Does elastic support transfer old data to ecs format?

Hi, I want to know if i have old data (ex: windows event log) as below , does elasitc has package support transfer this format to ecs ?

thanks.

"{
  ""configSource"": ""XXX"",
  ""_User"": """",
  ""@version"": ""1"",
  ""__data_source"": ""XXXX"",
  ""hostId"": ""XX-a-ada-asdas-dasda"",
  ""_EventType"": 5,
  ""_SourceName"": ""Microsoft-Windows-Security-Auditing"",
  ""LoghostIp"": ""XXXX.XXX,
  ""_EventClass"": ""Win32_NTLogEvent"",
  ""_Type"": """",
  ""_EventIdentifier"": 4625,
  ""_TimeWritten"": ""20221104073401.507809-000"",
  ""configId"": ""id-hmd"",
  ""_Logfile"": ""Security"",
  ""_Category"": 12544,
  ""@timestamp"": ""2022-11-04T07:34:08.563Z"",
  ""__data_type"": ""log"",
  ""_ComputerName"": ""IMC-DSS-tAP02"",
  ""__has_error"": ""false"",
  ""_CategoryString"": ""logon"",
  ""__index_name"": """,
  ""_RecordNumber"": 255545182,
  ""_eventDttm_"": ""2022-11-04T07:34:08.563Z"",
  ""_TimeGenerated"": ""20221104073401.507809-000"",
  ""_InsertionStrings"": ""S-1-5-18XXXXX$WORKGROUP0x3e7S-1-0-xXXX-DSS-AP010xc000006e%%23090xc00000714Advapi  NegotiateIMC-DSS-TAP02--00x4f8C:\\Windows\\System32\\svchost.exe-"",
  ""_host"": ""XX.XX.XX.XX"",
  ""_EventCode"": 4625,
  ""message"": """",
  ""__insertTime"": ""2022-11-04T07:34:08.563Z""
}"

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.