175,6 +2264,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: hostname level: core type: keyword @@ -2868,6 +2964,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -2903,6 +3006,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -2915,6 +3028,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: hostname level: core type: keyword @@ -4152,6 +4272,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -4187,6 +4314,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -4199,6 +4336,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: ip level: core type: ip @@ -4488,6 +4632,13 @@ ignore_above: 1024 description: City name. example: Montreal + - name: geo.continent_code + level: core + type: keyword + ignore_above: 1024 + description: Two-letter code representing continent's name. + example: NA + default_field: false - name: geo.continent_name level: core type: keyword @@ -4523,6 +4674,16 @@ Not typically used in automated geolocation.' example: boston-dc + - name: geo.postal_code + level: core + type: keyword + ignore_above: 1024 + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + default_field: false - name: geo.region_iso_code level: core type: keyword @@ -4535,6 +4696,13 @@ ignore_above: 1024 description: Region name. example: Quebec + - name: geo.timezone + level: core + type: keyword + ignore_above: 1024 + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + default_field: false - name: ip level: core type: ip diff --git a/generated/csv/fields.csv b/generated/csv/fields.csv index a71bdc558e..87ddec0d0d 100644 --- a/generated/csv/fields.csv +++ b/generated/csv/fields.csv @@ -16,13 +16,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev,true,client,client.bytes,long,core,,184,Bytes sent from the client to the server. 1.9.0-dev,true,client,client.domain,keyword,core,,,Client domain. 1.9.0-dev,true,client,client.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev,true,client,client.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev,true,client,client.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev,true,client,client.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev,true,client,client.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev,true,client,client.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev,true,client,client.geo.name,keyword,extended,,boston-dc,User-defined description of a location. +1.9.0-dev,true,client,client.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev,true,client,client.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev,true,client,client.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev,true,client,client.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev,true,client,client.ip,ip,core,,,IP address of the client. 1.9.0-dev,true,client,client.mac,keyword,core,,,MAC address of the client. 1.9.0-dev,true,client,client.nat.ip,ip,extended,,,Client NAT ip address @@ -68,13 +71,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev,true,destination,destination.bytes,long,core,,184,Bytes sent from the destination to the source. 1.9.0-dev,true,destination,destination.domain,keyword,core,,,Destination domain. 1.9.0-dev,true,destination,destination.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev,true,destination,destination.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev,true,destination,destination.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev,true,destination,destination.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev,true,destination,destination.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev,true,destination,destination.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev,true,destination,destination.geo.name,keyword,extended,,boston-dc,User-defined description of a location. +1.9.0-dev,true,destination,destination.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev,true,destination,destination.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev,true,destination,destination.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev,true,destination,destination.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev,true,destination,destination.ip,ip,core,,,IP address of the destination. 1.9.0-dev,true,destination,destination.mac,keyword,core,,,MAC address of the destination. 1.9.0-dev,true,destination,destination.nat.ip,ip,extended,,,Destination NAT ip @@ -235,13 +241,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev,true,host,host.architecture,keyword,core,,x86_64,Operating system architecture. 1.9.0-dev,true,host,host.domain,keyword,extended,,CONTOSO,Name of the directory the group is a member of. 1.9.0-dev,true,host,host.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev,true,host,host.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev,true,host,host.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev,true,host,host.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev,true,host,host.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev,true,host,host.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev,true,host,host.geo.name,keyword,extended,,boston-dc,User-defined description of a location. +1.9.0-dev,true,host,host.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev,true,host,host.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev,true,host,host.