forked from elastic/ecs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathservice.yml
87 lines (70 loc) · 2.7 KB
/
service.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
---
- name: service
title: Service
group: 2
short: Fields describing the service for or from which the data was collected.
description: >
The service fields describe the service for or from which the data was collected.
These fields help you find and correlate logs for a specific
service and version.
type: group
fields:
- name: id
level: core
type: keyword
short: Unique identifier of the running service.
description: >
Unique identifier of the running service.
This id should uniquely identify this service. This makes it possible
to correlate logs and metrics for one specific service.
Example: If you are experiencing issues with one redis instance, you
can filter on that id to see metrics and logs for that single instance.
example: d37e5ebfe0ae6c4972dbe9f0174a1637bb8247f6
- name: name
level: core
type: keyword
example: "elasticsearch-metrics"
short: Name of the service.
description: >
Name of the service data is collected from.
The name of the service is normally user given. This allows if two
instances of the same service are running on the same machine
they can be differentiated by the `service.name`.
Also it allows for distributed services that run on multiple hosts to
correlate the related instances based on the name.
In the case of Elasticsearch the service.name could contain the cluster
name. For Beats the service.name is by default a copy of the `service.type`
field if no name is specified.
- name: type
level: core
type: keyword
example: "elasticsearch"
short: The type of the service.
description: >
The type of the service data is collected from.
The type can be used to group and correlate logs and metrics from one
service type.
Example: If logs or metrics are collected from Elasticsearch, `service.type` would be
`elasticsearch`.
- name: state
level: core
type: keyword
description: >
Current state of the service.
- name: version
level: core
type: keyword
example: "3.2.4"
short: Version of the service.
description: >
Version of the service the data was collected from.
This allows to look at a data set only for a specific version of a
service.
- name: ephemeral_id
level: extended
type: keyword
short: Ephemeral identifier of this service.
description: >
Ephemeral identifier of this service (if one exists).
This id normally changes across restarts, but `service.id` does not.
example: 8a4f500f