Update all other mappings for .security where applicable

salt/elasticsearch/templates/component/so/dtc-http-mappings.json

@@ -14,8 +14,9 @@
                   "ignore_above": 1024,
                   "type": "keyword",
                   "fields": {
-                    "text": {
+                    "security": {
-                      "type": "match_only_text"
+                      "type": "text",
+		      "analyzer": "es_security_analyzer"
                     },
                     "keyword": {
                       "type": "keyword"
@@ -27,7 +28,8 @@
                   "type": "keyword",
                   "fields": {
                     "text": {
-                      "type": "match_only_text"
+                      "type": "text",
+		      "analyzer": "es_security_analyzer"
                     },
                     "keyword": {
                       "type": "keyword"

salt/elasticsearch/templates/component/so/dtc-network-mappings.json

@@ -12,8 +12,9 @@
               "ignore_above": 1024,
               "type": "keyword",
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"
@@ -24,8 +25,9 @@
               "ignore_above": 1024,
               "type": "keyword",
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"

salt/elasticsearch/templates/component/so/dtc-observer-mappings

@@ -1,219 +0,0 @@
-{
-  "_meta": {
-    "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-observer.html",
-    "ecs_version": "1.12.2"
-  },
-  "template": {
-    "mappings": {
-      "properties": {
-        "observer": {
-          "properties": {
-            "egress": {
-              "properties": {
-                "interface": {
-                  "properties": {
-                    "alias": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    },
-                    "id": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    },
-                    "name": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    }
-                  }
-                },
-                "vlan": {
-                  "properties": {
-                    "id": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    },
-                    "name": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    }
-                  }
-                },
-                "zone": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                }
-              },
-              "type": "object"
-            },
-            "geo": {
-              "properties": {
-                "city_name": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "continent_code": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "continent_name": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "country_iso_code": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "country_name": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "location": {
-                  "type": "geo_point"
-                },
-                "name": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "postal_code": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "region_iso_code": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "region_name": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "timezone": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                }
-              }
-            },
-            "hostname": {
-              "ignore_above": 1024,
-              "type": "keyword"
-            },
-            "ingress": {
-              "properties": {
-                "interface": {
-                  "properties": {
-                    "alias": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    },
-                    "id": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    },
-                    "name": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    }
-                  }
-                },
-                "vlan": {
-                  "properties": {
-                    "id": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    },
-                    "name": {
-                      "ignore_above": 1024,
-                      "type": "keyword"
-                    }
-                  }
-                },
-                "zone": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                }
-              },
-              "type": "object"
-            },
-            "ip": {
-              "type": "ip"
-            },
-            "mac": {
-              "ignore_above": 1024,
-              "type": "keyword"
-            },
-            "name": {
-              "ignore_above": 1024,
-              "type": "keyword",
-	      "fields": {
-                "keyword": {
-                  "type": "keyword"
-                }
-              }
-            },
-            "os": {
-              "properties": {
-                "family": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "full": {
-                  "fields": {
-                    "text": {
-                      "type": "match_only_text"
-                    }
-                  },
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "kernel": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "name": {
-                  "fields": {
-                    "text": {
-                      "type": "match_only_text"
-                    }
-                  },
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "platform": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "type": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                },
-                "version": {
-                  "ignore_above": 1024,
-                  "type": "keyword"
-                }
-              }
-            },
-            "product": {
-              "ignore_above": 1024,
-              "type": "keyword"
-            },
-            "serial_number": {
-              "ignore_above": 1024,
-              "type": "keyword"
-            },
-            "type": {
-              "ignore_above": 1024,
-              "type": "keyword"
-            },
-            "vendor": {
-              "ignore_above": 1024,
-              "type": "keyword"
-            },
-            "version": {
-              "ignore_above": 1024,
-              "type": "keyword"
-            }
-          }
-        }
-      }
-    }
-  }
-}

salt/elasticsearch/templates/component/so/dtc-observer-mappings.json

@@ -12,8 +12,9 @@
               "ignore_above": 1024,
               "type": "keyword",
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"

salt/elasticsearch/templates/component/so/dtc-process-mappings.json

@@ -10,8 +10,9 @@
           "properties": {
             "command_line": {
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"

salt/elasticsearch/templates/component/so/dtc-rule-mappings.json

@@ -12,8 +12,9 @@
               "ignore_above": 1024,
               "type": "keyword",
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"
@@ -24,8 +25,9 @@
               "ignore_above": 1024,
               "type": "keyword",
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"

salt/elasticsearch/templates/component/so/dtc-service-mappings.json

@@ -12,8 +12,9 @@
               "ignore_above": 1024,
               "type": "keyword",
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"
@@ -24,8 +25,9 @@
               "ignore_above": 1024,
               "type": "keyword",
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"

salt/elasticsearch/templates/component/so/dtc-user-mappings.json

@@ -10,8 +10,9 @@
           "properties": {
             "name": {
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"

salt/elasticsearch/templates/component/so/dtc-user_agent-mappings.json

@@ -10,8 +10,9 @@
           "properties": {
             "original": {
               "fields": {
-                "text": {
+                "security": {
-                  "type": "match_only_text"
+                  "type": "text",
+		  "analyzer": "es_security_analyzer"
                 },
                 "keyword": {
                   "type": "keyword"