diff --git a/packages/aws/0.0.3/dataset/billing/fields/base-fields.yml b/packages/aws/0.0.3/dataset/billing/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/billing/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/cloudtrail/fields/base-fields.yml b/packages/aws/0.0.3/dataset/cloudtrail/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/cloudtrail/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/cloudwatch-logs/fields/base-fields.yml b/packages/aws/0.0.3/dataset/cloudwatch-logs/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/cloudwatch-logs/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/cloudwatch-metrics/fields/base-fields.yml b/packages/aws/0.0.3/dataset/cloudwatch-metrics/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/cloudwatch-metrics/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/dynamodb/fields/base-fields.yml b/packages/aws/0.0.3/dataset/dynamodb/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/dynamodb/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/ebs/fields/base-fields.yml b/packages/aws/0.0.3/dataset/ebs/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/ebs/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/ec2-logs/fields/base-fields.yml b/packages/aws/0.0.3/dataset/ec2-logs/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/ec2-logs/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/ec2-metrics/fields/base-fields.yml b/packages/aws/0.0.3/dataset/ec2-metrics/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/ec2-metrics/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/elb-logs/fields/base-fields.yml b/packages/aws/0.0.3/dataset/elb-logs/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/elb-logs/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/elb-metrics/fields/base-fields.yml b/packages/aws/0.0.3/dataset/elb-metrics/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/elb-metrics/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/lambda/fields/base-fields.yml b/packages/aws/0.0.3/dataset/lambda/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/lambda/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/natgateway/fields/base-fields.yml b/packages/aws/0.0.3/dataset/natgateway/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/natgateway/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/rds/fields/base-fields.yml b/packages/aws/0.0.3/dataset/rds/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/rds/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/s3_daily_storage/fields/base-fields.yml b/packages/aws/0.0.3/dataset/s3_daily_storage/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/s3_daily_storage/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/s3_request/fields/base-fields.yml b/packages/aws/0.0.3/dataset/s3_request/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/s3_request/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/s3access/fields/base-fields.yml b/packages/aws/0.0.3/dataset/s3access/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/s3access/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/sns/fields/base-fields.yml b/packages/aws/0.0.3/dataset/sns/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/sns/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/sqs/fields/base-fields.yml b/packages/aws/0.0.3/dataset/sqs/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/sqs/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/transitgateway/fields/base-fields.yml b/packages/aws/0.0.3/dataset/transitgateway/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/transitgateway/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/usage/fields/base-fields.yml b/packages/aws/0.0.3/dataset/usage/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/usage/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/vpcflow/fields/base-fields.yml b/packages/aws/0.0.3/dataset/vpcflow/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/vpcflow/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/aws/0.0.3/dataset/vpn/fields/base-fields.yml b/packages/aws/0.0.3/dataset/vpn/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/aws/0.0.3/dataset/vpn/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/cisco/0.1.0/dataset/asa/fields/base-fields.yml b/packages/cisco/0.1.0/dataset/asa/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/cisco/0.1.0/dataset/asa/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/cisco/0.1.0/dataset/ftd/fields/base-fields.yml b/packages/cisco/0.1.0/dataset/ftd/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/cisco/0.1.0/dataset/ftd/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/cisco/0.1.0/dataset/ios/fields/base-fields.yml b/packages/cisco/0.1.0/dataset/ios/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/cisco/0.1.0/dataset/ios/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/cisco/0.1.1/dataset/asa/fields/base-fields.yml b/packages/cisco/0.1.1/dataset/asa/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/cisco/0.1.1/dataset/asa/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/cisco/0.1.1/dataset/ftd/fields/base-fields.yml b/packages/cisco/0.1.1/dataset/ftd/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/cisco/0.1.1/dataset/ftd/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/cisco/0.1.1/dataset/ios/fields/base-fields.yml b/packages/cisco/0.1.1/dataset/ios/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/cisco/0.1.1/dataset/ios/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/endpoint/0.1.0/dataset/events/fields/base-fields.yml b/packages/endpoint/0.1.0/dataset/events/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/endpoint/0.1.0/dataset/events/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/endpoint/0.1.0/dataset/metadata/fields/base-fields.yml b/packages/endpoint/0.1.0/dataset/metadata/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/endpoint/0.1.0/dataset/metadata/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/endpoint/0.2.0/dataset/events/fields/base-fields.yml b/packages/endpoint/0.2.0/dataset/events/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/endpoint/0.2.0/dataset/events/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/endpoint/0.2.0/dataset/metadata/fields/base-fields.yml b/packages/endpoint/0.2.0/dataset/metadata/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/endpoint/0.2.0/dataset/metadata/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/endpoint/0.2.0/dataset/policy/fields/base-fields.yml b/packages/endpoint/0.2.0/dataset/policy/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/endpoint/0.2.0/dataset/policy/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/endpoint/0.2.0/dataset/telemetry/fields/base-fields.yml