Add additional host fields (#1248)

elastic · Feb 16, 2021 · caeda38 · caeda38
1 parent a7f3f12
commit caeda38
Show file tree

Hide file tree

Showing 15 changed files with 624 additions and 64 deletions.
diff --git a/CHANGELOG.next.md b/CHANGELOG.next.md
@@ -20,6 +20,7 @@ Thanks, you're awesome :-) -->
 * Added `http.request.id`. #1208
 * Added `cloud.service.name`. #1204
 * Added `hash.ssdeep`. #1169
+* Added additional host fields. #1248
 * Added `geo.timezone`, `geo.postal_code`, and `geo.continent_code`. #1229
 
 #### Improvements

diff --git a/code/go/ecs/host.go b/code/go/ecs/host.go
diff --git a/docs/field-details.asciidoc b/docs/field-details.asciidoc
@@ -3188,6 +3188,64 @@ example: `x86_64`
 
 // ===============================================================
 
+|
+[[field-host-cpu-usage]]
+<<field-host-cpu-usage, host.cpu.usage>>
+
+| beta:[ This field is currently considered beta. ]
+
+Percent CPU used which is normalized by the number of CPU cores and it ranges from 0 to 1.
+
+Scaling factor: 1000.
+
+For example: For a two core host, this value should be the average of the two cores, between 0 and 1.
+
+type: scaled_float
+
+
+
+
+
+| extended
+
+// ===============================================================
+
+|
+[[field-host-disk-read-bytes]]
+<<field-host-disk-read-bytes, host.disk.read.bytes>>
+
+| beta:[ This field is currently considered beta. ]
+
+The total number of bytes (gauge) read successfully (aggregated from all disks) since the last metric collection.
+
+type: long
+
+
+
+
+
+| extended
+
+// ===============================================================
+
+|
+[[field-host-disk-write-bytes]]
+<<field-host-disk-write-bytes, host.disk.write.bytes>>
+
+| beta:[ This field is currently considered beta. ]
+
+The total number of bytes (gauge) written successfully (aggregated from all disks) since the last metric collection.
+
+type: long
+
+
+
+
+
+| extended
+
+// ===============================================================
+
 |
 [[field-host-domain]]
 <<field-host-domain, host.domain>>
@@ -3302,6 +3360,78 @@ type: keyword
 
 // ===============================================================
 
+|
+[[field-host-network-egress-bytes]]
+<<field-host-network-egress-bytes, host.network.egress.bytes>>
+
+| beta:[ This field is currently considered beta. ]
+
+The number of bytes (gauge) sent out on all network interfaces by the host since the last metric collection.
+
+type: long
+
+
+
+
+
+| extended
+
+// ===============================================================
+
+|
+[[field-host-network-egress-packets]]
+<<field-host-network-egress-packets, host.network.egress.packets>>
+
+| beta:[ This field is currently considered beta. ]
+
+The number of packets (gauge) sent out on all network interfaces by the host since the last metric collection.
+
+type: long
+
+
+
+
+
+| extended
+
+// ===============================================================
+
+|
+[[field-host-network-ingress-bytes]]
+<<field-host-network-ingress-bytes, host.network.ingress.bytes>>
+
+| beta:[ This field is currently considered beta. ]
+
+The number of bytes received (gauge) on all network interfaces by the host since the last metric collection.
+
+type: long
+
+
+
+
+
+| extended
+
+// ===============================================================
+
+|
+[[field-host-network-ingress-packets]]
+<<field-host-network-ingress-packets, host.network.ingress.packets>>
+
+| beta:[ This field is currently considered beta. ]
+
+The number of packets (gauge) received on all network interfaces by the host since the last metric collection.
+
+type: long
+
+
+
+
+
+| extended
+
+// ===============================================================
+
 |
 [[field-host-type]]
 <<field-host-type, host.type>>

diff --git a/experimental/generated/beats/fields.ecs.yml b/experimental/generated/beats/fields.ecs.yml
@@ -2222,7 +2222,9 @@
       level: extended
       type: scaled_float
       description: 'Percent CPU used which is normalized by the number of CPU cores
-        and it ranges from 0 to 1. Scaling factor: 1000.
+        and it ranges from 0 to 1.
+
+        Scaling factor: 1000.
 
