Add process.pgid field for processes group id (#311)

elastic · May 1, 2019 · 8a2bd9d · 8a2bd9d
1 parent 478fa79
commit 8a2bd9d
Show file tree

Hide file tree

Showing 12 changed files with 73 additions and 13 deletions.
diff --git a/code/go/ecs/process.go b/code/go/ecs/process.go
diff --git a/docs/field-details.asciidoc b/docs/field-details.asciidoc
@@ -2026,6 +2026,17 @@ type: keyword
 
 example: `ssh`
 
+| extended
+
+// ===============================================================
+
+| process.pgid
+| Identifier of the group of processes the process belongs to.
+
+type: long
+
+
+
 | extended
 
 // ===============================================================

diff --git a/generated/beats/fields.ecs.yml b/generated/beats/fields.ecs.yml
@@ -1520,6 +1520,10 @@
 
         Sometimes called program name or similar.'
       example: ssh
+    - name: pgid
+      level: extended
+      type: long
+      description: Identifier of the group of processes the process belongs to.
     - name: pid
       level: core
       type: long

diff --git a/generated/csv/fields.csv b/generated/csv/fields.csv
@@ -194,6 +194,7 @@ os.version,keyword,extended,10.14.1,1.1.0-dev
 process.args,keyword,extended,"['ssh', '-l', 'user', '10.0.0.16']",1.1.0-dev
 process.executable,keyword,extended,/usr/bin/ssh,1.1.0-dev
 process.name,keyword,extended,ssh,1.1.0-dev
+process.pgid,long,extended,,1.1.0-dev
 process.pid,long,core,,1.1.0-dev
 process.ppid,long,extended,,1.1.0-dev
 process.start,date,extended,2016-05-23T08:05:34.853Z,1.1.0-dev

diff --git a/generated/ecs/ecs_flat.yml b/generated/ecs/ecs_flat.yml
@@ -2127,7 +2127,7 @@ process.args:
   ignore_above: 1024
   level: extended
   name: args
-  order: 3
+  order: 4
   short: Array of process arguments.
   type: keyword
 process.executable:
@@ -2137,7 +2137,7 @@ process.executable:
   ignore_above: 1024
   level: extended
   name: executable
-  order: 4
+  order: 5
   short: Absolute path to the process executable.
   type: keyword
 process.name:
@@ -2152,6 +2152,14 @@ process.name:
   order: 1
   short: Process name.
   type: keyword
+process.pgid:
+  description: Identifier of the group of processes the process belongs to.
+  flat_name: process.pgid
+  level: extended
+  name: pgid
+  order: 3
+  short: Identifier of the group of processes the process belongs to.
+  type: long
 process.pid:
   description: Process id.
   exmple: ssh
@@ -2175,7 +2183,7 @@ process.start:
   flat_name: process.start
   level: extended
   name: start
-  order: 7
+  order: 8
   short: The time the process started.
   type: date
 process.thread.id:
@@ -2184,7 +2192,7 @@ process.thread.id:
   flat_name: process.thread.id
   level: extended
   name: thread.id
-  order: 6
+  order: 7
   short: Thread ID.
   type: long
 process.title:
@@ -2196,7 +2204,7 @@ process.title:
   ignore_above: 1024
   level: extended
   name: title
-  order: 5
+  order: 6
   short: Process title.
   type: keyword
 process.working_directory:
@@ -2206,7 +2214,7 @@ process.working_directory:
   ignore_above: 1024
   level: extended
   name: working_directory
-  order: 8
+  order: 9
   short: The working directory of the process.
   type: keyword
 related.ip:

diff --git a/generated/ecs/ecs_nested.yml b/generated/ecs/ecs_nested.yml
@@ -2437,7 +2437,7 @@ process:
       ignore_above: 1024
       level: extended
       name: args
-      order: 3
+      order: 4
       short: Array of process arguments.
       type: keyword
     executable:
@@ -2447,7 +2447,7 @@ process:
       ignore_above: 1024
       level: extended
       name: executable
-      order: 4
+      order: 5
       short: Absolute path to the process executable.
       type: keyword
     name:
@@ -2462,6 +2462,14 @@ process:
       order: 1
       short: Process name.
       type: keyword
+    pgid:
+      description: Identifier of the group of processes the process belongs to.
+      flat_name: process.pgid
+      level: extended
+      name: pgid
+      order: 3
+      short: Identifier of the group of processes the process belongs to.
+      type: long
     pid:
       description: Process id.
       exmple: ssh
@@ -2485,7 +2493,7 @@ process:
       flat_name: process.start
       level: extended
       name: start
-      order: 7
+      order: 8
       short: The time the process started.
       type: date
     thread.id:
@@ -2494,7 +2502,7 @@ process:
       flat_name: process.thread.id
       level: extended
       name: thread.id
-      order: 6
+      order: 7
       short: Thread ID.
       type: long
     title:
@@ -2506,7 +2514,7 @@ process:
       ignore_above: 1024
       level: extended
       name: title
-      order: 5
+      order: 6
       short: Process title.
       type: keyword
     working_directory:
@@ -2516,7 +2524,7 @@ process:
       ignore_above: 1024
       level: extended
       name: working_directory
-      order: 8
+      order: 9
       short: The working directory of the process.
       type: keyword
   group: 2

diff --git a/generated/elasticsearch/6/template.json b/generated/elasticsearch/6/template.json
@@ -918,6 +918,9 @@
               "ignore_above": 1024, 
               "type": "keyword"
             }, 
+            "pgid": {
+              "type": "long"
+            }, 
             "pid": {
               "type": "long"
             }, 

diff --git a/generated/elasticsearch/7/template.json b/generated/elasticsearch/7/template.json
@@ -917,6 +917,9 @@
             "ignore_above": 1024, 
             "type": "keyword"
           }, 
+          "pgid": {
+            "type": "long"
+          }, 
           "pid": {
             "type": "long"
           }, 

diff --git a/generated/legacy/template.json b/generated/legacy/template.json
@@ -614,6 +614,9 @@
               "ignore_above": 1024,
               "type": "keyword"
             },
+            "pgid": {
+              "type": "long"
+            },
             "pid": {
               "type": "long"
             },

diff --git a/schema.json b/schema.json
@@ -1473,6 +1473,16 @@
         "required": false, 
         "type": "keyword"
       }, 
+      "process.pgid": {
+        "description": "Identifier of the group of processes the process belongs to.", 
+        "example": "", 
+        "footnote": "", 
+        "group": 2, 
+        "level": "extended", 
+        "name": "process.pgid", 
+        "required": false, 
+        "type": "long"
+      }, 
       "process.pid": {
         "description": "Process id.", 
         "example": "", 

diff --git a/schemas/process.yml b/schemas/process.yml
@@ -35,6 +35,12 @@
       description: >
         Process parent id.
 
+    - name: pgid
+      level: extended
+      type: long
+      description: >
+        Identifier of the group of processes the process belongs to.
+
     - name: args
       level: extended
       type: keyword

diff --git a/scripts/cmd/gocodegen/gocodegen.go b/scripts/cmd/gocodegen/gocodegen.go
@@ -295,7 +295,7 @@ func goDataType(fieldName, elasticsearchDataType string) string {
 // abbreviations capitalizes common abbreviations.
 func abbreviations(abv string) string {
 	switch strings.ToLower(abv) {
-	case "id", "ppid", "pid", "mac", "ip", "iana", "uid", "ecs":
+	case "id", "ppid", "pid", "pgid", "mac", "ip", "iana", "uid", "ecs":
 		return strings.ToUpper(abv)
 	default:
 		return abv