The destination.as.* fields you have populated are not what is defined in Elastic Common Schema. See https://www.elastic.co/guide/en/ecs/current/ecs-as.html.
You'll want to have a destination.as.number and destination.as.organization.name.
The destination.as.* fields you have populated are not what is defined in Elastic Common Schema. See https://www.elastic.co/guide/en/ecs/current/ecs-as.html.
You'll want to have a destination.as.number and destination.as.organization.name.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.