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev,true,host,host.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev,true,host,host.hostname,keyword,core,,,Hostname of the host. 1.9.0-dev,true,host,host.id,keyword,core,,,Unique host id. 1.9.0-dev,true,host,host.ip,ip,core,array,,Host ip addresses. @@ -322,13 +331,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev,true,observer,observer.egress.vlan.name,keyword,extended,,outside,Optional VLAN name as reported by the observer. 1.9.0-dev,true,observer,observer.egress.zone,keyword,extended,,Public_Internet,Observer Egress zone 1.9.0-dev,true,observer,observer.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev,true,observer,observer.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev,true,observer,observer.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev,true,observer,observer.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev,true,observer,observer.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev,true,observer,observer.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev,true,observer,observer.geo.name,keyword,extended,,boston-dc,User-defined description of a location. +1.9.0-dev,true,observer,observer.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev,true,observer,observer.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev,true,observer,observer.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev,true,observer,observer.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev,true,observer,observer.hostname,keyword,core,,,Hostname of the observer. 1.9.0-dev,true,observer,observer.ingress,object,extended,,,Object field for ingress information 1.9.0-dev,true,observer,observer.ingress.interface.alias,keyword,extended,,outside,Interface alias @@ -474,13 +486,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev,true,server,server.bytes,long,core,,184,Bytes sent from the server to the client. 1.9.0-dev,true,server,server.domain,keyword,core,,,Server domain. 1.9.0-dev,true,server,server.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev,true,server,server.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev,true,server,server.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev,true,server,server.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev,true,server,server.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev,true,server,server.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev,true,server,server.geo.name,keyword,extended,,boston-dc,User-defined description of a location. +1.9.0-dev,true,server,server.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev,true,server,server.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev,true,server,server.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev,true,server,server.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev,true,server,server.ip,ip,core,,,IP address of the server. 1.9.0-dev,true,server,server.mac,keyword,core,,,MAC address of the server. 1.9.0-dev,true,server,server.nat.ip,ip,extended,,,Server NAT ip @@ -516,13 +531,16 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description 1.9.0-dev,true,source,source.bytes,long,core,,184,Bytes sent from the source to the destination. 1.9.0-dev,true,source,source.domain,keyword,core,,,Source domain. 1.9.0-dev,true,source,source.geo.city_name,keyword,core,,Montreal,City name. +1.9.0-dev,true,source,source.geo.continent_code,keyword,core,,NA,Continent code. 1.9.0-dev,true,source,source.geo.continent_name,keyword,core,,North America,Name of the continent. 1.9.0-dev,true,source,source.geo.country_iso_code,keyword,core,,CA,Country ISO code. 1.9.0-dev,true,source,source.geo.country_name,keyword,core,,Canada,Country name. 1.9.0-dev,true,source,source.geo.location,geo_point,core,,"{ ""lon"": -73.614830, ""lat"": 45.505918 }",Longitude and latitude. 1.9.0-dev,true,source,source.geo.name,keyword,extended,,boston-dc,User-defined description of a location. +1.9.0-dev,true,source,source.geo.postal_code,keyword,core,,94040,Postal code. 1.9.0-dev,true,source,source.geo.region_iso_code,keyword,core,,CA-QC,Region ISO code. 1.9.0-dev,true,source,source.geo.region_name,keyword,core,,Quebec,Region name. +1.9.0-dev,true,source,source.geo.timezone,keyword,core,,America/Argentina/Buenos_Aires,Time zone. 1.9.0-dev,true,source,source.ip,ip,core,,,IP address of the source. 1.9.0-dev,true,source,source.mac,keyword,core,,,MAC address of the source. 1.9.0-dev,true,source,source.nat.ip,ip,extended,,,Source NAT ip diff --git a/generated/ecs/ecs_flat.yml b/generated/ecs/ecs_flat.yml index 1af94d22d3..44aa7b170f 100644 --- a/generated/ecs/ecs_flat.yml +++ b/generated/ecs/ecs_flat.yml @@ -178,6 +178,18 @@ client.geo.city_name: original_fieldset: geo short: City name. type: keyword +client.geo.continent_code: + dashed_name: client-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: client.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword client.geo.continent_name: dashed_name: client-geo-continent-name description: Name of the continent. @@ -243,6 +255,21 @@ client.geo.name: original_fieldset: geo short: User-defined description of a location. type: keyword +client.geo.postal_code: + dashed_name: client-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: client.