manually remove the required property from fields

but build tools will likely replace these until fixed

Author: pzl

package/endpoint/data_stream/action_responses/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -155,10 +154,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
+      description: 'ECS version this event conforms to.
 
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0

package/endpoint/data_stream/actions/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -161,10 +160,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
+      description: 'ECS version this event conforms to.
 
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0

package/endpoint/data_stream/alerts/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -3241,10 +3240,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
+      description: 'ECS version this event conforms to.
 
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0

package/endpoint/data_stream/api/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -88,10 +87,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
+      description: 'ECS version this event conforms to.
 
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0

package/endpoint/data_stream/collection/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -45,10 +44,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
+      description: 'ECS version this event conforms to.
 
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0

package/endpoint/data_stream/file/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -251,11 +250,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
-
+      description: 'ECS version this event conforms to.
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0
 - name: event

package/endpoint/data_stream/heartbeat/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 

package/endpoint/data_stream/library/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -454,10 +453,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
+      description: 'ECS version this event conforms to.
 
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0

package/endpoint/data_stream/metadata/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -153,10 +152,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
+      description: 'ECS version this event conforms to.
 
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0

package/endpoint/data_stream/metrics/fields/fields.yml

@@ -1,6 +1,5 @@
 - name: '@timestamp'
   level: core
-  required: true
   type: date
   description: 'Date/time when the event originated.
 
@@ -755,10 +754,9 @@
   fields:
     - name: version
       level: core
-      required: true
       type: keyword
       ignore_above: 1024
-      description: 'ECS version this event conforms to. `ecs.version` is a required field and must exist in all events.
+      description: 'ECS version this event conforms to.
 
         When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events.'
       example: 1.0.0