b/packages/endpoint/0.2.0/dataset/telemetry/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/endpoint/0.2.0/dataset/telemetry/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/kafka/0.1.0/dataset/broker/fields/base-fields.yml b/packages/kafka/0.1.0/dataset/broker/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/kafka/0.1.0/dataset/broker/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/kafka/0.1.0/dataset/consumergroup/fields/base-fields.yml b/packages/kafka/0.1.0/dataset/consumergroup/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/kafka/0.1.0/dataset/consumergroup/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/kafka/0.1.0/dataset/log/fields/base-fields.yml b/packages/kafka/0.1.0/dataset/log/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/kafka/0.1.0/dataset/log/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/kafka/0.1.0/dataset/partition/fields/base-fields.yml b/packages/kafka/0.1.0/dataset/partition/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/kafka/0.1.0/dataset/partition/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.0/dataset/error/fields/base-fields.yml b/packages/mysql/0.1.0/dataset/error/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.0/dataset/error/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.0/dataset/galera_status/fields/base-fields.yml b/packages/mysql/0.1.0/dataset/galera_status/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.0/dataset/galera_status/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.0/dataset/slowlog/fields/base-fields.yml b/packages/mysql/0.1.0/dataset/slowlog/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.0/dataset/slowlog/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.0/dataset/status/fields/base-fields.yml b/packages/mysql/0.1.0/dataset/status/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.0/dataset/status/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.1/dataset/error/fields/base-fields.yml b/packages/mysql/0.1.1/dataset/error/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.1/dataset/error/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.1/dataset/galera_status/fields/base-fields.yml b/packages/mysql/0.1.1/dataset/galera_status/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.1/dataset/galera_status/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.1/dataset/slowlog/fields/base-fields.yml b/packages/mysql/0.1.1/dataset/slowlog/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.1/dataset/slowlog/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.1/dataset/status/fields/base-fields.yml b/packages/mysql/0.1.1/dataset/status/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.1/dataset/status/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.2/dataset/error/fields/base-fields.yml b/packages/mysql/0.1.2/dataset/error/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.2/dataset/error/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.2/dataset/galera_status/fields/base-fields.yml b/packages/mysql/0.1.2/dataset/galera_status/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.2/dataset/galera_status/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.2/dataset/slowlog/fields/base-fields.yml b/packages/mysql/0.1.2/dataset/slowlog/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.2/dataset/slowlog/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/mysql/0.1.2/dataset/status/fields/base-fields.yml b/packages/mysql/0.1.2/dataset/status/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/mysql/0.1.2/dataset/status/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/netflow/0.1.0/dataset/log/fields/base-fields.yml b/packages/netflow/0.1.0/dataset/log/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/netflow/0.1.0/dataset/log/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.0/dataset/access/fields/base-fields.yml b/packages/nginx/0.1.0/dataset/access/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.0/dataset/access/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.0/dataset/error/fields/base-fields.yml b/packages/nginx/0.1.0/dataset/error/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.0/dataset/error/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.0/dataset/ingress_controller/fields/base-fields.yml b/packages/nginx/0.1.0/dataset/ingress_controller/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.0/dataset/ingress_controller/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.0/dataset/stubstatus/fields/base-fields.yml b/packages/nginx/0.1.0/dataset/stubstatus/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.0/dataset/stubstatus/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.1/dataset/access/fields/base-fields.yml b/packages/nginx/0.1.1/dataset/access/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.1/dataset/access/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.1/dataset/error/fields/base-fields.yml b/packages/nginx/0.1.1/dataset/error/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.1/dataset/error/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.1/dataset/ingress_controller/fields/base-fields.yml b/packages/nginx/0.1.1/dataset/ingress_controller/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.1/dataset/ingress_controller/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.1/dataset/stubstatus/fields/base-fields.yml b/packages/nginx/0.1.1/dataset/stubstatus/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.1/dataset/stubstatus/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.2/dataset/access/fields/base-fields.yml b/packages/nginx/0.1.2/dataset/access/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.2/dataset/access/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.2/dataset/error/fields/base-fields.yml b/packages/nginx/0.1.2/dataset/error/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.2/dataset/error/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.2/dataset/ingress_controller/fields/base-fields.yml b/packages/nginx/0.1.2/dataset/ingress_controller/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.2/dataset/ingress_controller/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/nginx/0.1.2/dataset/stubstatus/fields/base-fields.yml b/packages/nginx/0.1.2/dataset/stubstatus/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/nginx/0.1.2/dataset/stubstatus/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.0/dataset/info/fields/base-fields.yml b/packages/redis/0.1.0/dataset/info/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.0/dataset/info/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.0/dataset/key/fields/base-fields.yml b/packages/redis/0.1.0/dataset/key/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.0/dataset/key/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.0/dataset/keyspace/fields/base-fields.yml