diff --git a/salt/elasticsearch/templates/component/so/dtc-agent-mappings.json b/salt/elasticsearch/templates/component/so/dtc-agent-mappings.json new file mode 100644 index 000000000..def10f36f --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-agent-mappings.json @@ -0,0 +1,49 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-agent.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "agent": { + "properties": { + "build": { + "properties": { + "original": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ephemeral_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-file-mappings.json b/salt/elasticsearch/templates/component/so/dtc-file-mappings.json new file mode 100644 index 000000000..d0ed3b51a --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-file-mappings.json @@ -0,0 +1,434 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-file.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "file": { + "properties": { + "accessed": { + "type": "date" + }, + "attributes": { + "ignore_above": 1024, + "type": "keyword" + }, + "code_signature": { + "properties": { + "digest_algorithm": { + "ignore_above": 1024, + "type": "keyword" + }, + "exists": { + "type": "boolean" + }, + "signing_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "status": { + "ignore_above": 1024, + "type": "keyword" + }, + "subject_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "team_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "timestamp": { + "type": "date" + }, + "trusted": { + "type": "boolean" + }, + "valid": { + "type": "boolean" + } + } + }, + "created": { + "type": "date" + }, + "ctime": { + "type": "date" + }, + "device": { + "ignore_above": 1024, + "type": "keyword" + }, + "directory": { + "ignore_above": 1024, + "type": "keyword" + }, + "drive_letter": { + "ignore_above": 1, + "type": "keyword" + }, + "elf": { + "properties": { + "architecture": { + "ignore_above": 1024, + "type": "keyword" + }, + "byte_order": { + "ignore_above": 1024, + "type": "keyword" + }, + "cpu_type": { + "ignore_above": 1024, + "type": "keyword" + }, + "creation_date": { + "type": "date" + }, + "exports": { + "type": "flattened" + }, + "header": { + "properties": { + "abi_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "class": { + "ignore_above": 1024, + "type": "keyword" + }, + "data": { + "ignore_above": 1024, + "type": "keyword" + }, + "entrypoint": { + "type": "long" + }, + "object_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "os_abi": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "imports": { + "type": "flattened" + }, + "sections": { + "properties": { + "chi2": { + "type": "long" + }, + "entropy": { + "type": "long" + }, + "flags": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "physical_offset": { + "ignore_above": 1024, + "type": "keyword" + }, + "physical_size": { + "type": "long" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "virtual_address": { + "type": "long" + }, + "virtual_size": { + "type": "long" + } + }, + "type": "nested" + }, + "segments": { + "properties": { + "sections": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + } + }, + "type": "nested" + }, + "shared_libraries": { + "ignore_above": 1024, + "type": "keyword" + }, + "telfhash": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "extension": { + "ignore_above": 1024, + "type": "keyword" + }, + "fork_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "gid": { + "ignore_above": 1024, + "type": "keyword" + }, + "group": { + "ignore_above": 1024, + "type": "keyword" + }, + "hash": { + "properties": { + "md5": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha1": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha256": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha512": { + "ignore_above": 1024, + "type": "keyword" + }, + "ssdeep": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "inode": { + "ignore_above": 1024, + "type": "keyword" + }, + "mime_type": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "mode": { + "ignore_above": 1024, + "type": "keyword" + }, + "mtime": { + "type": "date" + }, + "name": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "owner": { + "ignore_above": 1024, + "type": "keyword" + }, + "path": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "pe": { + "properties": { + "architecture": { + "ignore_above": 1024, + "type": "keyword" + }, + "company": { + "ignore_above": 1024, + "type": "keyword" + }, + "description": { + "ignore_above": 1024, + "type": "keyword" + }, + "file_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "imphash": { + "ignore_above": 1024, + "type": "keyword" + }, + "original_file_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "product": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "size": { + "type": "long" + }, + "target_path": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "uid": { + "ignore_above": 1024, + "type": "keyword" + }, + "x509": { + "properties": { + "alternative_names": { + "ignore_above": 1024, + "type": "keyword" + }, + "issuer": { + "properties": { + "common_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "country": { + "ignore_above": 1024, + "type": "keyword" + }, + "distinguished_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "locality": { + "ignore_above": 1024, + "type": "keyword" + }, + "organization": { + "ignore_above": 1024, + "type": "keyword" + }, + "organizational_unit": { + "ignore_above": 1024, + "type": "keyword" + }, + "state_or_province": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "not_after": { + "type": "date" + }, + "not_before": { + "type": "date" + }, + "public_key_algorithm": { + "ignore_above": 1024, + "type": "keyword" + }, + "public_key_curve": { + "ignore_above": 1024, + "type": "keyword" + }, + "public_key_exponent": { + "doc_values": false, + "index": false, + "type": "long" + }, + "public_key_size": { + "type": "long" + }, + "serial_number": { + "ignore_above": 1024, + "type": "keyword" + }, + "signature_algorithm": { + "ignore_above": 1024, + "type": "keyword" + }, + "subject": { + "properties": { + "common_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "country": { + "ignore_above": 1024, + "type": "keyword" + }, + "distinguished_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "locality": { + "ignore_above": 1024, + "type": "keyword" + }, + "organization": { + "ignore_above": 1024, + "type": "keyword" + }, + "organizational_unit": { + "ignore_above": 1024, + "type": "keyword" + }, + "state_or_province": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "version_number": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-host-mappings.json b/salt/elasticsearch/templates/component/so/dtc-host-mappings.json new file mode 100644 index 000000000..b0529ac41 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-host-mappings.json @@ -0,0 +1,252 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-host.