         For example: For a two core host, this value should be the average of the
         two cores, between 0 and 1.'

diff --git a/experimental/generated/ecs/ecs_flat.yml b/experimental/generated/ecs/ecs_flat.yml
@@ -3355,9 +3355,12 @@ host.architecture:
   short: Operating system architecture.
   type: keyword
 host.cpu.usage:
+  beta: This field is currently considered beta.
   dashed_name: host-cpu-usage
   description: 'Percent CPU used which is normalized by the number of CPU cores and
-    it ranges from 0 to 1. Scaling factor: 1000.
+    it ranges from 0 to 1.
+
+    Scaling factor: 1000.
 
     For example: For a two core host, this value should be the average of the two
     cores, between 0 and 1.'
@@ -3369,6 +3372,7 @@ host.cpu.usage:
   short: Percent CPU used, between 0 and 1.
   type: scaled_float
 host.disk.read.bytes:
+  beta: This field is currently considered beta.
   dashed_name: host-disk-read-bytes
   description: The total number of bytes (gauge) read successfully (aggregated from
     all disks) since the last metric collection.
@@ -3379,6 +3383,7 @@ host.disk.read.bytes:
   short: The number of bytes read by all disks.
   type: long
 host.disk.write.bytes:
+  beta: This field is currently considered beta.
   dashed_name: host-disk-write-bytes
   description: The total number of bytes (gauge) written successfully (aggregated
     from all disks) since the last metric collection.
@@ -3606,6 +3611,7 @@ host.name:
   short: Name of the host.
   type: keyword
 host.network.egress.bytes:
+  beta: This field is currently considered beta.
   dashed_name: host-network-egress-bytes
   description: The number of bytes (gauge) sent out on all network interfaces by the
     host since the last metric collection.
@@ -3616,6 +3622,7 @@ host.network.egress.bytes:
   short: The number of bytes sent on all network interfaces.
   type: long
 host.network.egress.packets:
+  beta: This field is currently considered beta.
   dashed_name: host-network-egress-packets
   description: The number of packets (gauge) sent out on all network interfaces by
     the host since the last metric collection.
@@ -3626,6 +3633,7 @@ host.network.egress.packets:
   short: The number of packets sent on all network interfaces.
   type: long
 host.network.ingress.bytes:
+  beta: This field is currently considered beta.
   dashed_name: host-network-ingress-bytes
   description: The number of bytes received (gauge) on all network interfaces by the
     host since the last metric collection.
@@ -3636,6 +3644,7 @@ host.network.ingress.bytes:
   short: The number of bytes received on all network interfaces.
   type: long
 host.network.ingress.packets:
+  beta: This field is currently considered beta.
   dashed_name: host-network-ingress-packets
   description: The number of packets (gauge) received on all network interfaces by
     the host since the last metric collection.

diff --git a/experimental/generated/ecs/ecs_nested.yml b/experimental/generated/ecs/ecs_nested.yml
@@ -4092,9 +4092,12 @@ host:
       short: Operating system architecture.
       type: keyword
     host.cpu.usage:
+      beta: This field is currently considered beta.
       dashed_name: host-cpu-usage
       description: 'Percent CPU used which is normalized by the number of CPU cores
-        and it ranges from 0 to 1. Scaling factor: 1000.
+        and it ranges from 0 to 1.
+
+        Scaling factor: 1000.
 
