diff --git a/CHANGELOG.next.md b/CHANGELOG.next.md
index 31b18ae84f..3e8169f97b 100644
--- a/CHANGELOG.next.md
+++ b/CHANGELOG.next.md
@@ -15,7 +15,7 @@ Thanks, you're awesome :-) -->
 #### Bugfixes
 
 #### Added
-* Added `container.security_context.privileged` to indicated whether a container was started in privileged mode. #2219, #2225
+* Added `container.security_context.privileged` to indicated whether a container was started in privileged mode. #2219, #2225, #2246
 * Added `process.thread.capabilities.permitted` to contain the current thread's possible capabilities. #2245
 * Added `process.thread.capabilities.effective` to contain the current thread's effective capabilities. #2245
 
diff --git a/docs/fields/field-details.asciidoc b/docs/fields/field-details.asciidoc
index e86e2f1582..b5d67924ff 100644
--- a/docs/fields/field-details.asciidoc
+++ b/docs/fields/field-details.asciidoc
@@ -1239,7 +1239,7 @@ example: `docker`
 
 a| Indicates whether the container is running in privileged mode.
 
-type: bool
+type: boolean
 
 
 
diff --git a/experimental/generated/beats/fields.ecs.yml b/experimental/generated/beats/fields.ecs.yml
index 79fc1fae3d..82f87a1b06 100644
--- a/experimental/generated/beats/fields.ecs.yml
+++ b/experimental/generated/beats/fields.ecs.yml
@@ -952,7 +952,7 @@
       example: docker
     - name: security_context.privileged
       level: extended
-      type: bool
+      type: boolean
       description: Indicates whether the container is running in privileged mode.
       default_field: false
   - name: data_stream
diff --git a/experimental/generated/csv/fields.csv b/experimental/generated/csv/fields.csv
index ca3343bc7c..094c5cef8b 100644
--- a/experimental/generated/csv/fields.csv
+++ b/experimental/generated/csv/fields.csv
@@ -100,7 +100,7 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description
 8.10.0-dev+exp,true,container,container.network.egress.bytes,long,extended,,,The number of bytes sent on all network interfaces.
 8.10.0-dev+exp,true,container,container.network.ingress.bytes,long,extended,,,The number of bytes received on all network interfaces.
 8.10.0-dev+exp,true,container,container.runtime,keyword,extended,,docker,Runtime managing this container.
-8.10.0-dev+exp,true,container,container.security_context.privileged,bool,extended,,,Indicates whether the container is running in privileged mode.
+8.10.0-dev+exp,true,container,container.security_context.privileged,boolean,extended,,,Indicates whether the container is running in privileged mode.
 8.10.0-dev+exp,true,data_stream,data_stream.dataset,constant_keyword,extended,,nginx.access,The field can contain anything that makes sense to signify the source of the data.
 8.10.0-dev+exp,true,data_stream,data_stream.namespace,constant_keyword,extended,,production,A user defined namespace. Namespaces are useful to allow grouping of data.
 8.10.0-dev+exp,true,data_stream,data_stream.type,constant_keyword,extended,,logs,An overarching type for the data stream.
diff --git a/experimental/generated/ecs/ecs_flat.yml b/experimental/generated/ecs/ecs_flat.yml
index 600e15123d..151c000712 100644
--- a/experimental/generated/ecs/ecs_flat.yml
+++ b/experimental/generated/ecs/ecs_flat.yml
@@ -1202,7 +1202,7 @@ container.security_context.privileged:
   name: security_context.privileged
   normalize: []
   short: Indicates whether the container is running in privileged mode.
-  type: bool
+  type: boolean
 data_stream.dataset:
   dashed_name: data-stream-dataset
   description: "The field can contain anything that makes sense to signify the source\
diff --git a/experimental/generated/ecs/ecs_nested.yml b/experimental/generated/ecs/ecs_nested.yml
index 22a415ce4f..326f4a15e3 100644
--- a/experimental/generated/ecs/ecs_nested.yml
+++ b/experimental/generated/ecs/ecs_nested.yml
@@ -1581,7 +1581,7 @@ container:
       name: security_context.privileged
       normalize: []
       short: Indicates whether the container is running in privileged mode.
-      type: bool
+      type: boolean
   group: 2
   name: container
   prefix: container.
diff --git a/experimental/generated/elasticsearch/composable/component/container.json b/experimental/generated/elasticsearch/composable/component/container.json
index d4c1071e52..40af94f16f 100644
--- a/experimental/generated/elasticsearch/composable/component/container.json
+++ b/experimental/generated/elasticsearch/composable/component/container.json
@@ -98,7 +98,7 @@
             "security_context": {
               "properties": {
                 "privileged": {
-                  "type": "bool"
+                  "type": "boolean"
                 }
               }
             }
