IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« vSphere fields ZooKeeper fields »
Elastic Docs Metricbeat Reference [6.3] Exported fields

Windows fields

edit
IMPORTANT: This documentation is no longer updated. Refer to Elastic's version policy and the latest documentation.

Windows fields

edit

[beta] This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. Module for Windows

windows fields

edit

service fields

edit

service contains the status for Windows services.

windows.service.id

type: keyword

example: hW3NJFc1Ap

A unique ID for the service. It is a hash of the machine’s GUID and the service name.

windows.service.name

type: keyword

example: Wecsvc

The service name.

windows.service.display_name

type: keyword

example: Windows Event Collector

The display name of the service.

windows.service.start_type

type: keyword

The startup type of the service. The possible values are Automatic, Boot, Disabled, Manual, and System.

windows.service.state

type: keyword

The actual state of the service. The possible values are Continuing, Pausing, Paused, Running, Starting, Stopping, and Stopped.

windows.service.exit_code

type: keyword

For Stopped services this is the error code that service reports when starting to stopping. This will be the generic Windows service error code unless the service provides a service-specific error code.

windows.service.pid

type: long

example: 1092

For Running services this is the associated process PID.

windows.service.uptime.ms

type: long

format: duration

The service’s uptime specified in milliseconds.

« vSphere fields ZooKeeper fields »