CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ensure IPs are typed as IP and ports as integer

Browse Source
This commit is contained in:
Wes Lambert
2020-09-29 18:20:15 +00:00
parent ebe00822f8
commit 36019727b3
2 changed files with 40 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
salt/elasticsearch/templates/so/so-common-template.json
View File

@@ -7,6 +7,7 @@
"number_of_shards":1, "number_of_shards":1,
"index.refresh_interval":"30s", "index.refresh_interval":"30s",
"index.routing.allocation.require.box_type":"hot", "index.routing.allocation.require.box_type":"hot",
"index.mapping.total_fields.limit": "1500",
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
@@ -41,7 +42,25 @@
"dynamic":false, "dynamic":false,
"date_detection":false, "date_detection":false,
"dynamic_templates": [ "dynamic_templates": [
{ {
"ip_address": {
"match_mapping_type": "string",
"path_match": "*.ip",
"mapping": {
"type": "ip"
}
}
},
{
"port": {
"match_mapping_type": "string",
"path_match": "*.port",
"mapping": {
"type": "integer"
}
}
},
{
"strings": { "strings": {
"match_mapping_type": "string", "match_mapping_type": "string",
"mapping": { "mapping": {
@@ -59,8 +78,7 @@
} }
} }
} }
} }],
],
"properties":{ "properties":{
"@timestamp":{ "@timestamp":{
"type":"date" "type":"date"

32
salt/kibana/files/saved_objects.ndjson
View File

File diff suppressed because one or more lines are too long