diff --git a/salt/elasticsearch/templates/component/so/dtc-agent-mappings.json b/salt/elasticsearch/templates/component/so/dtc-agent-mappings.json index def10f36f..60e344946 100644 --- a/salt/elasticsearch/templates/component/so/dtc-agent-mappings.json +++ b/salt/elasticsearch/templates/component/so/dtc-agent-mappings.json @@ -8,21 +8,23 @@ "properties": { "agent": { "properties": { - "build": { - "properties": { - "original": { - "ignore_above": 1024, + "ephemeral_id": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { "type": "keyword" } } }, - "ephemeral_id": { - "ignore_above": 1024, - "type": "keyword" - }, "id": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } }, "name": { "ignore_above": 1024, @@ -35,11 +37,21 @@ }, "type": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } }, "version": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } } } } diff --git a/salt/elasticsearch/templates/component/so/dtc-base-mappings.json b/salt/elasticsearch/templates/component/so/dtc-base-mappings.json new file mode 100644 index 000000000..ff3b73792 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-base-mappings.json @@ -0,0 +1,29 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-base.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "message": { + "type": "match_only_text", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "tags": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-dns-mappings.json b/salt/elasticsearch/templates/component/so/dtc-dns-mappings.json new file mode 100644 index 000000000..d5a498669 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-dns-mappings.json @@ -0,0 +1,29 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-dns.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "dns": { + "properties": { + "answers": { + "properties": { + "name": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-ecs-mappings.json b/salt/elasticsearch/templates/component/so/dtc-ecs-mappings.json new file mode 100644 index 000000000..521d4944f --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-ecs-mappings.json @@ -0,0 +1,25 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-agent.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "ecs": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-event-mappings.json b/salt/elasticsearch/templates/component/so/dtc-event-mappings.json new file mode 100644 index 000000000..d3e577267 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-event-mappings.json @@ -0,0 +1,86 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-event.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "event": { + "properties": { + "category": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "created": { + "type": "date", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "dataset": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "ingested": { + "type": "date", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "module": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "outcome": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "timezone": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "type": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-file-mappings.json b/salt/elasticsearch/templates/component/so/dtc-file-mappings.json index d0ed3b51a..af090a0b0 100644 --- a/salt/elasticsearch/templates/component/so/dtc-file-mappings.json +++ b/salt/elasticsearch/templates/component/so/dtc-file-mappings.json @@ -8,228 +8,6 @@ "properties": { "file": { "properties": { - "accessed": { - "type": "date" - }, - "attributes": { - "ignore_above": 1024, - "type": "keyword" - }, - "code_signature": { - "properties": { - "digest_algorithm": { - "ignore_above": 1024, - "type": "keyword" - }, - "exists": { - "type": "boolean" - }, - "signing_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "status": { - "ignore_above": 1024, - "type": "keyword" - }, - "subject_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "team_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "timestamp": { - "type": "date" - }, - "trusted": { - "type": "boolean" - }, - "valid": { - "type": "boolean" - } - } - }, - "created": { - "type": "date" - }, - "ctime": { - "type": "date" - }, - "device": { - "ignore_above": 1024, - "type": "keyword" - }, - "directory": { - "ignore_above": 1024, - "type": "keyword" - }, - "drive_letter": { - "ignore_above": 1, - "type": "keyword" - }, - "elf": { - "properties": { - "architecture": { - "ignore_above": 1024, - "type": "keyword" - }, - "byte_order": { - "ignore_above": 1024, - "type": "keyword" - }, - "cpu_type": { - "ignore_above": 1024, - "type": "keyword" - }, - "creation_date": { - "type": "date" - }, - "exports": { - "type": "flattened" - }, - "header": { - "properties": { - "abi_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "class": { - "ignore_above": 1024, - "type": "keyword" - }, - "data": { - "ignore_above": 1024, - "type": "keyword" - }, - "entrypoint": { - "type": "long" - }, - "object_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "os_abi": { - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "version": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "imports": { - "type": "flattened" - }, - "sections": { - "properties": { - "chi2": { - "type": "long" - }, - "entropy": { - "type": "long" - }, - "flags": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - }, - "physical_offset": { - "ignore_above": 1024, - "type": "keyword" - }, - "physical_size": { - "type": "long" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "virtual_address": { - "type": "long" - }, - "virtual_size": { - "type": "long" - } - }, - "type": "nested" - }, - "segments": { - "properties": { - "sections": { - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - } - }, - "type": "nested" - }, - "shared_libraries": { - "ignore_above": 1024, - "type": "keyword" - }, - "telfhash": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "extension": { - "ignore_above": 1024, - "type": "keyword" - }, - "fork_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "gid": { - "ignore_above": 1024, - "type": "keyword" - }, - "group": { - "ignore_above": 1024, - "type": "keyword" - }, - "hash": { - "properties": { - "md5": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha1": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha256": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha512": { - "ignore_above": 1024, - "type": "keyword" - }, - "ssdeep": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "inode": { - "ignore_above": 1024, - "type": "keyword" - }, "mime_type": { "ignore_above": 1024, "type": "keyword", @@ -239,13 +17,6 @@ } } }, - "mode": { - "ignore_above": 1024, - "type": "keyword" - }, - "mtime": { - "type": "date" - }, "name": { "ignore_above": 1024, "type": "keyword", @@ -254,177 +25,6 @@ "type": "keyword" } } - }, - "owner": { - "ignore_above": 1024, - "type": "keyword" - }, - "path": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "pe": { - "properties": { - "architecture": { - "ignore_above": 