--- name: actions fields: base: fields: "@timestamp": {} action_id: {} agents: {} data: fields: "*" expiration: {} input_type: {} type: {} user_id: {} EndpointActions: fields: action_id: {} expiration: {} input_type: {} data: fields: "*" type: {} agent: fields: id: {} policy: fields: elasticAgentId: {} integrationPolicyId: {} agentPolicyId: {} space: fields: originSpaceId: {} rule: fields: id: {} name: {} error: fields: code: {} id: {} message: {} stack_trace: {} type: {} data_stream: fields: "*" ecs: fields: version: {} event: fields: action: {} category: {} created: {} end: {} hash: {} id: {} ingested: {} outcome: {} start: {} type: {} user: fields: id: {}