elastic · mjwolf · Dec 6, 2024 · Dec 6, 2024
@@ -18,6 +18,7 @@ Thanks, you're awesome :-) -->
 
 #### Improvements
 
+* Promote beta fields to GA. #2411
 * Define base encoding of `x509.serial_number`. #2383
 * Restrict the encoding of `x509.serial_number` to base 16. #2398
 

@@ -790,17 +790,15 @@ Note also that the `cloud` fields may be used directly at the root of the events
 
 
 | `cloud.origin.*`
-| <<ecs-cloud,cloud>>| beta:[ Reusing the `cloud` fields in this location is currently considered beta.]
-
-Provides the cloud information of the origin entity in case of an incoming request or event.
+| <<ecs-cloud,cloud>>
+| Provides the cloud information of the origin entity in case of an incoming request or event.
 
 // ===============================================================
 
 
 | `cloud.target.*`
-| <<ecs-cloud,cloud>>| beta:[ Reusing the `cloud` fields in this location is currently considered beta.]
-
-Provides the cloud information of the target entity in case of an outgoing request or event.
+| <<ecs-cloud,cloud>>
+| Provides the cloud information of the target entity in case of an outgoing request or event.
 
 // ===============================================================
 
@@ -2220,8 +2218,6 @@ example: `1.0.0`
 
 These fields contain Linux Executable Linkable Format (ELF) metadata.
 
-beta::[ These fields are in beta and are subject to change.]
-
 [discrete]
 ==== ELF Header Field Details
 
@@ -3907,8 +3903,6 @@ example: `https://mysystem.example.com/alert/5271dedb-f5b0-4218-87f0-4ac4870a38f
 
 The user fields describe information about the function as a service (FaaS) that is relevant to the event.
 
-beta::[ These fields are in beta and are subject to change.]
-
 [discrete]
 ==== FaaS Field Details
 
@@ -4478,9 +4472,8 @@ Note also that the `file` fields may be used directly at the root of the events.
 
 
 | `file.elf.*`
-| <<ecs-elf,elf>>| beta:[ This field reuse is beta and subject to change.]
-
-These fields contain Linux Executable Linkable Format (ELF) metadata.
+| <<ecs-elf,elf>>
+| These fields contain Linux Executable Linkable Format (ELF) metadata.
 
 // ===============================================================
 
@@ -5031,9 +5024,7 @@ example: `x86_64`
 [[field-host-boot-id]]
 <<field-host-boot-id, host.boot.id>>
 
-a| beta:[ This field is beta and subject to change. ]
-
-Linux boot uuid taken from /proc/sys/kernel/random/boot_id. Note the boot_id value from /proc may or may not be the same in containers as on the host. Some container runtimes will bind mount a new boot_id value onto the proc file in each container.
+a| Linux boot uuid taken from /proc/sys/kernel/random/boot_id. Note the boot_id value from /proc may or may not be the same in containers as on the host. Some container runtimes will bind mount a new boot_id value onto the proc file in each container.
 
 type: keyword
 
@@ -5279,9 +5270,7 @@ type: long
 [[field-host-pid-ns-ino]]
 <<field-host-pid-ns-ino, host.pid_ns_ino>>
 
-a| beta:[ This field is beta and subject to change. ]
-
-This is the inode number of the namespace in the namespace file system (nsfs). Unsigned int inum in include/linux/ns_common.h.
+a| This is the inode number of the namespace in the namespace file system (nsfs). Unsigned int inum in include/linux/ns_common.h.
 
 type: keyword
 
@@ -8787,9 +8776,8 @@ The externally attested user based on an external source such as the Kube API.
 
 
 | `process.elf.*`
-| <<ecs-elf,elf>>| beta:[ This field reuse is beta and subject to change.]
-
-These fields contain Linux Executable Linkable Format (ELF) metadata.
+| <<ecs-elf,elf>>
+| These fields contain Linux Executable Linkable Format (ELF) metadata.
 
