Elasticsearch Output Format Question

[zimage]

Elasticseach has defined what they call their Elastic Common Schema, or ECS, that they recommend developers use when they import data into an Elasticsearch database. They have an ECS for DNS queries and answers. I was wondering if go-dnscollector puts the data into ECS format when exporting it to Elasticsearch. I browsed the code quickly but couldn't find an obvious answer.

[dmachard]

The JSON model of the DNS-collector is described here. It's a generic model with more metadata than the ECS model.

We can add the ECS format directly in the Elastic Logger and a new export mode

elasticsearch:
  mode: ecs

Can you open a feature request ? And Feel free to submit a pull request :)