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "host": { + "properties": { + "architecture": { + "ignore_above": 1024, + "type": "keyword" + }, + "cpu": { + "properties": { + "usage": { + "scaling_factor": 1000, + "type": "scaled_float" + } + } + }, + "disk": { + "properties": { + "read": { + "properties": { + "bytes": { + "type": "long" + } + } + }, + "write": { + "properties": { + "bytes": { + "type": "long" + } + } + } + } + }, + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "geo": { + "properties": { + "city_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "continent_code": { + "ignore_above": 1024, + "type": "keyword" + }, + "continent_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "country_iso_code": { + "ignore_above": 1024, + "type": "keyword" + }, + "country_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "location": { + "type": "geo_point" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "postal_code": { + "ignore_above": 1024, + "type": "keyword" + }, + "region_iso_code": { + "ignore_above": 1024, + "type": "keyword" + }, + "region_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "ip": { + "type": "ip" + }, + "mac": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "network": { + "properties": { + "egress": { + "properties": { + "bytes": { + "type": "long" + }, + "packets": { + "type": "long" + } + } + }, + "ingress": { + "properties": { + "bytes": { + "type": "long" + }, + "packets": { + "type": "long" + } + } + } + } + }, + "os": { + "properties": { + "family": { + "ignore_above": 1024, + "type": "keyword" + }, + "full": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "kernel": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "platform": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "uptime": { + "type": "long" + }, + "user": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "email": { + "ignore_above": 1024, + "type": "keyword" + }, + "full_name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "group": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "hash": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "roles": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-process-mappings.json b/salt/elasticsearch/templates/component/so/dtc-process-mappings.json new file mode 100644 index 000000000..0b852e880 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-process-mappings.json @@ -0,0 +1,615 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-process.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "process": { + "properties": { + "args": { + "ignore_above": 1024, + "type": "keyword" + }, + "args_count": { + "type": "long" + }, + "code_signature": { + "properties": { + "digest_algorithm": { + "ignore_above": 1024, + "type": "keyword" + }, + "exists": { + "type": "boolean" + }, + "signing_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "status": { + "ignore_above": 1024, + "type": "keyword" + }, + "subject_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "team_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "timestamp": { + "type": "date" + }, + "trusted": { + "type": "boolean" + }, + "valid": { + "type": "boolean" + } + } + }, + "command_line": { + "fields": { + "text": { + "type": "match_only_text" + }, + "keyword": { + "type": "keyword" + } + }, + "type": "wildcard" + }, + "elf": { + "properties": { + "architecture": { + "ignore_above": 1024, + "type": "keyword" + }, + "byte_order": { + "ignore_above": 1024, + "type": "keyword" + }, + "cpu_type": { + "ignore_above": 1024, + "type": "keyword" + }, + "creation_date": { + "type": "date" + }, + "exports": { + "type": "flattened" + }, + "header": { + "properties": { + "abi_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "class": { + "ignore_above": 1024, + "type": "keyword" + }, + "data": { + "ignore_above": 1024, + "type": "keyword" + }, + "entrypoint": { + "type": "long" + }, + "object_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "os_abi": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "imports": { + "type": "flattened" + }, + "sections": { + "properties": { + "chi2": { + "type": "long" + }, + "entropy": { + "type": "long" + }, + "flags": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "physical_offset": { + "ignore_above": 1024, + "type": "keyword" + }, + "physical_size": { + "type": "long" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "virtual_address": { + "type": "long" + }, + "virtual_size": { + "type": "long" + } + }, + "type": "nested" + }, + "segments": { + "properties": { + "sections": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + } + }, + "type": "nested" + }, + "shared_libraries": { + "ignore_above": 1024, + "type": "keyword" + }, + "telfhash": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "end": { + "type": "date" + }, + "entity_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "executable": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "exit_code": { + "type": "long" + }, + "hash": { + "properties": { + "md5": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha1": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha256": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha512": { + "ignore_above": 1024, + "type": "keyword" + }, + "ssdeep": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "parent": { + "properties": { + "args": { + "ignore_above": 1024, + "type": "keyword" + }, + "args_count": { + "type": "long" + }, + "code_signature": { + "properties": { + "digest_algorithm": { + "ignore_above": 