docs/reference/winlogbeat/exported-fields-eventlog.md
% This file is generated! See dev-tools/mage/generate_fields_docs.go
Field aliases based on Winlogbeat 6.x that point to the fields for this version of Winlogbeat. These are added to the index template when migration.6_to_7.enable: true is set in the configuration.
activity_id
: type: alias
alias to: winlog.activity_id
computer_name
: type: alias
alias to: winlog.computer_name
event_id
: type: alias
alias to: winlog.event_id
keywords
: type: alias
alias to: winlog.keywords
log_name
: type: alias
alias to: winlog.channel
message_error
: type: alias
alias to: error.message
record_number
: type: alias
alias to: winlog.record_id
related_activity_id
: type: alias
alias to: winlog.related_activity_id
opcode
: type: alias
alias to: winlog.opcode
provider_guid
: type: alias
alias to: winlog.provider_guid
process_id
: type: alias
alias to: winlog.process.pid
source_name
: type: alias
alias to: winlog.provider_name
task
: type: alias
alias to: winlog.task
thread_id
: type: alias
alias to: winlog.process.thread.id
user.identifier
: type: alias
alias to: winlog.user.identifier
user.type
: type: alias
alias to: winlog.user.type
version
: type: alias
alias to: winlog.version
xml
: type: alias
alias to: event.original