ebeahan/ecs-8.0.0.json

## ecs-8.0.0.json
{
  "agent": {
    "name": "test",
    "id": "a0e86cd2-d38b-4801-8d54-db5f2fb7f7e1",
    "ephemeral_id": "8568c102-6c2d-495d-800b-bc5b89cde1b6",
    "type": "filebeat",
    "version": "8.1.2"
  },
  "log": {
    "file": {
      "path": "/var/log/nginx/access.log"
    },
    "offset": 2716
  },
  "source": {
    "address": "192.168.64.1",
    "ip": "192.168.64.1"
  },
  "destination": {
    "address": "192.168.64.2",
    "ip": "192.168.64.2"
  },
  "url": {
    "path": "/",
    "original": "/"
  },
  "tags": [
    "nginx-access"
  ],
  "@timestamp": "2022-03-31T18:48:35.000Z",
  "ecs": {
    "version": "8.0.0"
  },
  "related": {
    "ip": [
      "192.168.64.1",
      "192.168.64.2",
      "fe80::9c5f:77ff:fe74:604"
    ]
  },
  "host": {
    "hostname": "test",
    "os": {
      "kernel": "5.4.0-105-generic",
      "codename": "focal",
      "name": "Ubuntu",
      "type": "linux",
      "family": "debian",
      "version": "20.04.4 LTS (Focal Fossa)",
      "platform": "ubuntu"
    },
    "ip": [
      "192.168.64.2",
      "fe80::9c5f:77ff:fe74:604"
    ],
    "name": "test",
    "id": "39c062dece654ac393c9f62fc2be2b11",
    "mac": [
      "9e:5f:77:74:06:04"
    ],
    "architecture": "x86_64"
  },
  "http": {
    "request": {
      "method": "GET"
    },
    "response": {
      "status_code": 304,
      "body": {
        "bytes": 0
      }
    },
    "version": "1.1"
  },
  "event": {
    "agent_id_status": "verified",
    "ingested": "2022-03-31T18:48:38Z",
    "timezone": "-05:00",
    "created": "2022-03-31T18:48:37.472Z",
    "kind": "event",
    "category": [
      "web"
    ],
    "type": [
      "access"
    ],
    "dataset": "nginx.access",
    "outcome": "success"
  },
  "user_agent": {
    "original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36",
    "os": {
      "name": "Mac OS X",
      "version": "10.15.7",
      "full": "Mac OS X 10.15.7"
    },
    "name": "Chrome",
    "device": {
      "name": "Mac"
    },
    "version": "99.0.4844.84"
  }
}

## simple-ecs-8.0.0.json
{
  "@timestamp": "2022-03-31T18:48:35.000Z",
  "ecs": {
    "version": "8.0.0"
  },
  "message": "This is a simple example of mapping to ECS"
}
	{
	"agent": {
	"name": "test",
	"id": "a0e86cd2-d38b-4801-8d54-db5f2fb7f7e1",
	"ephemeral_id": "8568c102-6c2d-495d-800b-bc5b89cde1b6",
	"type": "filebeat",
	"version": "8.1.2"
	},
	"log": {
	"file": {
	"path": "/var/log/nginx/access.log"
	},
	"offset": 2716
	},
	"source": {
	"address": "192.168.64.1",
	"ip": "192.168.64.1"
	},
	"destination": {
	"address": "192.168.64.2",
	"ip": "192.168.64.2"
	},
	"url": {
	"path": "/",
	"original": "/"
	},
	"tags": [
	"nginx-access"
	],
	"@timestamp": "2022-03-31T18:48:35.000Z",
	"ecs": {
	"version": "8.0.0"
	},
	"related": {
	"ip": [
	"192.168.64.1",
	"192.168.64.2",
	"fe80::9c5f:77ff:fe74:604"
	]
	},
	"host": {
	"hostname": "test",
	"os": {
	"kernel": "5.4.0-105-generic",
	"codename": "focal",
	"name": "Ubuntu",
	"type": "linux",
	"family": "debian",
	"version": "20.04.4 LTS (Focal Fossa)",
	"platform": "ubuntu"
	},
	"ip": [
	"192.168.64.2",
	"fe80::9c5f:77ff:fe74:604"
	],
	"name": "test",
	"id": "39c062dece654ac393c9f62fc2be2b11",
	"mac": [
	"9e:5f:77:74:06:04"
	],
	"architecture": "x86_64"
	},
	"http": {
	"request": {
	"method": "GET"
	},
	"response": {
	"status_code": 304,
	"body": {
	"bytes": 0
	}
	},
	"version": "1.1"
	},
	"event": {
	"agent_id_status": "verified",
	"ingested": "2022-03-31T18:48:38Z",
	"timezone": "-05:00",
	"created": "2022-03-31T18:48:37.472Z",
	"kind": "event",
	"category": [
	"web"
	],
	"type": [
	"access"
	],
	"dataset": "nginx.access",
	"outcome": "success"
	},
	"user_agent": {
	"original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36",
	"os": {
	"name": "Mac OS X",
	"version": "10.15.7",
	"full": "Mac OS X 10.15.7"
	},
	"name": "Chrome",
	"device": {
	"name": "Mac"
	},
	"version": "99.0.4844.84"
	}
	}