1024, + "type": "keyword" + }, + "exists": { + "type": "boolean" + }, + "signing_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "status": { + "ignore_above": 1024, + "type": "keyword" + }, + "subject_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "team_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "timestamp": { + "type": "date" + }, + "trusted": { + "type": "boolean" + }, + "valid": { + "type": "boolean" + } + } + }, + "command_line": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "type": "wildcard" + }, + "elf": { + "properties": { + "architecture": { + "ignore_above": 1024, + "type": "keyword" + }, + "byte_order": { + "ignore_above": 1024, + "type": "keyword" + }, + "cpu_type": { + "ignore_above": 1024, + "type": "keyword" + }, + "creation_date": { + "type": "date" + }, + "exports": { + "type": "flattened" + }, + "header": { + "properties": { + "abi_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "class": { + "ignore_above": 1024, + "type": "keyword" + }, + "data": { + "ignore_above": 1024, + "type": "keyword" + }, + "entrypoint": { + "type": "long" + }, + "object_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "os_abi": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "imports": { + "type": "flattened" + }, + "sections": { + "properties": { + "chi2": { + "type": "long" + }, + "entropy": { + "type": "long" + }, + "flags": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "physical_offset": { + "ignore_above": 1024, + "type": "keyword" + }, + "physical_size": { + "type": "long" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "virtual_address": { + "type": "long" + }, + "virtual_size": { + "type": "long" + } + }, + "type": "nested" + }, + "segments": { + "properties": { + "sections": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + } + }, + "type": "nested" + }, + "shared_libraries": { + "ignore_above": 1024, + "type": "keyword" + }, + "telfhash": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "end": { + "type": "date" + }, + "entity_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "executable": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "exit_code": { + "type": "long" + }, + "hash": { + "properties": { + "md5": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha1": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha256": { + "ignore_above": 1024, + "type": "keyword" + }, + "sha512": { + "ignore_above": 1024, + "type": "keyword" + }, + "ssdeep": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "pe": { + "properties": { + "architecture": { + "ignore_above": 1024, + "type": "keyword" + }, + "company": { + "ignore_above": 1024, + "type": "keyword" + }, + "description": { + "ignore_above": 1024, + "type": "keyword" + }, + "file_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "imphash": { + "ignore_above": 1024, + "type": "keyword" + }, + "original_file_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "product": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "pgid": { + "type": "long" + }, + "pid": { + "type": "long" + }, + "ppid": { + "type": "long" + }, + "start": { + "type": "date" + }, + "thread": { + "properties": { + "id": { + "type": "long" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "title": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "uptime": { + "type": "long" + }, + "working_directory": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "pe": { + "properties": { + "architecture": { + "ignore_above": 1024, + "type": "keyword" + }, + "company": { + "ignore_above": 1024, + "type": "keyword" + }, + "description": { + "ignore_above": 1024, + "type": "keyword" + }, + "file_version": { + "ignore_above": 1024, + "type": "keyword" + }, + "imphash": { + "ignore_above": 1024, + "type": "keyword" + }, + "original_file_name": { + "ignore_above": 1024, + "type": "keyword" + }, + "product": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "pgid": { + "type": "long" + }, + "pid": { + "type": "long" + }, + "ppid": { + "type": "long" + }, + "start": { + "type": "date" + }, + "thread": { + "properties": { + "id": { + "type": "long" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "title": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "uptime": { + "type": "long" + }, + "working_directory": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-rule-mappings.json b/salt/elasticsearch/templates/component/so/dtc-rule-mappings.json new file mode 100644 index 000000000..02e25a09a --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-rule-mappings.json @@ -0,0 +1,66 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-rule.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "rule": { + "properties": { + "author": { + "ignore_above": 1024, + "type": "keyword" + }, + "category": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "description": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "license": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "reference": { + "ignore_above": 1024, + "type": "keyword" + }, + "ruleset": { + "ignore_above": 1024, + "type": "keyword" + }, + "uuid": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-user-mappings.json b/salt/elasticsearch/templates/component/so/dtc-user-mappings.json new file mode 100644 index 000000000..1ad4bac67 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-user-mappings.json @@ -0,0 +1,244 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-user.