 // ===============================================================
 
@@ -13000,8 +12988,6 @@ Note also that the `vlan` fields are not expected to be used directly at the roo
 
 Fields related to storage volume details.
 
-beta::[ These fields are beta and are subject to change.]
-
 [discrete]
 ==== Volume Field Details
 

@@ -64,8 +64,6 @@ This value is not used by Elastic solutions for alert documents that are created
 [[ecs-event-kind-asset]]
 ==== asset
 
-beta:[ This event categorization value is beta and subject to change. ]
-
 This value indicates events whose primary purpose is to store an inventory of assets/entities and their attributes. Assets/entities are objects (such as users and hosts) that are expected to be subjects of detailed analysis within the system.
 
 Examples include lists of user identities or accounts ingested from directory services such as Active Directory (AD), inventory of hosts pulled from configuration management databases (CMDB), and lists of cloud storage buckets pulled from cloud provider APIs.

@@ -3370,8 +3370,7 @@ event.kind:
       This value is not used by Elastic solutions for alert documents that are created
       by rules executing within the Kibana alerting framework.'
     name: alert
-  - beta: This event categorization value is beta and subject to change.
-    description: 'This value indicates events whose primary purpose is to store an
+  - description: 'This value indicates events whose primary purpose is to store an
       inventory of assets/entities and their attributes. Assets/entities are objects
       (such as users and hosts) that are expected to be subjects of detailed analysis
       within the system.
@@ -5678,7 +5677,6 @@ host.architecture:
   short: Operating system architecture.
   type: keyword
 host.boot.id:
-  beta: This field is beta and subject to change.
   dashed_name: host-boot-id
   description: Linux boot uuid taken from /proc/sys/kernel/random/boot_id. Note the
     boot_id value from /proc may or may not be the same in containers as on the host.
@@ -6095,7 +6093,6 @@ host.os.version:
   short: Operating system version as a raw string.
   type: keyword
 host.pid_ns_ino:
-  beta: This field is beta and subject to change.
   dashed_name: host-pid-ns-ino
   description: This is the inode number of the namespace in the namespace file system
     (nsfs). Unsigned int inum in include/linux/ns_common.h.

