CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

add support for cloudflare_logpush integration

Browse Source
This commit is contained in:
reyesj2
2025-01-13 09:23:05 -06:00
parent e60a1e4357
commit 4f92b7ced1
20 changed files with 1477 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
salt/elasticfleet/defaults.yaml
View File

@@ -53,6 +53,7 @@ elasticfleet:
- citrix_adc
- citrix_waf
- cloudflare
- cloudflare_logpush
- crowdstrike
- darktrace
- elastic_agent

828
salt/elasticsearch/defaults.yaml
View File

@@ -3671,6 +3671,834 @@ elasticsearch:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_access_request:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.access_request@package
- logs-cloudflare_logpush.access_request@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.access_request@custom
index_patterns:
- logs-cloudflare_logpush.access_request-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.access_request-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_audit:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.audit@package
- logs-cloudflare_logpush.audit@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.audit@custom
index_patterns:
- logs-cloudflare_logpush.audit-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.audit-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_casb:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.casb@package
- logs-cloudflare_logpush.casb@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.casb@custom
index_patterns:
- logs-cloudflare_logpush.casb-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.casb-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_device_posture:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.device_posture@package
- logs-cloudflare_logpush.device_posture@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.device_posture@custom
index_patterns:
- logs-cloudflare_logpush.device_posture-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.device_posture-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_dns:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.dns@package
- logs-cloudflare_logpush.dns@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.dns@custom
index_patterns:
- logs-cloudflare_logpush.dns-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.dns-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_dns_firewall:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.dns_firewall@package
- logs-cloudflare_logpush.dns_firewall@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.dns_firewall@custom
index_patterns:
- logs-cloudflare_logpush.dns_firewall-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.dns_firewall-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_firewall_event:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.firewall_event@package
- logs-cloudflare_logpush.firewall_event@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.firewall_event@custom
index_patterns:
- logs-cloudflare_logpush.firewall_event-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.firewall_event-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_gateway_dns:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.gateway_dns@package
- logs-cloudflare_logpush.gateway_dns@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.gateway_dns@custom
index_patterns:
- logs-cloudflare_logpush.gateway_dns-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.gateway_dns-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_gateway_http:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.gateway_http@package
- logs-cloudflare_logpush.gateway_http@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.gateway_http@custom
index_patterns:
- logs-cloudflare_logpush.gateway_http-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.gateway_http-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_gateway_network:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.gateway_network@package
- logs-cloudflare_logpush.gateway_network@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.gateway_network@custom
index_patterns:
- logs-cloudflare_logpush.gateway_network-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.gateway_network-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_http_request:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.http_request@package
- logs-cloudflare_logpush.http_request@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.http_request@custom
index_patterns:
- logs-cloudflare_logpush.http_request-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.http_request-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_magic_ids:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.magic_ids@package
- logs-cloudflare_logpush.magic_ids@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.magic_ids@custom
index_patterns:
- logs-cloudflare_logpush.magic_ids-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.magic_ids-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_nel_report:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.nel_report@package
- logs-cloudflare_logpush.nel_report@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.nel_report@custom
index_patterns:
- logs-cloudflare_logpush.nel_report-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.nel_report-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_network_analytics:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.network_analytics@package
- logs-cloudflare_logpush.network_analytics@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.network_analytics@custom
index_patterns:
- logs-cloudflare_logpush.network_analytics-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.network_analytics-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_network_session:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.network_session@package
- logs-cloudflare_logpush.network_session@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.network_session@custom
index_patterns:
- logs-cloudflare_logpush.network_session-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.network_session-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_sinkhole_http:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.sinkhole_http@package
- logs-cloudflare_logpush.sinkhole_http@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.sinkhole_http@custom
index_patterns:
- logs-cloudflare_logpush.sinkhole_http-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.sinkhole_http-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_spectrum_event:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.spectrum_event@package
- logs-cloudflare_logpush.spectrum_event@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.spectrum_event@custom
index_patterns:
- logs-cloudflare_logpush.spectrum_event-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.spectrum_event-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-cloudflare_logpush_x_workers_trace:
index_sorting: false
index_template:
composed_of:
- logs-cloudflare_logpush.workers_trace@package
- logs-cloudflare_logpush.workers_trace@custom
- so-fleet_globals-1
- so-fleet_agent_id_verification-1
data_stream:
hidden: false
allow_custom_routing: false
ignore_missing_component_templates:
- logs-cloudflare_logpush.workers_trace@custom
index_patterns:
- logs-cloudflare_logpush.workers_trace-*
priority: 501
template:
settings:
index:
lifecycle:
name: so-logs-cloudflare_logpush.workers_trace-logs
number_of_replicas: 0
policy:
phases:
cold:
actions:
set_priority:
priority: 0
min_age: 60d
delete:
actions:
delete: {}
min_age: 365d
hot:
actions:
rollover:
max_age: 30d
max_primary_shard_size: 50gb
set_priority:
priority: 100
min_age: 0ms
warm:
actions:
set_priority:
priority: 50
min_age: 30d
so-logs-crowdstrike_x_alert:
index_sorting: False
index_template:

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.access_request@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.audit@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.casb@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.device_posture@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.dns@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.dns_firewall@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.firewall_event@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.gateway_dns@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.gateway_http@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.gateway_network@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.http_request@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.magic_ids@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.nel_report@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.network_analytics@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.network_session@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.sinkhole_http@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.spectrum_event@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}

36
salt/elasticsearch/templates/component/elastic-agent/logs-cloudflare_logpush.workers_trace@custom.json Normal file
View File

@@ -0,0 +1,36 @@
{
"template": {
"mappings": {
"properties": {
"host": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"related": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"destination": {
"properties":{
"ip": {
"type": "ip"
}
}
},
"source": {
"properties":{
"ip": {
"type": "ip"
}
}
}
}
}
}
}