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "user": { + "properties": { + "changes": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "email": { + "ignore_above": 1024, + "type": "keyword" + }, + "full_name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "group": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "hash": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "roles": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "effective": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "email": { + "ignore_above": 1024, + "type": "keyword" + }, + "full_name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "group": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "hash": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "roles": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "email": { + "ignore_above": 1024, + "type": "keyword" + }, + "full_name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "group": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "hash": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "roles": { + "ignore_above": 1024, + "type": "keyword" + }, + "target": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "email": { + "ignore_above": 1024, + "type": "keyword" + }, + "full_name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "group": { + "properties": { + "domain": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "hash": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "fields": { + "text": { + "type": "match_only_text" + } + }, + "ignore_above": 1024, + "type": "keyword" + }, + "roles": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } + } + } +} \ No newline at end of file diff --git a/salt/elasticsearch/templates/index/so/so-aws-template.json.jinja b/salt/elasticsearch/templates/index/so/so-aws-template.json.jinja index 4217cb2b0..4c789c92e 100644 --- a/salt/elasticsearch/templates/index/so/so-aws-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-aws-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-azure-template.json.jinja b/salt/elasticsearch/templates/index/so/so-azure-template.json.jinja index a3d30e9b2..ecd743aad 100644 --- a/salt/elasticsearch/templates/index/so/so-azure-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-azure-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja b/salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja index 4a7dfb7bd..c837bf62d 100644 --- a/salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-beats-template.json.jinja b/salt/elasticsearch/templates/index/so/so-beats-template.json.jinja index bb55bb52a..b6cffb84f 100644 --- a/salt/elasticsearch/templates/index/so/so-beats-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-beats-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja b/salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja index c135b4173..76649708a 100644 --- a/salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-cef-template.json.jinja b/salt/elasticsearch/templates/index/so/so-cef-template.json.jinja index f76e79043..e2fa1da6c 100644 --- a/salt/elasticsearch/templates/index/so/so-cef-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-cef-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja b/salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja index 7a097e4dd..be5c96dd7 100644 --- a/salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja b/salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja index 1e35a944e..160080d36 100644 --- a/salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja @@ -42,7 +42,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -54,9 +54,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -64,10 +64,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -76,7 +76,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-common-template.json.jinja b/salt/elasticsearch/templates/index/so/so-common-template.json.jinja index 6560fb701..4320079d1 100644 --- a/salt/elasticsearch/templates/index/so/so-common-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-common-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja b/salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja index 4f321448e..58e71e019 100644 --- a/salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja b/salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja index f2baf8883..3c190d630 100644 --- a/salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja b/salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja index 8308393e9..fcd6cd545 100644 --- a/salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja b/salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja index dfc1a1940..1c18069a2 100644 --- a/salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-f5-template.json.jinja b/salt/elasticsearch/templates/index/so/so-f5-template.json.jinja index 02077b4cd..c67c2212d 100644 --- a/salt/elasticsearch/templates/index/so/so-f5-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-f5-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja b/salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja index a809cd024..9fb26ff72 100644 --- a/salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-flow-template.json.jinja b/salt/elasticsearch/templates/index/so/so-flow-template.json.jinja index 773eaf059..b197ad437 100644 --- a/salt/elasticsearch/templates/index/so/so-flow-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-flow-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja b/salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja index 1595c840e..37ab89ac6 100644 --- a/salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja b/salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja index bb0671aa0..d783780b0 100644 --- a/salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja b/salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja index eca2e3278..a9fd17880 100644 --- a/salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-ids-template.json.jinja b/salt/elasticsearch/templates/index/so/so-ids-template.json.jinja index b15f6e2ac..2849d5350 100644 --- a/salt/elasticsearch/templates/index/so/so-ids-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-ids-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja b/salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja index 00ae35827..245c9bb63 100644 --- a/salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-import-template.json.jinja b/salt/elasticsearch/templates/index/so/so-import-template.json.jinja index d171b1a88..6f50952df 100644 --- a/salt/elasticsearch/templates/index/so/so-import-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-import-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja b/salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja index d39781e60..155524441 100644 --- a/salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja b/salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja index 