         For example: For a two core host, this value should be the average of the
         two cores, between 0 and 1.'
@@ -4106,6 +4109,7 @@ host:
       short: Percent CPU used, between 0 and 1.
       type: scaled_float
     host.disk.read.bytes:
+      beta: This field is currently considered beta.
       dashed_name: host-disk-read-bytes
       description: The total number of bytes (gauge) read successfully (aggregated
         from all disks) since the last metric collection.
@@ -4116,6 +4120,7 @@ host:
       short: The number of bytes read by all disks.
       type: long
     host.disk.write.bytes:
+      beta: This field is currently considered beta.
       dashed_name: host-disk-write-bytes
       description: The total number of bytes (gauge) written successfully (aggregated
         from all disks) since the last metric collection.
@@ -4346,6 +4351,7 @@ host:
       short: Name of the host.
       type: keyword
     host.network.egress.bytes:
+      beta: This field is currently considered beta.
       dashed_name: host-network-egress-bytes
       description: The number of bytes (gauge) sent out on all network interfaces
         by the host since the last metric collection.
@@ -4356,6 +4362,7 @@ host:
       short: The number of bytes sent on all network interfaces.
       type: long
     host.network.egress.packets:
+      beta: This field is currently considered beta.
       dashed_name: host-network-egress-packets
       description: The number of packets (gauge) sent out on all network interfaces
         by the host since the last metric collection.
@@ -4366,6 +4373,7 @@ host:
       short: The number of packets sent on all network interfaces.
       type: long
     host.network.ingress.bytes:
+      beta: This field is currently considered beta.
       dashed_name: host-network-ingress-bytes
       description: The number of bytes received (gauge) on all network interfaces
         by the host since the last metric collection.
@@ -4376,6 +4384,7 @@ host:
       short: The number of bytes received on all network interfaces.
       type: long
     host.network.ingress.packets:
+      beta: This field is currently considered beta.
       dashed_name: host-network-ingress-packets
       description: The number of packets (gauge) received on all network interfaces
         by the host since the last metric collection.

diff --git a/experimental/schemas/host.yml b/experimental/schemas/host.yml
@@ -1,65 +1,4 @@
 - name: host
   fields:
-    # RFC 0005
-    - name: cpu.usage
-      type: scaled_float
-      scaling_factor: 1000
-      level: extended
-      short: Percent CPU used, between 0 and 1.
-      description: >
-        Percent CPU used which is normalized by the number of CPU cores and it
-        ranges from 0 to 1. Scaling factor: 1000.
-
-        For example: For a two core host, this value should be the average of the
-        two cores, between 0 and 1.
-
-    - name: network.ingress.bytes
-      type: long
-      level: extended
-      short: The number of bytes received on all network interfaces.
-      description: >
-        The number of bytes received (gauge) on all network interfaces by the
-        host since the last metric collection.
-
-    - name: network.ingress.packets
-      type: long
-      level: extended
-      short: The number of packets received on all network interfaces.
-      description: >
-        The number of packets (gauge) received on all network interfaces by the
-        host since the last metric collection.
-
-    - name: network.egress.bytes
-      type: long
-      level: extended
-      short: The number of bytes sent on all network interfaces.
-      description: >
-        The number of bytes (gauge) sent out on all network interfaces by the
-        host since the last metric collection.
-
-    - name: network.egress.packets
-      type: long
-      level: extended
-      short: The number of packets sent on all network interfaces.
-      description: >
-        The number of packets (gauge) sent out on all network interfaces by the
-        host since the last metric collection.
-
-    - name: disk.read.bytes
-      type: long
-      level: extended
-      short: The number of bytes read by all disks.
-      description: >
-        The total number of bytes (gauge) read successfully (aggregated from all
-        disks) since the last metric collection.
-
-    - name: disk.write.bytes
-      type: long
-      level: extended
-      short: The number of bytes written on all disks.
-      description: >
-        The total number of bytes (gauge) written successfully (aggregated from
-        all disks) since the last metric collection.
-
     - name: hostname
       type: wildcard