Merge pull request #7118 from Security-Onion-Solutions/fix/dtc_file_mappings

Fix/dtc file mappings

salt/elasticsearch/templates/index/so/so-aws-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-azure-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-beats-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-cef-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja

@@ -59,6 +59,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja

@@ -56,9 +56,10 @@
           "ecs-mappings",
           "dtc-ecs-mappings",
           "endgame-mappings",
-	  "error-mappings",
+          "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-f5-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-flow-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-ids-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-import-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-misp-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-o365-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-okta-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-radware-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-redis-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-snort-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja

@@ -58,6 +58,7 @@ i%- set INDEX_SORTING = salt['pillar.get']('elasticsearch:index_sorting', False)
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-squid-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja

@@ -58,7 +58,9 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
+          "so-file-mappings",
           "group-mappings",
           "host-mappings",
           "dtc-host-mappings",

salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",

salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja

@@ -58,6 +58,7 @@
           "error-mappings",
           "event-mappings",
           "dtc-event-mappings",
+          "file-mappings",
           "dtc-file-mappings",
           "group-mappings",
           "host-mappings",