75ba13aa8..4edeb9e9d 100644 --- a/salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja b/salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja index 45a957b3a..45a01dfff 100644 --- a/salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja b/salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja index dd155df43..ee3947713 100644 --- a/salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja b/salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja index c12ec77b3..3588b34ec 100644 --- a/salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-misp-template.json.jinja b/salt/elasticsearch/templates/index/so/so-misp-template.json.jinja index d4b014be4..ab2f64dd6 100644 --- a/salt/elasticsearch/templates/index/so/so-misp-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-misp-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja b/salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja index ca53ce81b..5c82bd472 100644 --- a/salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja b/salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja index eb54157e3..3551e7b58 100644 --- a/salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-o365-template.json.jinja b/salt/elasticsearch/templates/index/so/so-o365-template.json.jinja index 9be552c41..7718989f2 100644 --- a/salt/elasticsearch/templates/index/so/so-o365-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-o365-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-okta-template.json.jinja b/salt/elasticsearch/templates/index/so/so-okta-template.json.jinja index 484882b1a..7da380dba 100644 --- a/salt/elasticsearch/templates/index/so/so-okta-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-okta-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja b/salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja index 12124590e..a4141d60c 100644 --- a/salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja b/salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja index 4eacd09ae..aa1e8bad6 100644 --- a/salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja b/salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja index 34a1b3a0c..e9b895471 100644 --- a/salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-radware-template.json.jinja b/salt/elasticsearch/templates/index/so/so-radware-template.json.jinja index 015051b5e..50c99cd09 100644 --- a/salt/elasticsearch/templates/index/so/so-radware-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-radware-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-redis-template.json.jinja b/salt/elasticsearch/templates/index/so/so-redis-template.json.jinja index 428b68746..971d5df57 100644 --- a/salt/elasticsearch/templates/index/so/so-redis-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-redis-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-snort-template.json.jinja b/salt/elasticsearch/templates/index/so/so-snort-template.json.jinja index 833534a84..553539db0 100644 --- a/salt/elasticsearch/templates/index/so/so-snort-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-snort-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja b/salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja index bfd6ce8aa..bd8eea0da 100644 --- a/salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja b/salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja index bf3d96a16..cc90471a5 100644 --- a/salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja @@ -41,7 +41,7 @@ i%- set INDEX_SORTING = salt['pillar.get']('elasticsearch:index_sorting', False) } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ i%- set INDEX_SORTING = salt['pillar.get']('elasticsearch:index_sorting', False) "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ i%- set INDEX_SORTING = salt['pillar.get']('elasticsearch:index_sorting', False) "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ i%- set INDEX_SORTING = salt['pillar.get']('elasticsearch:index_sorting', False) "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja b/salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja index 733b9adf6..5350f814f 100644 --- a/salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-squid-template.json.jinja b/salt/elasticsearch/templates/index/so/so-squid-template.json.jinja index ed7e74be8..6eb218c00 100644 --- a/salt/elasticsearch/templates/index/so/so-squid-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-squid-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja b/salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja index c66ac0db6..8648e96d0 100644 --- a/salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja b/salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja index eb14b1a98..5b6f3e286 100644 --- a/salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja b/salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja index a98f06f56..e666532f5 100644 --- a/salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja b/salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja index e2f6e0210..ba90a618f 100644 --- a/salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings" diff --git a/salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja b/salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja index b26fda66a..853e246c4 100644 --- a/salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja @@ -41,7 +41,7 @@ } }, "composed_of": [ - "agent-mappings", + "dtc-agent-mappings", "base-mappings", "client-mappings", "cloud-mappings", @@ -53,9 +53,9 @@ "ecs-mappings", "error-mappings", "dtc-event-mappings", - "file-mappings", + "dtc-file-mappings", "group-mappings", - "host-mappings", + "dtc-host-mappings", "http-mappings", "log-mappings", "network-mappings", @@ -63,10 +63,10 @@ "orchestrator-mappings", "organization-mappings", "package-mappings", - "process-mappings", + "dtc-process-mappings", "registry-mappings", "related-mappings", - "rule-mappings", + "dtc-rule-mappings", "server-mappings", "service-mappings", "source-mappings", @@ -75,7 +75,7 @@ "tracing-mappings", "url-mappings", "user_agent-mappings", - "user-mappings", + "dtc-user-mappings", "vulnerability-mappings", "common-settings", "common-dynamic-mappings"