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword client.geo.region_iso_code: dashed_name: client-geo-region-iso-code description: Region ISO code. @@ -267,6 +294,18 @@ client.geo.region_name: original_fieldset: geo short: Region name. type: keyword +client.geo.timezone: + dashed_name: client-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: client.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword client.ip: dashed_name: client-ip description: IP address of the client (IPv4 or IPv6). @@ -789,6 +828,18 @@ destination.geo.city_name: original_fieldset: geo short: City name. type: keyword +destination.geo.continent_code: + dashed_name: destination-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: destination.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword destination.geo.continent_name: dashed_name: destination-geo-continent-name description: Name of the continent. @@ -854,6 +905,21 @@ destination.geo.name: original_fieldset: geo short: User-defined description of a location. type: keyword +destination.geo.postal_code: + dashed_name: destination-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: destination.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword destination.geo.region_iso_code: dashed_name: destination-geo-region-iso-code description: Region ISO code. @@ -878,6 +944,18 @@ destination.geo.region_name: original_fieldset: geo short: Region name. type: keyword +destination.geo.timezone: + dashed_name: destination-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: destination.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword destination.ip: dashed_name: destination-ip description: IP address of the destination (IPv4 or IPv6). @@ -3274,6 +3352,18 @@ host.geo.city_name: original_fieldset: geo short: City name. type: keyword +host.geo.continent_code: + dashed_name: host-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: host.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword host.geo.continent_name: dashed_name: host-geo-continent-name description: Name of the continent. @@ -3339,6 +3429,21 @@ host.geo.name: original_fieldset: geo short: User-defined description of a location. type: keyword +host.geo.postal_code: + dashed_name: host-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: host.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword host.geo.region_iso_code: dashed_name: host-geo-region-iso-code description: Region ISO code. @@ -3363,6 +3468,18 @@ host.geo.region_name: original_fieldset: geo short: Region name. type: keyword +host.geo.timezone: + dashed_name: host-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: host.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword host.hostname: dashed_name: host-hostname description: 'Hostname of the host. @@ -4382,6 +4499,18 @@ observer.geo.city_name: original_fieldset: geo short: City name. type: keyword +observer.geo.continent_code: + dashed_name: observer-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: observer.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword observer.geo.continent_name: dashed_name: observer-geo-continent-name description: Name of the continent. @@ -4447,6 +4576,21 @@ observer.geo.name: original_fieldset: geo short: User-defined description of a location. type: keyword +observer.geo.postal_code: + dashed_name: observer-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: observer.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword observer.geo.region_iso_code: dashed_name: observer-geo-region-iso-code description: Region ISO code. @@ -4471,6 +4615,18 @@ observer.geo.region_name: original_fieldset: geo short: Region name. type: keyword +observer.geo.timezone: + dashed_name: observer-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: observer.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword observer.hostname: dashed_name: observer-hostname description: Hostname of the observer. @@ -6151,6 +6307,18 @@ server.geo.city_name: original_fieldset: geo short: City name. type: keyword +server.geo.continent_code: + dashed_name: server-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: server.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword server.geo.continent_name: dashed_name: server-geo-continent-name description: Name of the continent. @@ -6216,6 +6384,21 @@ server.geo.name: original_fieldset: geo short: User-defined description of a location. type: keyword +server.geo.postal_code: + dashed_name: server-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: server.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword server.geo.region_iso_code: dashed_name: server-geo-region-iso-code description: Region ISO code. @@ -6240,6 +6423,18 @@ server.geo.region_name: original_fieldset: geo short: Region name. type: keyword +server.geo.timezone: + dashed_name: server-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: server.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword server.ip: dashed_name: server-ip description: IP address of the server (IPv4 or IPv6). @@ -6677,6 +6872,18 @@ source.geo.city_name: original_fieldset: geo short: City name. type: keyword +source.geo.continent_code: + dashed_name: source-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: source.