From 8cde05807cf80cfeb7c3018aab9537a220645250 Mon Sep 17 00:00:00 2001 From: Wes Date: Tue, 13 Jun 2023 21:33:04 +0000 Subject: [PATCH] Remove elastic-agent dir --- ...logs-osquery_manager.action.responses.json | 91 --------------- .../logs-osquery_manager.actions.json | 110 ------------------ 2 files changed, 201 deletions(-) delete mode 100644 salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.action.responses.json delete mode 100644 salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.actions.json diff --git a/salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.action.responses.json b/salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.action.responses.json deleted file mode 100644 index afe990c92..000000000 --- a/salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.action.responses.json +++ /dev/null @@ -1,91 +0,0 @@ -{"template": { - "mappings": { - "properties": { - "completed_at": { - "type": "date" - }, - "action_response": { - "properties": { - "osquery": { - "properties": { - "count": { - "type": "long" - } - } - } - } - }, - "@timestamp": { - "type": "date" - }, - "agent_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "action_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "count": { - "type": "long" - }, - "started_at": { - "type": "date" - }, - "action_input_type": { - "ignore_above": 1024, - "type": "keyword" - }, - "error": { - "type": "text", - "fields": { - "keyword": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "event": { - "properties": { - "agent_id_status": { - "ignore_above": 1024, - "type": "keyword" - }, - "ingested": { - "format": "strict_date_time_no_millis||strict_date_optional_time||epoch_millis", - "type": "date" - } - } - }, - "action_data": { - "properties": { - "saved_query_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "query": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "version": { - "ignore_above": 1024, - "type": "keyword" - }, - "ecs_mapping": { - "type": "object", - "enabled": false - }, - "platform": { - "ignore_above": 1024, - "type": "keyword" - } - } - } - } - } - } -} diff --git a/salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.actions.json b/salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.actions.json deleted file mode 100644 index 44296af13..000000000 --- a/salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.actions.json +++ /dev/null @@ -1,110 +0,0 @@ -{"template": { - "mappings": { - "properties": { - "pack_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "metadata": { - "type": "object", - "enabled": false - }, - "data": { - "properties": { - "query": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "pack_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "input_type": { - "ignore_above": 1024, - "type": "keyword" - }, - "pack_prebuilt": { - "type": "boolean" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "queries": { - "properties": { - "action_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "saved_query_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "saved_query_prebuilt": { - "type": "boolean" - }, - "query": { - "type": "text" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "version": { - "ignore_above": 1024, - "type": "keyword" - }, - "ecs_mapping": { - "type": "object", - "enabled": false - }, - "platform": { - "ignore_above": 1024, - "type": "keyword" - }, - "agents": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "agents": { - "ignore_above": 1024, - "type": "keyword" - }, - "@timestamp": { - "type": "date" - }, - "action_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "user_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "expiration": { - "type": "date" - }, - "event": { - "properties": { - "agent_id_status": { - "ignore_above": 1024, - "type": "keyword" - }, - "ingested": { - "format": "strict_date_time_no_millis||strict_date_optional_time||epoch_millis", - "type": "date" - } - } - }, - "agent_ids": { - "ignore_above": 1024, - "type": "keyword" - } - } - } - } -}