docs: set up shared content (#40)

Co-authored-by: Felix Barnsteiner <[email protected]>

Author: bmorelli25

docs/index.asciidoc

@@ -3,12 +3,11 @@ include::{asciidoc-dir}/../../shared/attributes.asciidoc[]
 
 ifdef::env-github[]
 NOTE: For the best reading experience,
-please view this documentation at https://www.elastic.co/guide/en/ecs-logging/java/current/index.html[elastic.co]
+please view this documentation at https://www.elastic.co/guide/en/ecs-logging/current/index.html[elastic.co]
 endif::[]
 
 = ECS Logging Reference
 
 ifndef::env-github[]
 include::./intro.asciidoc[Introduction]
-include::./setup.asciidoc[Set up]
 endif::[]

docs/intro.asciidoc

@@ -24,6 +24,19 @@ They make it easy to format your logs into ECS-compatible JSON. For example:
 {"@timestamp":"2019-08-06T14:08:40.199Z", "log.level":"DEBUG", "message":"init find form", "service.name":"spring-petclinic","process.thread.name":"http-nio-8080-exec-8","log.logger":"org.springframework.samples.petclinic.owner.OwnerController","transaction.id":"28b7fb8d5aba51f1","trace.id":"2869b25b5469590610fea49ac04af7da"}
 ----
 
+// To do: Update these links to be documentation links
+[float]
+=== Get started
+
+Refer to the installation instructions of the individual loggers for
+https://github.com/elastic/ecs-dotnet#logging[.NET],
+Go (https://github.com/elastic/ecs-logging-go-zap[zap]),
+https://www.elastic.co/guide/en/ecs-logging/java/current/setup.html[Java],
+https://github.com/elastic/ecs-logging-js[JavaScript],
+https://github.com/elastic/ecs-logging-php[PHP],
+https://github.com/elastic/ecs-logging-python[Python],
+and https://github.com/elastic/ecs-logging-ruby[Ruby].
+
 [float]
 === Why ECS logging?
 
@@ -58,18 +71,6 @@ showing only the logs which belong to the corresponding request.
 Vice versa, you can also jump from a log line in the Logs UI to the Span Timeline of the APM UI.
 --
 
-*Broad support for languages and loggers*::
-+
---
-We have loggers for https://github.com/elastic/ecs-dotnet[.NET],
-Go (https://github.com/elastic/ecs-logging-go-zap[zap]),
-https://www.elastic.co/guide/en/ecs-logging/java/current/intro.html[Java],
-https://github.com/elastic/ecs-logging-js[JavaScript],
-https://github.com/elastic/ecs-logging-php[PHP],
-https://github.com/elastic/ecs-logging-python[Python],
-and https://github.com/elastic/ecs-logging-ruby[Ruby].
---
-
 [float]
 ==== Additional advantages when using in combination with Filebeat
 
