The SIEM app is now a part of the Elastic Security solution. Click here to view SIEM documentation for previous releases.
« Create or update an external incident Elastic Security ECS field reference »
Elastic Docs Elastic Security Solution [7.9]

Elastic Security fields and object schemas

edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

Elastic Security fields and object schemas

edit

This reference section provides details on the ECS fields Elastic Security uses to display data in the UI and Elastic Security JSON object schemas:

« Create or update an external incident Elastic Security ECS field reference »