From 495a9c0783f41de11420f8b034fc5ec1882484a3 Mon Sep 17 00:00:00 2001
From: Wes <wlambertts@gmail.com>
Date: Mon, 5 Jun 2023 21:19:37 +0000
Subject: [PATCH] Add mapping for event.severity_label

---
 .../templates/component/so/dtc-event-mappings.json  | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/salt/elasticsearch/templates/component/so/dtc-event-mappings.json b/salt/elasticsearch/templates/component/so/dtc-event-mappings.json
index d17b832dc..5d647917b 100644
--- a/salt/elasticsearch/templates/component/so/dtc-event-mappings.json
+++ b/salt/elasticsearch/templates/component/so/dtc-event-mappings.json
@@ -137,6 +137,19 @@
                 }
               }
             },
+            "severity_label": {
+              "ignore_above": 1024,
+              "type": "keyword",
+              "fields": {
+                "security": {
+                  "type": "text",
+                  "analyzer": "es_security_analyzer"
+                },
+                "keyword": {
+                  "type": "keyword"
+                }
+              }
+            },
             "timezone": {
               "ignore_above": 1024,
               "type": "keyword",