Merge pull request #6790 from Security-Onion-Solutions/fix/dtc_severity_label

Add event.severity_label
2025-12-06 09:12:45 +01:00 · 2022-01-07 11:44:30 -05:00
parent ae6aa0dafd 770e53d914
commit 218f7f3a13
1 changed files with 9 additions and 0 deletions
--- a/salt/elasticsearch/templates/so/so-common-template.json.jinja
+++ b/salt/elasticsearch/templates/so/so-common-template.json.jinja
@@ -395,6 +395,15 @@
            "severity": {
              "type": "long"
            },
+	    "severity_label": {
+              "ignore_above": 1024,
+              "type": "keyword".
+	      "fields": {
+                "keyword": {
+                  "type": "keyword"
+                }
+              }
+            },
            "start": {
              "type": "date"
            },