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword source.geo.continent_name: dashed_name: source-geo-continent-name description: Name of the continent. @@ -6742,6 +6949,21 @@ source.geo.name: original_fieldset: geo short: User-defined description of a location. type: keyword +source.geo.postal_code: + dashed_name: source-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: source.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword source.geo.region_iso_code: dashed_name: source-geo-region-iso-code description: Region ISO code. @@ -6766,6 +6988,18 @@ source.geo.region_name: original_fieldset: geo short: Region name. type: keyword +source.geo.timezone: + dashed_name: source-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: source.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword source.ip: dashed_name: source-ip description: IP address of the source (IPv4 or IPv6). diff --git a/generated/ecs/ecs_nested.yml b/generated/ecs/ecs_nested.yml index a3934fd463..d550ec8cc6 100644 --- a/generated/ecs/ecs_nested.yml +++ b/generated/ecs/ecs_nested.yml @@ -324,6 +324,18 @@ client: original_fieldset: geo short: City name. type: keyword + client.geo.continent_code: + dashed_name: client-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: client.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword client.geo.continent_name: dashed_name: client-geo-continent-name description: Name of the continent. @@ -389,6 +401,21 @@ client: original_fieldset: geo short: User-defined description of a location. type: keyword + client.geo.postal_code: + dashed_name: client-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: client.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword client.geo.region_iso_code: dashed_name: client-geo-region-iso-code description: Region ISO code. @@ -413,6 +440,18 @@ client: original_fieldset: geo short: Region name. type: keyword + client.geo.timezone: + dashed_name: client-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: client.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword client.ip: dashed_name: client-ip description: IP address of the client (IPv4 or IPv6). @@ -1077,6 +1116,18 @@ destination: original_fieldset: geo short: City name. type: keyword + destination.geo.continent_code: + dashed_name: destination-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: destination.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword destination.geo.continent_name: dashed_name: destination-geo-continent-name description: Name of the continent. @@ -1142,6 +1193,21 @@ destination: original_fieldset: geo short: User-defined description of a location. type: keyword + destination.geo.postal_code: + dashed_name: destination-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: destination.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword destination.geo.region_iso_code: dashed_name: destination-geo-region-iso-code description: Region ISO code. @@ -1166,6 +1232,18 @@ destination: original_fieldset: geo short: Region name. type: keyword + destination.geo.timezone: + dashed_name: destination-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: destination.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword destination.ip: dashed_name: destination-ip description: IP address of the destination (IPv4 or IPv6). @@ -3671,6 +3749,17 @@ geo: normalize: [] short: City name. type: keyword + geo.continent_code: + dashed_name: geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + short: Continent code. + type: keyword geo.continent_name: dashed_name: geo-continent-name description: Name of the continent. @@ -3731,6 +3820,20 @@ geo: normalize: [] short: User-defined description of a location. type: keyword + geo.postal_code: + dashed_name: geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + short: Postal code. + type: keyword geo.region_iso_code: dashed_name: geo-region-iso-code description: Region ISO code. @@ -3753,6 +3856,17 @@ geo: normalize: [] short: Region name. type: keyword + geo.timezone: + dashed_name: geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + short: Time zone. + type: keyword group: 2 name: geo prefix: geo. @@ -3953,6 +4067,18 @@ host: original_fieldset: geo short: City name. type: keyword + host.geo.continent_code: + dashed_name: host-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: host.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword host.geo.continent_name: dashed_name: host-geo-continent-name description: Name of the continent. @@ -4018,6 +4144,21 @@ host: original_fieldset: geo short: User-defined description of a location. type: keyword + host.geo.postal_code: + dashed_name: host-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: host.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword host.geo.region_iso_code: dashed_name: host-geo-region-iso-code description: Region ISO code. @@ -4042,6 +4183,18 @@ host: original_fieldset: geo short: Region name. type: keyword + host.geo.timezone: + dashed_name: host-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: host.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword host.hostname: dashed_name: host-hostname description: 'Hostname of the host. @@ -5179,6 +5332,18 @@ observer: original_fieldset: geo short: City name. type: keyword + observer.geo.continent_code: + dashed_name: observer-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: observer.