@@ -1268,25 +1268,21 @@ cloud:
     expected:
     - as: origin
       at: cloud
-      beta: Reusing the `cloud` fields in this location is currently considered beta.
       full: cloud.origin
       short_override: Provides the cloud information of the origin entity in case
         of an incoming request or event.
     - as: target
       at: cloud
-      beta: Reusing the `cloud` fields in this location is currently considered beta.
       full: cloud.target
       short_override: Provides the cloud information of the target entity in case
         of an outgoing request or event.
     top_level: true
   reused_here:
-  - beta: Reusing the `cloud` fields in this location is currently considered beta.
-    full: cloud.origin
+  - full: cloud.origin
     schema_name: cloud
     short: Provides the cloud information of the origin entity in case of an incoming
       request or event.
-  - beta: Reusing the `cloud` fields in this location is currently considered beta.
-    full: cloud.target
+  - full: cloud.target
     schema_name: cloud
     short: Provides the cloud information of the target entity in case of an outgoing
       request or event.
@@ -3118,7 +3114,6 @@ ecs:
   title: ECS
   type: group
 elf:
-  beta: These fields are in beta and are subject to change.
   description: These fields contain Linux Executable Linkable Format (ELF) metadata.
   fields:
     elf.architecture:
@@ -3533,11 +3528,9 @@ elf:
     expected:
     - as: elf
       at: file
-      beta: This field reuse is beta and subject to change.
       full: file.elf
     - as: elf
       at: process
-      beta: This field reuse is beta and subject to change.
       full: process.elf
     top_level: false
   short: These fields contain Linux Executable Linkable Format (ELF) metadata.
@@ -4379,8 +4372,7 @@ event:
           This value is not used by Elastic solutions for alert documents that are
           created by rules executing within the Kibana alerting framework.'
         name: alert
-      - beta: This event categorization value is beta and subject to change.
-        description: 'This value indicates events whose primary purpose is to store
+      - description: 'This value indicates events whose primary purpose is to store
           an inventory of assets/entities and their attributes. Assets/entities are
           objects (such as users and hosts) that are expected to be subjects of detailed
           analysis within the system.
@@ -4841,7 +4833,6 @@ event:
   title: Event
   type: group
 faas:
-  beta: These fields are in beta and are subject to change.
   description: The user fields describe information about the function as a service
     (FaaS) that is relevant to the event.
   fields:
@@ -6715,8 +6706,7 @@ file:
   - full: file.code_signature
     schema_name: code_signature
     short: These fields contain information about binary code signatures.
-  - beta: This field reuse is beta and subject to change.
-    full: file.elf
+  - full: file.elf
     schema_name: elf
     short: These fields contain Linux Executable Linkable Format (ELF) metadata.
   - beta: This field reuse is beta and subject to change.
@@ -7104,7 +7094,6 @@ host:
       short: Operating system architecture.
       type: keyword
     host.boot.id:
-      beta: This field is beta and subject to change.
       dashed_name: host-boot-id
       description: Linux boot uuid taken from /proc/sys/kernel/random/boot_id. Note
         the boot_id value from /proc may or may not be the same in containers as on
@@ -7523,7 +7512,6 @@ host:
       short: Operating system version as a raw string.
       type: keyword
     host.pid_ns_ino:
-      beta: This field is beta and subject to change.
       dashed_name: host-pid-ns-ino
       description: This is the inode number of the namespace in the namespace file
         system (nsfs). Unsigned int inum in include/linux/ns_common.h.
@@ -15209,8 +15197,7 @@ process:
   - full: process.code_signature
     schema_name: code_signature
     short: These fields contain information about binary code signatures.
-  - beta: This field reuse is beta and subject to change.
-    full: process.elf
+  - full: process.elf
     schema_name: elf
     short: These fields contain Linux Executable Linkable Format (ELF) metadata.
   - beta: This field reuse is beta and subject to change.
@@ -25145,7 +25132,6 @@ vlan:
   title: VLAN
   type: group
 volume:
-  beta: These fields are beta and are subject to change.
   description: Fields related to storage volume details.
   fields:
     volume.bus_type:

@@ -3301,8 +3301,7 @@ event.kind:
       This value is not used by Elastic solutions for alert documents that are created
       by rules executing within the Kibana alerting framework.'
     name: alert
-  - beta: This event categorization value is beta and subject to change.
-    description: 'This value indicates events whose primary purpose is to store an
+  - description: 'This value indicates events whose primary purpose is to store an
       inventory of assets/entities and their attributes. Assets/entities are objects
       (such as users and hosts) that are expected to be subjects of detailed analysis
       within the system.
@@ -5609,7 +5608,6 @@ host.architecture:
   short: Operating system architecture.
   type: keyword
 host.boot.id:
-  beta: This field is beta and subject to change.
   dashed_name: host-boot-id
   description: Linux boot uuid taken from /proc/sys/kernel/random/boot_id. Note the
     boot_id value from /proc may or may not be the same in containers as on the host.
@@ -6026,7 +6024,6 @@ host.os.version:
   short: Operating system version as a raw string.
   type: keyword
 host.pid_ns_ino:
-  beta: This field is beta and subject to change.
   dashed_name: host-pid-ns-ino
   description: This is the inode number of the namespace in the namespace file system
     (nsfs). Unsigned int inum in include/linux/ns_common.h.

