github.com/elastic/ecs ↗

About elastic/ecs

Elastic Common Schema (ECS) is a standardized set of field definitions designed to help organizations ingest and structure data consistently across Elasticsearch. By providing a common schema, ECS enables better data correlation across diverse sources such as logs, metrics, IT operations analytics, and security analytics, making it easier to search and analyze data from multiple domains within a single platform.

The project includes tooling and documentation for working with the schema, along with the ability to generate various artifacts and files based on ECS specifications. Contributions to the project follow an RFC (Request for Comments) process for substantial changes, and the team maintains alignment with OpenTelemetry Semantic Conventions where there is common ground. Releases follow Semantic Versioning with major versions typically aligned to major Elastic Stack releases.

The repository is primarily written in Python and is licensed under the Apache License 2.0. It serves as the authoritative source for the ECS specification, with official documentation published on Elastic's website and versioned releases available for stability and reference.