diff --git a/packages/nginx/_dev/benchmark/rally/access-benchmark.yml b/packages/nginx/_dev/benchmark/rally/access-benchmark.yml
new file mode 100644
index 00000000000..371dc013ab8
--- /dev/null
+++ b/packages/nginx/_dev/benchmark/rally/access-benchmark.yml
@@ -0,0 +1,14 @@
+---
+description: Benchmark 20000 nginx.access events ingested
+data_stream:
+  name: access
+corpora:
+  generator:
+    total_events: 20000
+    template:
+      type: gotext
+      path: ./access-benchmark/template.ndjson
+    config:
+      path: ./access-benchmark/config.yml
+    fields:
+      path: ./access-benchmark/fields.yml
diff --git a/packages/nginx/_dev/benchmark/rally/access-benchmark/config.yml b/packages/nginx/_dev/benchmark/rally/access-benchmark/config.yml
new file mode 100644
index 00000000000..a70cf9cb9db
--- /dev/null
+++ b/packages/nginx/_dev/benchmark/rally/access-benchmark/config.yml
@@ -0,0 +1,15 @@
+fields:
+  - name: 'timestamp'
+    period: -24h # one day
+  - name: agent.id
+    value: "ef5e274d-4b53-45e6-943a-a5bcf1a6f523"
+  - name: request_method
+    enum: ["GET", "POST", "PUT", "DELETE"]
+  - name: status_code
+    enum: ["101", "102", "200", "201", "202", "300", "301", "302", "400", "401", "402", "500", "501"]
+  - name: response_bytes
+    range:
+      min: 100
+      max: 30000
+  - name: id
+    enum: ["1", "2", "3"]
diff --git a/packages/nginx/_dev/benchmark/rally/access-benchmark/fields.yml b/packages/nginx/_dev/benchmark/rally/access-benchmark/fields.yml
new file mode 100644
index 00000000000..3174ce9f610
--- /dev/null
+++ b/packages/nginx/_dev/benchmark/rally/access-benchmark/fields.yml
@@ -0,0 +1,23 @@
+- name: agent.ephemeral_id
+  type: keyword
+- name: agent.id
+  type: keyword
+- name: agent.name
+  type: keyword
+- name: destination_domain
+  type: keyword
+  example: lessons.example.com
+- name: remote_ip
+  type: ip
+- name: timestamp
+  type: date
+- name: request_method
+  type: keyword
+- name: status_code
+  type: keyword
+- name: response_bytes
+  type: long
+- name: remote_user
+  type: keyword
+- name: id
+  type: keyword
\ No newline at end of file
diff --git a/packages/nginx/_dev/benchmark/rally/access-benchmark/template.ndjson b/packages/nginx/_dev/benchmark/rally/access-benchmark/template.ndjson
new file mode 100644
index 00000000000..71196c0fafa
--- /dev/null
+++ b/packages/nginx/_dev/benchmark/rally/access-benchmark/template.ndjson
@@ -0,0 +1,74 @@
+{{- $timestamp := generate "timestamp" }}
+{{- $agentId := generate "agent.id" }}
+{{- $agentName := generate "agent.name" }}
+{{- $agentEphemeralid := generate "agent.ephemeral_id" }}
+{{- $destinationDomain := generate "destination_domain" }}
+{{- $remoteIp := generate "remote_ip" }}
+{{- $remoteUser := generate "remote_user" }}
+{{- $requestMethod := generate "request_method" }}
+{{- $statusCode := generate "status_code" }}
+{{- $responseBytes := generate "response_bytes" }}
+{{- $id := generate "id" }}
+{
+    "@timestamp": "{{ $timestamp.Format "2006-01-02T15:04:05.000Z07:00" }}",
+    "agent": {
+        "ephemeral_id": "{{ $agentEphemeralid }}",
+        "id": "{{ $agentId }}",
+        "name": "{{ $agentName }}",
+        "type": "filebeat",
+        "version": "8.5.1"
+    },
+    "data_stream": {
+        "dataset": "nginx.access",
+        "namespace": "ep",
+        "type": "logs"
+    },
+    "ecs": {
+        "version": "8.5.1"
+    },
+    "elastic_agent": {
+        "id": "{{ $agentId }}",
+        "snapshot": false,
+        "version": "8.5.0"
+    },
+    "message": "{{ $destinationDomain }}:80 {{ $remoteIp }} - {{ $remoteUser }} [{{$timestamp | date "02/Jan/2006:15:04:05"}} {{ $timestamp.Format "Z0700" }}] \"{{$requestMethod}} /downloads/product_{{ $id }} HTTP/1.1\" {{ $statusCode }} {{ $responseBytes }} \"http://localhost:8080/\" \"Chef Client/12.0.3 (ruby-2.1.4-p265; ohai-8.0.1; x86_64-linux; +http://opscode.com)\"",    
+    "event": {
+        "agent_id_status": "verified",
+        "dataset": "nginx.access",
+        "timezone": "{{ $timestamp.Format "-07:00" }}"
+    },
+    "host": {
+        "architecture": "x86_64",
+        "containerized": false,
+        "hostname": "docker-fleet-agent",
+        "id": "66392b0697b84641af8006d87aeb89f1",
+        "ip": [
+            "172.18.0.7"
+        ],
+        "mac": [
+            "02-42-AC-12-00-07"
+        ],
+        "name": "docker-fleet-agent",
+        "os": {
+            "codename": "focal",
+            "family": "debian",
+            "kernel": "5.15.49-linuxkit",
+            "name": "Ubuntu",
+            "platform": "ubuntu",
+            "type": "linux",
+            "version": "20.04.5 LTS (Focal Fossa)"
+        }
+    },
+    "input": {
+        "type": "log"
+    },
+    "log": {
+        "file": {
+            "path": "/tmp/service_logs/access.log"
+        },
+        "offset": 0
+    },
+    "tags": [
+        "nginx-access"
+    ]
+}
\ No newline at end of file