diff --git a/experimental/generated/elasticsearch/legacy/template.json b/experimental/generated/elasticsearch/legacy/template.json
index c205a87886..08f0f8df9b 100644
--- a/experimental/generated/elasticsearch/legacy/template.json
+++ b/experimental/generated/elasticsearch/legacy/template.json
@@ -567,7 +567,7 @@
           "security_context": {
             "properties": {
               "privileged": {
-                "type": "bool"
+                "type": "boolean"
               }
             }
           }
diff --git a/generated/beats/fields.ecs.yml b/generated/beats/fields.ecs.yml
index 377b2cae5b..99c2b5d1d9 100644
--- a/generated/beats/fields.ecs.yml
+++ b/generated/beats/fields.ecs.yml
@@ -902,7 +902,7 @@
       example: docker
     - name: security_context.privileged
       level: extended
-      type: bool
+      type: boolean
       description: Indicates whether the container is running in privileged mode.
       default_field: false
   - name: data_stream
diff --git a/generated/csv/fields.csv b/generated/csv/fields.csv
index ae87c2044a..3a3d9cd30e 100644
--- a/generated/csv/fields.csv
+++ b/generated/csv/fields.csv
@@ -93,7 +93,7 @@ ECS_Version,Indexed,Field_Set,Field,Type,Level,Normalization,Example,Description
 8.10.0-dev,true,container,container.network.egress.bytes,long,extended,,,The number of bytes sent on all network interfaces.
 8.10.0-dev,true,container,container.network.ingress.bytes,long,extended,,,The number of bytes received on all network interfaces.
 8.10.0-dev,true,container,container.runtime,keyword,extended,,docker,Runtime managing this container.
-8.10.0-dev,true,container,container.security_context.privileged,bool,extended,,,Indicates whether the container is running in privileged mode.
+8.10.0-dev,true,container,container.security_context.privileged,boolean,extended,,,Indicates whether the container is running in privileged mode.
 8.10.0-dev,true,data_stream,data_stream.dataset,constant_keyword,extended,,nginx.access,The field can contain anything that makes sense to signify the source of the data.
 8.10.0-dev,true,data_stream,data_stream.namespace,constant_keyword,extended,,production,A user defined namespace. Namespaces are useful to allow grouping of data.
 8.10.0-dev,true,data_stream,data_stream.type,constant_keyword,extended,,logs,An overarching type for the data stream.
diff --git a/generated/ecs/ecs_flat.yml b/generated/ecs/ecs_flat.yml
index a0379a21b6..d38886a565 100644
--- a/generated/ecs/ecs_flat.yml
+++ b/generated/ecs/ecs_flat.yml
@@ -1133,7 +1133,7 @@ container.security_context.privileged:
   name: security_context.privileged
   normalize: []
   short: Indicates whether the container is running in privileged mode.
-  type: bool
+  type: boolean
 data_stream.dataset:
   dashed_name: data-stream-dataset
   description: "The field can contain anything that makes sense to signify the source\
diff --git a/generated/ecs/ecs_nested.yml b/generated/ecs/ecs_nested.yml
index 4f8291e4a5..d8affec2da 100644
--- a/generated/ecs/ecs_nested.yml
+++ b/generated/ecs/ecs_nested.yml
@@ -1501,7 +1501,7 @@ container:
       name: security_context.privileged
       normalize: []
       short: Indicates whether the container is running in privileged mode.
-      type: bool
+      type: boolean
   group: 2
   name: container
   prefix: container.
diff --git a/generated/elasticsearch/composable/component/container.json b/generated/elasticsearch/composable/component/container.json
index 8f479ed72c..82d44f4ffb 100644
--- a/generated/elasticsearch/composable/component/container.json
+++ b/generated/elasticsearch/composable/component/container.json
@@ -98,7 +98,7 @@
             "security_context": {
               "properties": {
                 "privileged": {
-                  "type": "bool"
+                  "type": "boolean"
                 }
               }
             }
diff --git a/generated/elasticsearch/legacy/template.json b/generated/elasticsearch/legacy/template.json
index 203e7b89dd..73833069e8 100644
--- a/generated/elasticsearch/legacy/template.json
+++ b/generated/elasticsearch/legacy/template.json
@@ -525,7 +525,7 @@
           "security_context": {
             "properties": {
               "privileged": {
-                "type": "bool"
+                "type": "boolean"
               }
             }
           }
diff --git a/schemas/container.yml b/schemas/container.yml
index 329a4e627d..7cdbdac8f4 100644
--- a/schemas/container.yml
+++ b/schemas/container.yml
@@ -122,7 +122,7 @@
         container since the last metric collection.
 
     - name: security_context.privileged
-      type: bool
+      type: boolean
       level: extended
       short: Indicates whether the container is running in privileged mode.
       description: >