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword observer.geo.continent_name: dashed_name: observer-geo-continent-name description: Name of the continent. @@ -5244,6 +5409,21 @@ observer: original_fieldset: geo short: User-defined description of a location. type: keyword + observer.geo.postal_code: + dashed_name: observer-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: observer.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword observer.geo.region_iso_code: dashed_name: observer-geo-region-iso-code description: Region ISO code. @@ -5268,6 +5448,18 @@ observer: original_fieldset: geo short: Region name. type: keyword + observer.geo.timezone: + dashed_name: observer-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: observer.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword observer.hostname: dashed_name: observer-hostname description: Hostname of the observer. @@ -7324,6 +7516,18 @@ server: original_fieldset: geo short: City name. type: keyword + server.geo.continent_code: + dashed_name: server-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: server.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword server.geo.continent_name: dashed_name: server-geo-continent-name description: Name of the continent. @@ -7389,6 +7593,21 @@ server: original_fieldset: geo short: User-defined description of a location. type: keyword + server.geo.postal_code: + dashed_name: server-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: server.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword server.geo.region_iso_code: dashed_name: server-geo-region-iso-code description: Region ISO code. @@ -7413,6 +7632,18 @@ server: original_fieldset: geo short: Region name. type: keyword + server.geo.timezone: + dashed_name: server-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: server.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword server.ip: dashed_name: server-ip description: IP address of the server (IPv4 or IPv6). @@ -7894,6 +8125,18 @@ source: original_fieldset: geo short: City name. type: keyword + source.geo.continent_code: + dashed_name: source-geo-continent-code + description: Two-letter code representing continent's name. + example: NA + flat_name: source.geo.continent_code + ignore_above: 1024 + level: core + name: continent_code + normalize: [] + original_fieldset: geo + short: Continent code. + type: keyword source.geo.continent_name: dashed_name: source-geo-continent-name description: Name of the continent. @@ -7959,6 +8202,21 @@ source: original_fieldset: geo short: User-defined description of a location. type: keyword + source.geo.postal_code: + dashed_name: source-geo-postal-code + description: 'Postal code associated with the location. + + Values appropriate for this field may also be known as a postcode or ZIP code + and will vary widely from country to country.' + example: 94040 + flat_name: source.geo.postal_code + ignore_above: 1024 + level: core + name: postal_code + normalize: [] + original_fieldset: geo + short: Postal code. + type: keyword source.geo.region_iso_code: dashed_name: source-geo-region-iso-code description: Region ISO code. @@ -7983,6 +8241,18 @@ source: original_fieldset: geo short: Region name. type: keyword + source.geo.timezone: + dashed_name: source-geo-timezone + description: The time zone of the location, such as IANA time zone name. + example: America/Argentina/Buenos_Aires + flat_name: source.geo.timezone + ignore_above: 1024 + level: core + name: timezone + normalize: [] + original_fieldset: geo + short: Time zone. + type: keyword source.ip: dashed_name: source-ip description: IP address of the source (IPv4 or IPv6). diff --git a/generated/elasticsearch/6/template.json b/generated/elasticsearch/6/template.json index 5d91ba5198..15708392e3 100644 --- a/generated/elasticsearch/6/template.json +++ b/generated/elasticsearch/6/template.json @@ -95,6 +95,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -114,6 +118,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -121,6 +129,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -360,6 +372,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -379,6 +395,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -386,6 +406,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -1101,6 +1125,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -1120,6 +1148,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -1127,6 +1159,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -1542,6 +1578,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -1561,6 +1601,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -1568,6 +1612,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -2242,6 +2290,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -2261,6 +2313,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -2268,6 +2324,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -2444,6 +2504,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -2463,6 +2527,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -2470,6 +2538,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/generated/elasticsearch/7/template.json b/generated/elasticsearch/7/template.json