Skip to content

[RFC 0052] Stage 2: Update additional GenAI fields #2532

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

[RFC 0052] Stage 2: Update additional GenAI fields #2532

wants to merge 3 commits into from

Conversation

susan-shu-c
Copy link
Member

@susan-shu-c susan-shu-c commented Sep 18, 2025
edited
Loading

Looking for feedback

For most of the fields, they are lists of .json objects, or .json objects. For fields whose content could be very long (input.messages, output.messages), I have proposed that they are the flattened type due to costs.

via docs for nested type:

When ingesting key-value pairs with a large, arbitrary set of keys, you might consider modeling each key-value pair as its own nested document with key and value fields. Instead, consider using the flattened data type, which maps an entire object as a single field and allows for simple searches over its contents. Nested documents and queries are typically expensive, so using the flattened data type for this use case is a better option.

Though as I am not a subject matter expert on the field types and efficiency, looking for additional feedback or comments.

1. What does this PR do?

2. Which ECS fields are affected/introduced?

Field Type Description /Usage
gen_ai.system_instructions (Looking for feedback) flattened The system message or instructions provided to the GenAI model separately from the chat history.
gen_ai.input.messages (Looking for feedback) flattened The chat history provided to the model as an input.
gen_ai.output.messages (Looking for feedback) flattened Messages returned by the model where each message represents a specific model response (choice, candidate).
gen_ai.tool.definitions (Looking for feedback) nested (Part of invoke_agent span) The list of source system tool definitions available to the GenAI agent or model.
gen_ai.tool.call.arguments (Looking for feedback) nested (Part of OTel execute_tool span) Parameters passed to the tool call.
gen_ai.tool.call.result (Looking for feedback) flattened (Part of OTel execute_tool span) The result returned by the tool call (if any and if execution was successful).

Changes based on OTel https://github.com/open-telemetry/semantic-conventions/pull/2179/files

3. Why is this change necessary?

4. Have you added/updated documentation?

YES / NO / N/A

5. Have you built ECS and committed any newly generated files?

YES / NO

6. Have you run the ECS validation tests locally?

YES / NO

7. Anything else for the reviewers?

Commit Message

@github-actions GitHub Actions
Copy link

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

@github-actions GitHub Actions
Copy link

Documentation changes preview: https://docs-v3-preview.elastic.dev/elastic/ecs/pull/2532/reference/

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 18, 2025
edited
Loading

🔍 Preview links for changed docs

@susan-shu-c susan-shu-c marked this pull request as ready for review September 18, 2025 18:55
@susan-shu-c susan-shu-c requested a review from a team as a code owner September 18, 2025 18:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@susan-shu-c