Hi @jerrac,
this is an awesome list. Thanks so much for putting it together. It's very valuable input for our planning discussions.
So, I've split my postfix logs out into some fields, but now a lot of the log lines in the logs stream are blank... It'd be awesome if we could say "show this field in the stream".
The Logs UI stream assumes an ECS compliant mapping, so it primarily tries to display the message field. Granted, there are some heuristics to pull in data from other fields, but I'd recommend to avoid these. In addition to the message field you should be able to add any other field as a column to the Logs UI stream via its settings page.