github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/packages/kbn-ecs/generated/base.ts
Ying Mao 11c0bacdab
Revert "[Security Solution] Update ecs package to latest ecs definiti… (#168864) 
Reverts https://github.com/elastic/kibana/pull/168553

Seeing these errors when updating existing alerts as data mappings

```
[2023-10-13T11:06:44.254-04:00][ERROR][plugins.alerting] ResponseError: illegal_argument_exception
	Root causes:
		illegal_argument_exception: can't merge a non-nested mapping [faas.trigger] with a nested mapping
    at KibanaTransport.request (/Users/ying/Code/kibana_prs/node_modules/@elastic/transport/src/Transport.ts:535:17)
    at processTicksAndRejections (node:internal/process/task_queues:95:5)
```

Needs further investigation as ECS mappings should be backwards
compatible
2023-10-13 09:30:34 -07:00

36 lines
1.5 KiB
TypeScript
Raw Blame History

/*
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
* or more contributor license agreements. Licensed under the Elastic License
* 2.0 and the Server Side Public License, v 1; you may not use this file except
* in compliance with, at your election, the Elastic License 2.0 or the Server
* Side Public License, v 1.
*/
/**
* The `base` field set contains all fields which are at the root of the events. These fields are common across all types of events.
*/
export interface EcsBase {
/**
* Date/time when the event originated.
* This is the date/time extracted from the event, typically representing when the event was generated by the source.
* If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline.
* Required field for all events.
*/
'@timestamp': string;
/**
* Custom key/value pairs.
* Can be used to add meta information to events. Should not contain nested objects. All values are stored as keyword.
* Example: `docker` and `k8s` labels.
*/
labels?: Record<string, unknown>;
/**
* For log events the message field contains the log message, optimized for viewing in a log viewer.
* For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event.
* If multiple messages exist, they can be combined into one message.
*/
message?: string;
/**
* List of keywords used to tag each event.
*/
tags?: string[];
}
Reference in a new issue View git blame Copy permalink