@@ -106,3 +107,100 @@ This is much more efficient than using daily indices.
 --
 Leverage Filebeat's default ECS-compatible {filebeat-ref}/configuration-template.html[index template].
 --
+
+[float]
+=== Field mapping
+
+[float]
+==== Default fields
+
+These fields are populated by the ECS loggers by default.
+Some of them, such as the `log.origin.*` fields, may have to be explicitly enabled.
+Others, such as `process.thread.name`, are not applicable to all languages.
+Refer to the documentation of the individual loggers for more information.
+
+|===
+|ECS field | Description | Example
+
+|{ecs-ref}/ecs-base.html[`@timestamp`]
+|The timestamp of the log event.
+|`"2019-08-06T12:09:12.375Z"`
+
+|{ecs-ref}/ecs-log.html[`log.level`]
+|The level or severity of the log event.
+|`"INFO"`
+
+|{ecs-ref}/ecs-log.html[`log.logger`]
+|The name of the logger inside an application.
+|`"org.example.MyClass"`
+
+|{ecs-ref}/ecs-log.html[`log.origin.file.name`]
+|The name of the file containing the source code which originated the log event.
+|`"App.java"`
+
+|{ecs-ref}/ecs-log.html[`log.origin.file.line`]
+|The line number of the file containing the source code which originated the log event.
+|`42`
+
+|{ecs-ref}/ecs-log.html[`log.origin.function`]
+|The name of the function or method which originated the log event.
+|`"methodName"`
+
+|{ecs-ref}/ecs-base.html[`message`]
+|The log message.
+|`"Hello World!"`
+
+|{ecs-ref}/ecs-error.html[`error.type`]
+|Only present for logs that contain an exception or error.
+ The type or class of the error if this log event contains an exception.
+|`"java.lang.NullPointerException"`
+
+|{ecs-ref}/ecs-error.html[`error.message`]
+|Only present for logs that contain an exception or error.
+ The message of the exception or error.
+|`"The argument cannot be null"`
+
+|{ecs-ref}/ecs-error.html[`error.stack_trace`]
+|Only present for logs that contain an exception or error.
+ The full stack trace of the exception or error as a raw string.
+|`"Exception in thread "main" java.lang.NullPointerException\n\tat org.example.App.methodName(App.java:42)"`
+
+|{ecs-ref}/ecs-process.html[`process.thread.name`]
+|The name of the thread the event has been logged from.
+|`"main"`
+
+|===
+
+
+[float]
+==== Configurable fields
+
+Refer to the documentation of the individual loggers on how to set these fields.
+
+|===
+|ECS field | Description | Example
+
+|{ecs-ref}/ecs-service.html[`service.name`]
+| Helps to filer the logs by service.
+|`"my-service"`
+
+|{ecs-ref}/ecs-event.html[`event.dataset`]
+| Enables the {observability-guide}/inspect-log-anomalies.html[log rate anomaly detection].
+|`"my-service.log"`
+
+|===
+
+
+[float]
+==== Custom fields
+
+Most loggers allow you to add additional custom fields.
+This includes both, static and dynamic ones.
+Examples for dynamic fields are logging structured objects,
+or fields from a thread local context, such as `MDC` or `ThreadContext`.
+
+When adding custom fields, we recommend using existing {ecs-ref}/ecs-field-reference.html[ECS fields] for these custom values.
+If there is no appropriate ECS field,
+consider prefixing your fields with `labels.`, as in `labels.foo`, for simple key/value pairs.
+For nested structures, consider prefixing with `custom.`.
+This approach protects against conflicts in case ECS later adds the same fields but with a different mapping.

docs/setup.asciidoc

@@ -1,32 +1,32 @@
-[[setup]]
-== Get Started
+////
+  This page serves at a template for setup.asciidoc.
+  This content is shared across all ECS Logging plugins.
+  Changes made here must be relevant to all plugin languages.
+  Include this file with the following lines:
+  :ecs-repo-dir:  {ecs-logging-root}/docs/
+  include::{ecs-repo-dir}/setup.asciidoc[tag=<tag-name>]
+  Need to change heading levels? Use `leveloffset`
+////
 
-include::./tab-widgets/code.asciidoc[]
+// [float]
+// [[setup-step-1]]
+// === Step 1: Configure application logging
 
-[float]
-[[setup-step-1]]
-=== Step 1: Configure application logging
+// Unique to each agent
 
-Refer to the installation instructions of the individual loggers for
-https://github.com/elastic/ecs-dotnet#logging[.NET],
-Go (https://github.com/elastic/ecs-logging-go-zap[zap]),
-https://www.elastic.co/guide/en/ecs-logging/java/current/setup.html[Java],
-https://github.com/elastic/ecs-logging-js[JavaScript],
-https://github.com/elastic/ecs-logging-php[PHP],
-https://github.com/elastic/ecs-logging-python[Python],
-and https://github.com/elastic/ecs-logging-ruby[Ruby].
+// [float]
+// [[setup-step-2]]
+// === Step 2: Enable APM log correlation (optional)
 
-[float]
-[[setup-step-2]]
-=== Step 2: Enable APM log correlation (optional)
-If you are using an Elastic APM agent,
-enable {apm-get-started-ref}/observability-integrations.html#apm-logging-integration[log correlation].
+// Unique to each agent
 
-[float]
-[[setup-step-3]]
-=== Step 3: Configure Filebeat
+// [float]
+// [[setup-step-3]]
+// === Step 3: Configure Filebeat
 
+// tag::configure-filebeat[]
+include::./tab-widgets/code.asciidoc[]
 include::./tab-widgets/filebeat-widget.asciidoc[]
 
-For more information, check the {filebeat-ref}/configuring-howto-filebeat.html[Filebeat documentation].
-
+For more information, see the {filebeat-ref}/configuring-howto-filebeat.html[Filebeat reference].
+// end::configure-filebeat[]

docs/tab-widgets/filebeat-widget.asciidoc

@@ -1,5 +1,5 @@
 ++++
-<div class="tabs" data-tab-group="os">
+<div class="tabs" data-tab-group="fb">
   <div role="tablist" aria-label="filebeat">
     <button role="tab"
             aria-selected="true"