{ "$schema": "http://json-schema.org/draft-07/schema#", "$id": "https://opensearch.org/schema/observability/Logs", "title": "OpenTelemetry Logs", "type": "object", "properties": { "severity": { "$ref": "#/definitions/Severity" }, "resource": { "type": "object" }, "attributes": { "$ref": "#/definitions/Attributes" }, "body": { "type": "string" }, "@timestamp": { "type": "string", "format": "date-time" }, "observedTimestamp": { "type": "string", "format": "date-time" }, "traceId": { "$ref": "https://opensearch.org/schemas/observability/Span#/properties/traceId" }, "spanId": { "$ref": "https://opensearch.org/schemas/observability/Span#/properties/spanId" }, "schemaUrl": { "type": "string" }, "instrumentationScope": { "$ref": "#/definitions/InstrumentationScope" }, "event": { "$ref": "#/definitions/Event" } }, "required": [ "body", "@timestamp" ], "definitions": { "InstrumentationScope": { "$id": "#/definitions/InstrumentationScope", "type": "object", "additionalProperties": true, "properties": { "name": { "type": "string" }, "version": { "type": "string" }, "schemaUrl": { "type": "string" } }, "title": "InstrumentationScope" }, "Severity": { "$id": "#/definitions/Severity", "type": "object", "additionalProperties": true, "properties": { "text": { "type": "string", "enum": [ "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "FATAL" ] }, "number": { "type": "integer" } }, "title": "Severity" }, "Attributes": { "$id": "#/definitions/Attributes", "type": "object", "additionalProperties": true, "properties": { "data_stream": { "$ref": "#/definitions/Dataflow" } }, "title": "Attributes" }, "Dataflow": { "$id": "#/definitions/Dataflow", "type": "object", "additionalProperties": true, "properties": { "type": { "type": "string" }, "namespace": { "type": "string" }, "dataset": { "type": "string" } }, "title": "Dataflow" }, "Exception": { "$id": "#/definitions/Exception", "type": "object", "additionalProperties": true, "properties": { "message": { "type": "string" }, "stacktrace": { "type": "string" }, "type": { "type": "string" } }, "title": "Exception" }, "Event": { "$id": "#/definitions/Event", "type": "object", "additionalProperties": true, "properties": { "category": { "type": "string", "enum": [ "authentication", "configuration", "database", "driver", "email", "file", "host", "iam", "intrusion_detection", "malware", "network", "package", "process", "registry", "session", "threat", "vulnerability", "web" ] }, "kind": { "type": "string", "enum": [ "alert", "enrichment", "event", "metric", "state", "error", "signal" ] }, "type": { "type": "string", "enum": [ "access", "admin", "allowed", "change", "connection", "creation", "deletion", "denied", "end", "error", "group", "indicator", "info", "installation", "protocol", "start", "user" ] }, "domain": { "type": "string" }, "name": { "type": "string" }, "source": { "type": "string" }, "result": { "type": "string", "enum": [ "failure", "success", "pending", "undetermined" ] }, "exception": { "$ref": "#/definitions/Exception" } }, "title": "Event" } } }