Update ingest pipelines to match updated mappings

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
2025-12-06 17:22:49 +01:00 · 2024-04-10 16:13:06 -04:00
parent 2ab9cbba61
commit 7124f04138
6 changed files with 15 additions and 15 deletions
--- a/salt/elasticsearch/files/ingest/kismet.ad_hoc
+++ b/salt/elasticsearch/files/ingest/kismet.ad_hoc
@@ -3,7 +3,7 @@
    {
      "rename": {
        "field": "message2.kismet_device_base_macaddr",
-        "target_field": "wireless.bssid"
+        "target_field": "network.wireless.bssid"
      }
    }
  ]
--- a/salt/elasticsearch/files/ingest/kismet.ap
+++ b/salt/elasticsearch/files/ingest/kismet.ap
@@ -3,35 +3,35 @@
    {
      "rename": {
        "field": "message2.dot11_device.dot11_device_last_beaconed_ssid_record.dot11_advertisedssid_cloaked",
-        "target_field": "wireless.ssid_cloaked",
+        "target_field": "network.wireless.ssid_cloaked",
        "if": "ctx?.message2?.dot11_device?.dot11_device_last_beaconed_ssid_record?.dot11_advertisedssid_cloaked != null"
      }
    },
    {
      "rename": {
        "field": "message2.dot11_device.dot11_device_last_beaconed_ssid_record.dot11_advertisedssid_ssid",
-        "target_field": "wireless.ssid",
+        "target_field": "network.wireless.ssid",
        "if": "ctx?.message2?.dot11_device?.dot11_device_last_beaconed_ssid_record?.dot11_advertisedssid_ssid != null"
      }
    },
    {
      "set": {
-        "field": "wireless.ssid",
+        "field": "network.wireless.ssid",
        "value": "Hidden",
-        "if": "ctx?.wireless?.ssid_cloaked != null && ctx?.wireless?.ssid_cloaked == 1"
+        "if": "ctx?.network?.wireless?.ssid_cloaked != null && ctx?.network?.wireless?.ssid_cloaked == 1"
      }
    },
    {
      "rename": {
        "field": "message2.dot11_device.dot11_device_last_beaconed_ssid_record.dot11_advertisedssid_dot11e_channel_utilization_perc",
-        "target_field": "wireless.channel_utilization",
+        "target_field": "network.network.wireless.channel_utilization",
        "if": "ctx?.message2?.dot11_device?.dot11_device_last_beaconed_ssid_record?.dot11_advertisedssid_dot11e_channel_utilization_perc != null"
      }
    },
    {
      "rename": {
        "field": "message2.dot11_device.dot11_device_last_bssid",
-        "target_field": "wireless.bssid"
+        "target_field": "network.wireless.bssid"
      }
    },
    {
@@ -39,7 +39,7 @@
        "field": "message2.dot11_device.dot11_device_associated_client_map",
        "processor": {
          "append": {
-            "field": "wireless.associated_clients",
+            "field": "network.wireless.associated_clients",
            "value": "{{_ingest._key}}"
          }
        },
--- a/salt/elasticsearch/files/ingest/kismet.bridged
+++ b/salt/elasticsearch/files/ingest/kismet.bridged
@@ -9,7 +9,7 @@
    {
      "rename": {
        "field": "message2.dot11_device.dot11_device_last_bssid",
-        "target_field": "wireless.bssid"
+        "target_field": "network.wireless.bssid"
      }
    }
  ]
--- a/salt/elasticsearch/files/ingest/kismet.client
+++ b/salt/elasticsearch/files/ingest/kismet.client
@@ -9,7 +9,7 @@
    {
      "rename": {
        "field": "message2.dot11_device.dot11_device_last_bssid",
-        "target_field": "wireless.last_connected_bssid",
+        "target_field": "network.wireless.last_connected_bssid",
        "if": "ctx?.message2?.dot11_device?.dot11_device_last_bssid != null"
      }
    },
@@ -18,7 +18,7 @@
        "field": "message2.dot11_device.dot11_device_client_map",
        "processor": {
          "append": {
-            "field": "wireless.known_connected_bssid",
+            "field": "network.wireless.known_connected_bssid",
            "value": "{{_ingest._key}}"
          }
        },
--- a/salt/elasticsearch/files/ingest/kismet.common
+++ b/salt/elasticsearch/files/ingest/kismet.common
@@ -73,14 +73,14 @@
    {
      "rename": {
        "field": "message2.kismet_device_base_channel",
-        "target_field": "wireless.channel",
+        "target_field": "network.wireless.channel",
        "if": "ctx?.message2?.kismet_device_base_channel != ''"
      }
    },
    {
      "rename": {
        "field": "message2.kismet_device_base_frequency",
-        "target_field": "wireless.frequency",
+        "target_field": "network.wireless.frequency",
        "if": "ctx?.message2?.kismet_device_base_frequency != 0"
      }
    },
--- a/salt/elasticsearch/files/ingest/kismet.wds_ap
+++ b/salt/elasticsearch/files/ingest/kismet.wds_ap
@@ -3,7 +3,7 @@
    {
      "rename": {
        "field": "message2.kismet_device_base_commonname",
-        "target_field": "wireless.bssid"
+        "target_field": "network.wireless.bssid"
      }
    },
    {
@@ -11,7 +11,7 @@
        "field": "message2.dot11_device.dot11_device_associated_client_map",
        "processor": {
          "append": {
-            "field": "wireless.associated_clients",
+            "field": "network.wireless.associated_clients",
            "value": "{{_ingest._key}}"
          }
        },