align artifacts with master

elastic · Jun 28, 2021 · 291b471 · 291b471
1 parent fe01a49
commit 291b471
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 6 deletions.
diff --git a/generated/beats/fields.ecs.yml b/generated/beats/fields.ecs.yml
@@ -6046,11 +6046,13 @@
       level: core
       type: keyword
       ignore_above: 1024
-      description: 'Raw text message of entire event. Used to demonstrate log integrity.
+      description: 'Raw text message of entire event. Used to demonstrate log integrity  or
+        where the full log message (before splitting it up in multiple  parts) may
+        be required, e.g. for reindex.
 
         This field is not indexed and doc_values are disabled. It cannot be searched,
         but it can be retrieved from `_source`. If users wish to override this and
-        index this field, consider using the wildcard data type.'
+        index this field, please see `Field data types` in the `Elasticsearch Reference`.'
       example: Sep 19 08:26:10 host CEF:0&#124;Security&#124; threatmanager&#124;1.0&#124;100&#124;
         worm successfully stopped&#124;10&#124;src=10.0.0.1 dst=2.1.2.2spt=1232
       index: false

diff --git a/generated/ecs/ecs_flat.yml b/generated/ecs/ecs_flat.yml
@@ -9031,11 +9031,13 @@ threat.enrichments.event.module:
   type: keyword
 threat.enrichments.event.original:
   dashed_name: threat-enrichments-event-original
-  description: 'Raw text message of entire event. Used to demonstrate log integrity.
+  description: 'Raw text message of entire event. Used to demonstrate log integrity  or
+    where the full log message (before splitting it up in multiple  parts) may be
+    required, e.g. for reindex.
 
     This field is not indexed and doc_values are disabled. It cannot be searched,
     but it can be retrieved from `_source`. If users wish to override this and index
-    this field, consider using the wildcard data type.'
+    this field, please see `Field data types` in the `Elasticsearch Reference`.'
   doc_values: false
   example: Sep 19 08:26:10 host CEF:0&#124;Security&#124; threatmanager&#124;1.0&#124;100&#124;
     worm successfully stopped&#124;10&#124;src=10.0.0.1 dst=2.1.2.2spt=1232

diff --git a/generated/ecs/ecs_nested.yml b/generated/ecs/ecs_nested.yml
@@ -10716,11 +10716,13 @@ threat:
       type: keyword
     threat.enrichments.event.original:
       dashed_name: threat-enrichments-event-original
-      description: 'Raw text message of entire event. Used to demonstrate log integrity.
+      description: 'Raw text message of entire event. Used to demonstrate log integrity  or
+        where the full log message (before splitting it up in multiple  parts) may
+        be required, e.g. for reindex.
 
         This field is not indexed and doc_values are disabled. It cannot be searched,
         but it can be retrieved from `_source`. If users wish to override this and
-        index this field, consider using the wildcard data type.'
+        index this field, please see `Field data types` in the `Elasticsearch Reference`.'
       doc_values: false
       example: Sep 19 08:26:10 host CEF:0&#124;Security&#124; threatmanager&#124;1.0&#124;100&#124;
         worm successfully stopped&#124;10&#124;src=10.0.0.1 dst=2.1.2.2spt=1232