b/packages/redis/0.1.0/dataset/keyspace/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.0/dataset/keyspace/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.0/dataset/log/fields/base-fields.yml b/packages/redis/0.1.0/dataset/log/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.0/dataset/log/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.0/dataset/slowlog/fields/base-fields.yml b/packages/redis/0.1.0/dataset/slowlog/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.0/dataset/slowlog/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.1/dataset/info/fields/base-fields.yml b/packages/redis/0.1.1/dataset/info/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.1/dataset/info/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.1/dataset/key/fields/base-fields.yml b/packages/redis/0.1.1/dataset/key/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.1/dataset/key/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.1/dataset/keyspace/fields/base-fields.yml b/packages/redis/0.1.1/dataset/keyspace/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.1/dataset/keyspace/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.1/dataset/log/fields/base-fields.yml b/packages/redis/0.1.1/dataset/log/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.1/dataset/log/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.1/dataset/slowlog/fields/base-fields.yml b/packages/redis/0.1.1/dataset/slowlog/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.1/dataset/slowlog/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.2/dataset/info/fields/base-fields.yml b/packages/redis/0.1.2/dataset/info/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.2/dataset/info/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.2/dataset/key/fields/base-fields.yml b/packages/redis/0.1.2/dataset/key/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.2/dataset/key/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.2/dataset/keyspace/fields/base-fields.yml b/packages/redis/0.1.2/dataset/keyspace/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.2/dataset/keyspace/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.2/dataset/log/fields/base-fields.yml b/packages/redis/0.1.2/dataset/log/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.2/dataset/log/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/redis/0.1.2/dataset/slowlog/fields/base-fields.yml b/packages/redis/0.1.2/dataset/slowlog/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/redis/0.1.2/dataset/slowlog/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/auth/fields/base-fields.yml b/packages/system/0.1.0/dataset/auth/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/auth/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/core/fields/base-fields.yml b/packages/system/0.1.0/dataset/core/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/core/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/cpu/fields/base-fields.yml b/packages/system/0.1.0/dataset/cpu/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/cpu/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/diskio/fields/base-fields.yml b/packages/system/0.1.0/dataset/diskio/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/diskio/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/entropy/fields/base-fields.yml b/packages/system/0.1.0/dataset/entropy/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/entropy/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/filesystem/fields/base-fields.yml b/packages/system/0.1.0/dataset/filesystem/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/filesystem/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/fsstat/fields/base-fields.yml b/packages/system/0.1.0/dataset/fsstat/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/fsstat/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/load/fields/base-fields.yml b/packages/system/0.1.0/dataset/load/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/load/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/memory/fields/base-fields.yml b/packages/system/0.1.0/dataset/memory/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/memory/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/network/fields/base-fields.yml b/packages/system/0.1.0/dataset/network/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/network/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/network_summary/fields/base-fields.yml b/packages/system/0.1.0/dataset/network_summary/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/network_summary/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/process/fields/base-fields.yml b/packages/system/0.1.0/dataset/process/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/process/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/process_summary/fields/base-fields.yml b/packages/system/0.1.0/dataset/process_summary/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/process_summary/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/raid/fields/base-fields.yml b/packages/system/0.1.0/dataset/raid/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/raid/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/service/fields/base-fields.yml b/packages/system/0.1.0/dataset/service/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/service/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/socket/fields/base-fields.yml b/packages/system/0.1.0/dataset/socket/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/socket/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/socket_summary/fields/base-fields.yml b/packages/system/0.1.0/dataset/socket_summary/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/socket_summary/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/syslog/fields/base-fields.yml b/packages/system/0.1.0/dataset/syslog/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/syslog/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/uptime/fields/base-fields.yml b/packages/system/0.1.0/dataset/uptime/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/uptime/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.
diff --git a/packages/system/0.1.0/dataset/users/fields/base-fields.yml b/packages/system/0.1.0/dataset/users/fields/base-fields.yml
new file mode 100644
index 0000000000..1fb7d7b3bf
--- /dev/null
+++ b/packages/system/0.1.0/dataset/users/fields/base-fields.yml
@@ -0,0 +1,16 @@
+- name: stream.type
+  type: constant_keyword
+  description: >
+    Stream type
+- name: stream.dataset
+  type: constant_keyword
+  description: >
+    Stream dataset.
+- name: stream.namespace
+  type: constant_keyword
+  description: >
+    Stream namespace.
+- name: "@timestamp"
+  type: date
+  description: >
+    Event timestamp.