diff --git a/CHANGELOG.next.md b/CHANGELOG.next.md index 8390424769..a538360143 100644 --- a/CHANGELOG.next.md +++ b/CHANGELOG.next.md @@ -11,6 +11,7 @@ It generates schema.csv, Elasticsearch 6 and 7 templates, and field documentation for the main website. #336 * Generator for the Beats fields.ecs.yml file. #379 +* Added field formats to all `.bytes` fields and `event.duration`. #385 ### Improvements diff --git a/fields.yml b/fields.yml index 917035411c..1fb2711b83 100644 --- a/fields.yml +++ b/fields.yml @@ -192,6 +192,7 @@ # Metrics - name: bytes + format: bytes level: core type: long example: 184 @@ -377,6 +378,7 @@ # Metrics - name: bytes + format: bytes level: core type: long example: 184 @@ -585,6 +587,8 @@ - name: duration level: core type: long + format: duration + input_format: nanoseconds short: Duration of the event in nanoseconds. description: > Duration of the event in nanoseconds. @@ -985,6 +989,7 @@ - name: request.bytes level: extended type: long + format: bytes description: > Total size in bytes of the request (body and headers). example: 1437 @@ -992,6 +997,7 @@ - name: request.body.bytes level: extended type: long + format: bytes description: > Size in bytes of the request body. example: 887 @@ -999,6 +1005,7 @@ - name: response.bytes level: extended type: long + format: bytes description: > Total size in bytes of the response (body and headers). example: 1437 @@ -1006,11 +1013,11 @@ - name: response.body.bytes level: extended type: long + format: bytes description: > Size in bytes of the response body. example: 887 - - name: log title: Log description: > @@ -1169,6 +1176,7 @@ - name: bytes level: core type: long + format: bytes short: Total bytes transferred in both directions. description: > Total bytes transferred in both directions. @@ -1477,6 +1485,7 @@ # Metrics - name: bytes + format: bytes level: core type: long example: 184 @@ -1629,6 +1638,7 @@ # Metrics - name: bytes + format: bytes level: core type: long example: 184 diff --git a/generated/beats/fields.ecs.yml b/generated/beats/fields.ecs.yml index 85ddeb6bf8..ed33bb8e6d 100644 --- a/generated/beats/fields.ecs.yml +++ b/generated/beats/fields.ecs.yml @@ -143,6 +143,7 @@ - name: bytes level: core type: long + format: bytes description: Bytes sent from the client to the server. example: 184 - name: domain @@ -382,6 +383,7 @@ - name: bytes level: core type: long + format: bytes description: Bytes sent from the destination to the source. example: 184 - name: domain @@ -609,6 +611,8 @@ - name: duration level: core type: long + format: duration + input_format: nanoseconds description: 'Duration of the event in nanoseconds. If event.start and event.end are known this value should be the difference @@ -1075,6 +1079,7 @@ - name: request.body.bytes level: extended type: long + format: bytes description: Size in bytes of the request body. example: 887 - name: request.body.content @@ -1086,6 +1091,7 @@ - name: request.bytes level: extended type: long + format: bytes description: Total size in bytes of the request (body and headers). example: 1437 - name: request.method @@ -1106,6 +1112,7 @@ - name: response.body.bytes level: extended type: long + format: bytes description: Size in bytes of the response body. example: 887 - name: response.body.content @@ -1117,6 +1124,7 @@ - name: response.bytes level: extended type: long + format: bytes description: Total size in bytes of the response (body and headers). example: 1437 - name: response.status_code @@ -1185,6 +1193,7 @@ - name: bytes level: core type: long + format: bytes description: 'Total bytes transferred in both directions. If `source.bytes` and `destination.bytes` are known, `network.bytes` is their @@ -1594,6 +1603,7 @@ - name: bytes level: core type: long + format: bytes description: Bytes sent from the server to the client. example: 184 - name: domain @@ -1807,6 +1817,7 @@ - name: bytes level: core type: long + format: bytes description: Bytes sent from the source to the destination. example: 