index 04000cc76a..083546847a 100644 --- a/generated/elasticsearch/7/template.json +++ b/generated/elasticsearch/7/template.json @@ -94,6 +94,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -113,6 +117,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -120,6 +128,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -359,6 +371,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -378,6 +394,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -385,6 +405,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -1100,6 +1124,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -1119,6 +1147,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -1126,6 +1158,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -1541,6 +1577,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -1560,6 +1600,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -1567,6 +1611,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -2241,6 +2289,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -2260,6 +2312,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -2267,6 +2323,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, @@ -2443,6 +2503,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -2462,6 +2526,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -2469,6 +2537,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/generated/elasticsearch/component/client.json b/generated/elasticsearch/component/client.json index 4813913258..59e1c4fac5 100644 --- a/generated/elasticsearch/component/client.json +++ b/generated/elasticsearch/component/client.json @@ -46,6 +46,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -65,6 +69,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -72,6 +80,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/generated/elasticsearch/component/destination.json b/generated/elasticsearch/component/destination.json index c73b493e86..d7babcf058 100644 --- a/generated/elasticsearch/component/destination.json +++ b/generated/elasticsearch/component/destination.json @@ -46,6 +46,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -65,6 +69,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -72,6 +80,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/generated/elasticsearch/component/host.json b/generated/elasticsearch/component/host.json index 3d0b3a8cf8..e371893cf8 100644 --- a/generated/elasticsearch/component/host.json +++ b/generated/elasticsearch/component/host.json @@ -22,6 +22,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -41,6 +45,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -48,6 +56,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/generated/elasticsearch/component/observer.json b/generated/elasticsearch/component/observer.json index 049625241b..d4be55d415 100644 --- a/generated/elasticsearch/component/observer.json +++ b/generated/elasticsearch/component/observer.json @@ -51,6 +51,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -70,6 +74,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -77,6 +85,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/generated/elasticsearch/component/server.json b/generated/elasticsearch/component/server.json index bdd746f660..d824559d6c 100644 --- a/generated/elasticsearch/component/server.json +++ b/generated/elasticsearch/component/server.json @@ -46,6 +46,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -65,6 +69,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -72,6 +80,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/generated/elasticsearch/component/source.json b/generated/elasticsearch/component/source.json index cb236d53f0..d6b6bd2048 100644 --- a/generated/elasticsearch/component/source.json +++ b/generated/elasticsearch/component/source.json @@ -46,6 +46,10 @@ "ignore_above": 1024, "type": "keyword" }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, "continent_name": { "ignore_above": 1024, "type": "keyword" @@ -65,6 +69,10 @@ "ignore_above": 1024, "type": "keyword" }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, "region_iso_code": { "ignore_above": 1024, "type": "keyword" @@ -72,6 +80,10 @@ "region_name": { "ignore_above": 1024, "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" } } }, diff --git a/schemas/geo.yml b/schemas/geo.yml index 347d60829e..fef496097b 100644 --- a/schemas/geo.yml +++ b/schemas/geo.yml @@ -27,6 +27,14 @@ Longitude and latitude. example: '{ "lon": -73.614830, "lat": 45.505918 }' + - name: continent_code + level: core + type: keyword + short: Continent code. + description: > + Two-letter code representing continent's name. + example: NA + - name: continent_name level: core type: keyword @@ -62,6 +70,18 @@ Country ISO code. example: CA + - name: postal_code + level: core + type: keyword + short: Postal code. + description: > + Postal code associated with the location. + + Values appropriate for this field may also be known + as a postcode or ZIP code and will vary widely from + country to country. + example: 94040 + - name: region_iso_code level: core type: keyword @@ -69,6 +89,14 @@ Region ISO code. example: CA-QC + - name: timezone + level: core + type: keyword + short: Time zone. + description: > + The time zone of the location, such as IANA time zone name. + example: "America/Argentina/Buenos_Aires" + - name: name level: extended type: keyword