Add ability to detect if index-pattern implements ECS #69856
Comments
|
Pinging @elastic/kibana-app-arch (Team:AppArch) |
mattkime
added
the
Feature:Data Views
|
This definitely sounds like something index patterns should help with. Index pattern content is very closely tied to the _field_caps api call. It would be helpful if the info we needed somehow fit into its results. It certainly should be available somewhere in ES since index pattern lists need to be regenerated. Maybe we can figure out how this might work and take a guess at the effort level. Then we can place it on the roadmap. |
|
thanks @mattkime ,happy to help evaluate this. Maps would have an immediate use for it. We're adding more&more layer-templates to Maps (e.g. SIEM, APM, ...), which aim to "auto-magically" configure layers requiring the least manual intervention. The latest example is where this would be useful would be here #69699 |
|
Maps introduced a utility that added some heuristic for the geo-field names #94969, to determine if they match ECS-geo-field names. |
exalate-issue-sync
bot
added
impact:low
petrklapka
added
Team:DataDiscovery
|
Pinging @elastic/kibana-data-discovery (Team:DataDiscovery) |
|
@thomasneirynck do you have some updates about ECS related topics and the usage in Kibana? |
|
@mattkime to add detection seems to be a low hanging fruit when fields are available (the data view ain't lazy), it just needs to check for the
|
|
Closing this because it's not planned to be resolved in the foreseeable future. It will be tracked in our Icebox and will be re-opened if our priorities change. Feel free to re-open if you think it should be melted sooner. |
It would be useful if we could determine if an index-pattern implements ECS.
This is especially relevant because ECS has tighter semantics on some of the fields.
e.g. in ECS (https://www.elastic.co/guide/en/ecs/current/ecs-geo.html), the
*.geo.country_iso_codeand*.geo.region_iso_codefields containiso-3166-1andiso-3166-2identifiers respectively. The UX can use these for initializing configurations for maps with countries or provinces/states/... without requiring the user to manually configure this.The text was updated successfully, but these errors were encountered: