ECS Base Fields

All SaltMiner indices follow the ECS convention of using the following fields in all documents.

Field	Description
id	Unique identifier for this document. As a rule this field exists on all document and is the primary key. When a field flows down the id is generally copied to the <indices>.id field. required: Yes type: keyword
timestamp	system timestamp for this document ?UTC or time zone included? type: timestamp example: 2020-11-02T23:57:04.344886

Field

Description

Unique identifier for this document. As a rule this field exists on all document and is the primary key. When a field flows down the id is generally copied to the <indices>.id field.

required: Yes

type: keyword

timestamp

system timestamp for this document

?UTC or time zone included?

type: timestamp

example: 2020-11-02T23:57:04.344886

ECS Base Fields

Services & Solutions

About Saltworks