184 - name: domain diff --git a/generated/ecs/fields_flat.yml b/generated/ecs/fields_flat.yml index 905d06d9a5..969104561f 100644 --- a/generated/ecs/fields_flat.yml +++ b/generated/ecs/fields_flat.yml @@ -91,6 +91,7 @@ client.bytes: description: Bytes sent from the client to the server. example: 184 flat_name: client.bytes + format: bytes level: core name: bytes short: Bytes sent from the client to the server. @@ -421,6 +422,7 @@ destination.bytes: description: Bytes sent from the destination to the source. example: 184 flat_name: destination.bytes + format: bytes level: core name: bytes short: Bytes sent from the destination to the source. @@ -722,6 +724,8 @@ event.duration: If event.start and event.end are known this value should be the difference between the end and start time.' flat_name: event.duration + format: duration + input_format: nanoseconds level: core name: duration short: Duration of the event in nanoseconds. @@ -1365,6 +1369,7 @@ http.request.body.bytes: description: Size in bytes of the request body. example: 887 flat_name: http.request.body.bytes + format: bytes level: extended name: request.body.bytes short: Size in bytes of the request body. @@ -1382,6 +1387,7 @@ http.request.bytes: description: Total size in bytes of the request (body and headers). example: 1437 flat_name: http.request.bytes + format: bytes level: extended name: request.bytes short: Total size in bytes of the request (body and headers). @@ -1411,6 +1417,7 @@ http.response.body.bytes: description: Size in bytes of the response body. example: 887 flat_name: http.response.body.bytes + format: bytes level: extended name: response.body.bytes short: Size in bytes of the response body. @@ -1428,6 +1435,7 @@ http.response.bytes: description: Total size in bytes of the response (body and headers). example: 1437 flat_name: http.response.bytes + format: bytes level: extended name: response.bytes short: Total size in bytes of the response (body and headers). @@ -1533,6 +1541,7 @@ network.bytes: sum.' example: 368 flat_name: network.bytes + format: bytes level: core name: bytes short: Total bytes transferred in both directions. @@ -2024,6 +2033,7 @@ server.bytes: description: Bytes sent from the server to the client. example: 184 flat_name: server.bytes + format: bytes level: core name: bytes short: Bytes sent from the server to the client. @@ -2319,6 +2329,7 @@ source.bytes: description: Bytes sent from the source to the destination. example: 184 flat_name: source.bytes + format: bytes level: core name: bytes short: Bytes sent from the source to the destination. diff --git a/generated/ecs/fields_nested.yml b/generated/ecs/fields_nested.yml index 92331173d5..39ef1172ae 100644 --- a/generated/ecs/fields_nested.yml +++ b/generated/ecs/fields_nested.yml @@ -178,6 +178,7 @@ client: description: Bytes sent from the client to the server. example: 184 flat_name: client.bytes + format: bytes level: core name: bytes short: Bytes sent from the client to the server. @@ -546,6 +547,7 @@ destination: description: Bytes sent from the destination to the source. example: 184 flat_name: destination.bytes + format: bytes level: core name: bytes short: Bytes sent from the destination to the source. @@ -886,6 +888,8 @@ event: If event.start and event.end are known this value should be the difference between the end and start time.' flat_name: event.duration + format: duration + input_format: nanoseconds level: core name: duration short: Duration of the event in nanoseconds. @@ -1605,6 +1609,7 @@ http: description: Size in bytes of the request body. example: 887 flat_name: http.request.body.bytes + format: bytes level: extended name: request.body.bytes short: Size in bytes of the request body. @@ -1622,6 +1627,7 @@ http: description: Total size in bytes of the request (body and headers). example: 1437 flat_name: http.request.bytes + format: bytes level: extended name: request.bytes short: Total size in bytes of the request (body and headers). @@ -1651,6 +1657,7 @@ http: description: Size in bytes of the response body. example: 887 flat_name: http.response.body.bytes + format: bytes level: extended name: response.body.bytes short: Size in bytes of the response body. @@ -1668,6 +1675,7 @@ http: description: Total size in bytes of the response (body and headers). example: 1437 flat_name: http.response.bytes + format: bytes level: extended name: response.bytes short: Total size in bytes of the response (body and headers). @@ -1764,6 +1772,7 @@ network: sum.' example: 368 flat_name: network.bytes + format: bytes level: core name: bytes short: Total bytes transferred in both directions. @@ -2359,6 +2368,7 @@ server: description: Bytes sent from the server to the client. example: 184 flat_name: server.bytes + format: bytes level: core name: bytes short: Bytes sent from the server to the client. @@ -2677,6 +2687,7 @@ source: description: Bytes sent from the source to the destination. example: 184 flat_name: source.bytes + format: bytes level: core name: bytes short: Bytes sent from the source to the destination. diff --git a/schemas/client.yml b/schemas/client.yml index aa67fcca55..986bd3222b 100644 --- a/schemas/client.yml +++ b/schemas/client.yml @@ -53,6 +53,7 @@ # Metrics - name: bytes + format: bytes level: core type: long example: 184 diff --git a/schemas/destination.yml b/schemas/destination.yml index 1aa1ccd998..15d360b961 100644 --- a/schemas/destination.yml +++ b/schemas/destination.yml @@ -51,6 +51,7 @@ # Metrics - name: bytes + format: bytes level: core type: long example: 184 diff --git a/schemas/event.yml b/schemas/event.yml index 42e113017f..aae5a38393 100644 --- a/schemas/event.yml +++ b/schemas/event.yml @@ -143,6 +143,8 @@ - name: duration level: core type: long + format: duration + input_format: nanoseconds short: Duration of the event in nanoseconds. description: > Duration of the event in nanoseconds. diff --git a/schemas/http.yml b/schemas/http.yml index 5ab1785874..ca8ae05f51 100644 --- a/schemas/http.yml +++ b/schemas/http.yml @@ -58,6 +58,7 @@ - name: request.bytes level: extended type: long + format: bytes description: > Total size in bytes of the request (body and headers). example: 1437 @@ -65,6 +66,7 @@ - name: request.body.bytes level: extended type: long + format: bytes description: > Size in bytes of the request body. example: 887 @@ -72,6 +74,7 @@ - name: response.bytes level: extended type: long + format: bytes description: > Total size in bytes of the response (body and headers). example: 1437 @@ -79,7 +82,7 @@ - name: response.body.bytes level: extended type: long + format: bytes description: > Size in bytes of the response body. example: 887 - diff --git a/schemas/network.yml b/schemas/network.yml index 8a76af5915..2edcfd1746 100644 --- a/schemas/network.yml +++ b/schemas/network.yml @@ -121,6 +121,7 @@ - name: bytes level: core type: long + format: bytes short: Total bytes transferred in both directions. description: > Total bytes transferred in both directions. diff --git a/schemas/server.yml b/schemas/server.yml index 4eba3dc3a3..dc69adbd26 100644 --- a/schemas/server.yml +++ b/schemas/server.yml @@ -53,6 +53,7 @@ # Metrics - name: bytes + format: bytes level: core type: long example: 184 diff --git a/schemas/source.yml b/schemas/source.yml index 844e6619a9..77c9e9014d 100644 --- a/schemas/source.yml +++ b/schemas/source.yml @@ -51,6 +51,7 @@ # Metrics - name: bytes + format: bytes level: core type: long example: 184 diff --git a/scripts/generators/beats.py b/scripts/generators/beats.py index 0c4a14fcb5..aaa5959ecb 100644 --- a/scripts/generators/beats.py +++ b/scripts/generators/beats.py @@ -28,7 +28,7 @@ def generate(ecs_nested, ecs_version): def fieldset_field_array(source_fields): allowed_keys = ['name', 'level', 'required', 'type', 'object_type', - 'ignore_above', 'multi_fields', 'format', + 'ignore_above', 'multi_fields', 'format', 'input_format', 'description', 'example'] fields = [] for nested_field_name in source_fields: