CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-13 04:32:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove elastic-agent dir

Browse Source
This commit is contained in:
Wes
2023-06-13 21:33:04 +00:00
parent 2ac0aba916
commit 8cde05807c
2 changed files with 0 additions and 201 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.action.responses.json
View File

@@ -1,91 +0,0 @@
{"template": {
"mappings": {
"properties": {
"completed_at": {
"type": "date"
},
"action_response": {
"properties": {
"osquery": {
"properties": {
"count": {
"type": "long"
}
}
}
}
},
"@timestamp": {
"type": "date"
},
"agent_id": {
"ignore_above": 1024,
"type": "keyword"
},
"action_id": {
"ignore_above": 1024,
"type": "keyword"
},
"count": {
"type": "long"
},
"started_at": {
"type": "date"
},
"action_input_type": {
"ignore_above": 1024,
"type": "keyword"
},
"error": {
"type": "text",
"fields": {
"keyword": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"event": {
"properties": {
"agent_id_status": {
"ignore_above": 1024,
"type": "keyword"
},
"ingested": {
"format": "strict_date_time_no_millis||strict_date_optional_time||epoch_millis",
"type": "date"
}
}
},
"action_data": {
"properties": {
"saved_query_id": {
"ignore_above": 1024,
"type": "keyword"
},
"query": {
"ignore_above": 1024,
"type": "keyword"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"ecs_mapping": {
"type": "object",
"enabled": false
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
}
}
}

110
salt/elasticsearch/templates/component/elastic-agent/elastic-agent/logs-osquery_manager.actions.json
View File

@@ -1,110 +0,0 @@
{"template": {
"mappings": {
"properties": {
"pack_name": {
"ignore_above": 1024,
"type": "keyword"
},
"metadata": {
"type": "object",
"enabled": false
},
"data": {
"properties": {
"query": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"pack_id": {
"ignore_above": 1024,
"type": "keyword"
},
"input_type": {
"ignore_above": 1024,
"type": "keyword"
},
"pack_prebuilt": {
"type": "boolean"
},
"type": {
"ignore_above": 1024,
"type": "keyword"
},
"queries": {
"properties": {
"action_id": {
"ignore_above": 1024,
"type": "keyword"
},
"saved_query_id": {
"ignore_above": 1024,
"type": "keyword"
},
"saved_query_prebuilt": {
"type": "boolean"
},
"query": {
"type": "text"
},
"id": {
"ignore_above": 1024,
"type": "keyword"
},
"version": {
"ignore_above": 1024,
"type": "keyword"
},
"ecs_mapping": {
"type": "object",
"enabled": false
},
"platform": {
"ignore_above": 1024,
"type": "keyword"
},
"agents": {
"ignore_above": 1024,
"type": "keyword"
}
}
},
"agents": {
"ignore_above": 1024,
"type": "keyword"
},
"@timestamp": {
"type": "date"
},
"action_id": {
"ignore_above": 1024,
"type": "keyword"
},
"user_id": {
"ignore_above": 1024,
"type": "keyword"
},
"expiration": {
"type": "date"
},
"event": {
"properties": {
"agent_id_status": {
"ignore_above": 1024,
"type": "keyword"
},
"ingested": {
"format": "strict_date_time_no_millis||strict_date_optional_time||epoch_millis",
"type": "date"
}
}
},
"agent_ids": {
"ignore_above": 1024,
"type": "keyword"
}
}
}
}
}