Schema

Schema is an enumerated list of schema used for a parser. It cannot be given with a yaml schema.

Table: Schema

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Oct 6, 2025
ECS_EXTENDED   PreviewThe schema type is Elastic Common Schema extended.
ORIGINAL_CPS   PreviewIndicates Crowdstrike Parsing Standard is used.