elastic
diff --git a/‎CHANGELOG.next.asciidoc‎
Lines changed: 1 addition & 0 deletions b/‎CHANGELOG.next.asciidoc‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎auditbeat/include/fields.go‎
Lines changed: 1 addition & 1 deletion b/‎auditbeat/include/fields.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎filebeat/include/fields.go‎
Lines changed: 1 addition & 1 deletion b/‎filebeat/include/fields.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎filebeat/module/pensando/dfw/_meta/fields.yml‎
Lines changed: 0 additions & 1 deletion b/‎filebeat/module/pensando/dfw/_meta/fields.yml‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎filebeat/module/pensando/fields.go‎
Lines changed: 1 addition & 1 deletion b/‎filebeat/module/pensando/fields.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎heartbeat/_meta/fields.common.yml‎
Lines changed: 0 additions & 1 deletion b/‎heartbeat/_meta/fields.common.yml‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎heartbeat/include/fields.go‎
Lines changed: 1 addition & 1 deletion b/‎heartbeat/include/fields.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎journalbeat/include/fields.go‎
Lines changed: 1 addition & 1 deletion b/‎journalbeat/include/fields.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎libbeat/autodiscover/providers/jolokia/_meta/fields.yml‎
Lines changed: 7 additions & 0 deletions b/‎libbeat/autodiscover/providers/jolokia/_meta/fields.yml‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎libbeat/processors/add_cloud_metadata/_meta/fields.yml‎
Lines changed: 8 additions & 0 deletions b/‎libbeat/processors/add_cloud_metadata/_meta/fields.yml‎
Lines changed: 8 additions & 0 deletions
@@ -26,6 +26,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
 - Remove `auto` from the available options of `setup.ilm.enabled` and set the default value to `true`. {pull}28671[28671]
 - add_process_metadata processor: Replace usage of deprecated `process.ppid` field with `process.parent.pid`. {pull}28620[28620]
 - add_docker_metadata processor: Replace usage of deprecated `process.ppid` field with `process.parent.pid`. {pull}28620[28620]
+- Index template's default_fields setting is only populated with ECS fields. {pull}28596[28596] {issue}28215[28215]
 
 *Auditbeat*
 
 
@@ -1,7 +1,6 @@
 - name: dfw 
   type: group
   release: beta
-  default_field: false
   description: >
    Fields for Pensando DFW
   fields:
 
@@ -478,7 +478,6 @@
               ignore_above: 1024
               description: Version of x509 format.
               example: 3
-              default_field: false
 
 - key: icmp
   title: "ICMP"
 
@@ -4,30 +4,37 @@
     Metadata from Jolokia Discovery added by the jolokia provider.
   fields:
     - name: jolokia.agent.version
+      default_field: true
       type: keyword
       description: >
         Version number of jolokia agent.
     - name: jolokia.agent.id
+      default_field: true
       type: keyword
       description: >
         Each agent has a unique id which can be either provided during startup of the agent in form of a configuration parameter or being autodetected. If autodected, the id has several parts: The IP, the process id, hashcode of the agent and its type.
     - name: jolokia.server.product
+      default_field: true
       type: keyword
       description: >
         The container product if detected.
     - name: jolokia.server.version
+      default_field: true
       type: keyword
       description: >
         The container's version (if detected).
     - name: jolokia.server.vendor
+      default_field: true
       type: keyword
       description: >
         The vendor of the container the agent is running in.
     - name: jolokia.url
+      default_field: true
       type: keyword
       description: >
         The URL how this agent can be contacted.
     - name: jolokia.secured
+      default_field: true
       type: boolean
       description: >
         Whether the agent was configured for authentication or not.
@@ -5,42 +5,50 @@
   fields:
 
     - name: cloud.image.id
+      default_field: true
       example: ami-abcd1234
       description: >
         Image ID for the cloud instance.
 
     # Alias for old fields
     - name: meta.cloud.provider
+      default_field: true
       type: alias
       path: cloud.provider
       migration: true
 
     - name: meta.cloud.instance_id
+      default_field: true
       type: alias
       path: cloud.instance.id
       migration: true
 
     - name: meta.cloud.instance_name
+      default_field: true
       type: alias
       path: cloud.instance.name
       migration: true
 
     - name: meta.cloud.machine_type
+      default_field: true
       type: alias
       path: cloud.machine.type
       migration: true
 
     - name: meta.cloud.availability_zone
+      default_field: true
       type: alias
       path: cloud.availability_zone
       migration: true
 
     - name: meta.cloud.project_id
+      default_field: true
       type: alias
       path: cloud.project.id
       migration: true
 
     - name: meta.cloud.region
+      default_field: true
       type: alias
       path: cloud.region
       migration: true