@@ -1188,25 +1188,21 @@ cloud:
     expected:
     - as: origin
       at: cloud
-      beta: Reusing the `cloud` fields in this location is currently considered beta.
       full: cloud.origin
       short_override: Provides the cloud information of the origin entity in case
         of an incoming request or event.
     - as: target
       at: cloud
-      beta: Reusing the `cloud` fields in this location is currently considered beta.
       full: cloud.target
       short_override: Provides the cloud information of the target entity in case
         of an outgoing request or event.
     top_level: true
   reused_here:
-  - beta: Reusing the `cloud` fields in this location is currently considered beta.
-    full: cloud.origin
+  - full: cloud.origin
     schema_name: cloud
     short: Provides the cloud information of the origin entity in case of an incoming
       request or event.
-  - beta: Reusing the `cloud` fields in this location is currently considered beta.
-    full: cloud.target
+  - full: cloud.target
     schema_name: cloud
     short: Provides the cloud information of the target entity in case of an outgoing
       request or event.
@@ -3038,7 +3034,6 @@ ecs:
   title: ECS
   type: group
 elf:
-  beta: These fields are in beta and are subject to change.
   description: These fields contain Linux Executable Linkable Format (ELF) metadata.
   fields:
     elf.architecture:
@@ -3453,11 +3448,9 @@ elf:
     expected:
     - as: elf
       at: file
-      beta: This field reuse is beta and subject to change.
       full: file.elf
     - as: elf
       at: process
-      beta: This field reuse is beta and subject to change.
       full: process.elf
     top_level: false
   short: These fields contain Linux Executable Linkable Format (ELF) metadata.
@@ -4299,8 +4292,7 @@ event:
           This value is not used by Elastic solutions for alert documents that are
           created by rules executing within the Kibana alerting framework.'
         name: alert
-      - beta: This event categorization value is beta and subject to change.
-        description: 'This value indicates events whose primary purpose is to store
+      - description: 'This value indicates events whose primary purpose is to store
           an inventory of assets/entities and their attributes. Assets/entities are
           objects (such as users and hosts) that are expected to be subjects of detailed
           analysis within the system.
@@ -4761,7 +4753,6 @@ event:
   title: Event
   type: group
 faas:
-  beta: These fields are in beta and are subject to change.
   description: The user fields describe information about the function as a service
     (FaaS) that is relevant to the event.
   fields:
@@ -6635,8 +6626,7 @@ file:
   - full: file.code_signature
     schema_name: code_signature
     short: These fields contain information about binary code signatures.
-  - beta: This field reuse is beta and subject to change.
-    full: file.elf
+  - full: file.elf
     schema_name: elf
     short: These fields contain Linux Executable Linkable Format (ELF) metadata.
   - beta: This field reuse is beta and subject to change.
@@ -7024,7 +7014,6 @@ host:
       short: Operating system architecture.
       type: keyword
     host.boot.id:
-      beta: This field is beta and subject to change.
       dashed_name: host-boot-id
       description: Linux boot uuid taken from /proc/sys/kernel/random/boot_id. Note
         the boot_id value from /proc may or may not be the same in containers as on
@@ -7443,7 +7432,6 @@ host:
       short: Operating system version as a raw string.
       type: keyword
     host.pid_ns_ino:
-      beta: This field is beta and subject to change.
       dashed_name: host-pid-ns-ino
       description: This is the inode number of the namespace in the namespace file
         system (nsfs). Unsigned int inum in include/linux/ns_common.h.
@@ -15129,8 +15117,7 @@ process:
   - full: process.code_signature
     schema_name: code_signature
     short: These fields contain information about binary code signatures.
-  - beta: This field reuse is beta and subject to change.
-    full: process.elf
+  - full: process.elf
     schema_name: elf
     short: These fields contain Linux Executable Linkable Format (ELF) metadata.
   - beta: This field reuse is beta and subject to change.
@@ -25065,7 +25052,6 @@ vlan:
   title: VLAN
   type: group
 volume:
-  beta: These fields are beta and are subject to change.
   description: Fields related to storage volume details.
   fields:
     volume.bus_type:

@@ -44,11 +44,9 @@
     expected:
       - at: cloud
         as: origin
-        beta: Reusing the `cloud` fields in this location is currently considered beta.
         short_override: Provides the cloud information of the origin entity in case of an incoming request or event.
       - at: cloud
         as: target
-        beta: Reusing the `cloud` fields in this location is currently considered beta.
         short_override: Provides the cloud information of the target entity in case of an outgoing request or event.
   type: group
   fields: