I am having trouble figuring out how to start using an ECS index template.
I have read through a lot of the documentation and familiarized myself with the concepts of ECS.
Now I want to test it in practice.
The questions I have are:
- Where can I find the latest ECS index template ? Which file(s) do I need to download ?
- What is the official (best practice way) for starting with ECS ?
After importing a json a colleague gave to me I now see the index template in the "Legacy index templates", which means something is not correct in this json.
I want to have all the fields that are described in the ECS field reference.
P.S: I don't want filebeat or logstash to import the index template because I don't need to use them in my current environment since we are using fluentd on the client side.
Elasticsearch, Kibana version: 7.8.1