Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

patterns ecs-v1 to use host.name instead of host.hostname #110200

Open
jguay opened this issue Jun 26, 2024 · 1 comment
Open

patterns ecs-v1 to use host.name instead of host.hostname #110200

jguay opened this issue Jun 26, 2024 · 1 comment
Labels
:Data Management/Ingest Node Execution or management of Ingest Pipelines including GeoIP >enhancement Team:Data Management Meta label for data/management team

Comments

@jguay
Copy link
Contributor

jguay commented Jun 26, 2024

Description

Feature request also raised in logstash-plugins/logstash-patterns-core#326

At the moment the default patterns coming from ecs-v1 use host.hostname (same is defined for logstash ingest node)

ECS documentation for host list both host.name and host.hostname

However most integrations currently use host.name so Kibana visualizations/dashboard tend to use this field causing them not to be usable when host.hostname is used

Such change is potentially a breaking changes for user who rely on host.hostname naming which also need to be addressed

Workaround solutions :

  • add a second field host.name on elasticsearch ingest node pipeline at ingestion time to have both fields and be able to use common visualizations
  • add a runtime field to add host.name to the indices (and index templates)
@jguay jguay added >enhancement needs:triage Requires assignment of a team area label labels Jun 26, 2024
@astefan astefan added :Data Management/Ingest Node Execution or management of Ingest Pipelines including GeoIP and removed needs:triage Requires assignment of a team area label labels Jun 28, 2024
@elasticsearchmachine elasticsearchmachine added the Team:Data Management Meta label for data/management team label Jun 28, 2024
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-data-management (Team:Data Management)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
:Data Management/Ingest Node Execution or management of Ingest Pipelines including GeoIP >enhancement Team:Data Management Meta label for data/management team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@astefan @jguay @elasticsearchmachine