1024, - "type": "keyword" - }, - "company": { - "ignore_above": 1024, - "type": "keyword" - }, - "description": { - "ignore_above": 1024, - "type": "keyword" - }, - "file_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "imphash": { - "ignore_above": 1024, - "type": "keyword" - }, - "original_file_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "product": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "size": { - "type": "long" - }, - "target_path": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "uid": { - "ignore_above": 1024, - "type": "keyword" - }, - "x509": { - "properties": { - "alternative_names": { - "ignore_above": 1024, - "type": "keyword" - }, - "issuer": { - "properties": { - "common_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "country": { - "ignore_above": 1024, - "type": "keyword" - }, - "distinguished_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "locality": { - "ignore_above": 1024, - "type": "keyword" - }, - "organization": { - "ignore_above": 1024, - "type": "keyword" - }, - "organizational_unit": { - "ignore_above": 1024, - "type": "keyword" - }, - "state_or_province": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "not_after": { - "type": "date" - }, - "not_before": { - "type": "date" - }, - "public_key_algorithm": { - "ignore_above": 1024, - "type": "keyword" - }, - "public_key_curve": { - "ignore_above": 1024, - "type": "keyword" - }, - "public_key_exponent": { - "doc_values": false, - "index": false, - "type": "long" - }, - "public_key_size": { - "type": "long" - }, - "serial_number": { - "ignore_above": 1024, - "type": "keyword" - }, - "signature_algorithm": { - "ignore_above": 1024, - "type": "keyword" - }, - "subject": { - "properties": { - "common_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "country": { - "ignore_above": 1024, - "type": "keyword" - }, - "distinguished_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "locality": { - "ignore_above": 1024, - "type": "keyword" - }, - "organization": { - "ignore_above": 1024, - "type": "keyword" - }, - "organizational_unit": { - "ignore_above": 1024, - "type": "keyword" - }, - "state_or_province": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "version_number": { - "ignore_above": 1024, - "type": "keyword" - } - } } } } diff --git a/salt/elasticsearch/templates/component/so/dtc-host-mappings.json b/salt/elasticsearch/templates/component/so/dtc-host-mappings.json index b0529ac41..064ce850c 100644 --- a/salt/elasticsearch/templates/component/so/dtc-host-mappings.json +++ b/salt/elasticsearch/templates/component/so/dtc-host-mappings.json @@ -8,102 +8,6 @@ "properties": { "host": { "properties": { - "architecture": { - "ignore_above": 1024, - "type": "keyword" - }, - "cpu": { - "properties": { - "usage": { - "scaling_factor": 1000, - "type": "scaled_float" - } - } - }, - "disk": { - "properties": { - "read": { - "properties": { - "bytes": { - "type": "long" - } - } - }, - "write": { - "properties": { - "bytes": { - "type": "long" - } - } - } - } - }, - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "geo": { - "properties": { - "city_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "continent_code": { - "ignore_above": 1024, - "type": "keyword" - }, - "continent_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "country_iso_code": { - "ignore_above": 1024, - "type": "keyword" - }, - "country_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "location": { - "type": "geo_point" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - }, - "postal_code": { - "ignore_above": 1024, - "type": "keyword" - }, - "region_iso_code": { - "ignore_above": 1024, - "type": "keyword" - }, - "region_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "timezone": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "hostname": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "ip": { - "type": "ip" - }, - "mac": { - "ignore_above": 1024, - "type": "keyword" - }, "name": { "ignore_above": 1024, "type": "keyword", @@ -113,133 +17,11 @@ } } }, - "network": { - "properties": { - "egress": { - "properties": { - "bytes": { - "type": "long" - }, - "packets": { - "type": "long" - } - } - }, - "ingress": { - "properties": { - "bytes": { - "type": "long" - }, - "packets": { - "type": "long" - } - } - } - } - }, - "os": { - "properties": { - "family": { - "ignore_above": 1024, - "type": "keyword" - }, - "full": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "kernel": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "platform": { - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "version": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "type": { + "mac": { "ignore_above": 1024, - "type": "keyword" - }, - "uptime": { - "type": "long" - }, - "user": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "email": { - "ignore_above": 1024, - "type": "keyword" - }, - "full_name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "group": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "hash": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "roles": { - "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { "type": "keyword" } } diff --git a/salt/elasticsearch/templates/component/so/dtc-http-mappings.json b/salt/elasticsearch/templates/component/so/dtc-http-mappings.json new file mode 100644 index 000000000..1b504900a --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-http-mappings.json @@ -0,0 +1,38 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-http.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "http": { + "properties": { + "request": { + "properties": { + "method": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "referrer": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-network-mappings.json b/salt/elasticsearch/templates/component/so/dtc-network-mappings.json new file mode 100644 index 000000000..b42fe9771 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-network-mappings.json @@ -0,0 +1,34 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-network.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "network": { + "properties": { + "protocol": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "transport": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-observer-mappings.json b/salt/elasticsearch/templates/component/so/dtc-observer-mappings.json new file mode 100644 index 000000000..bd7e7f3bd --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-observer-mappings.json @@ -0,0 +1,25 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-observer.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "observer": { + "properties": { + "name": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-process-mappings.json b/salt/elasticsearch/templates/component/so/dtc-process-mappings.json index 0b852e880..688aec92c 100644 --- a/salt/elasticsearch/templates/component/so/dtc-process-mappings.json +++ b/salt/elasticsearch/templates/component/so/dtc-process-mappings.json @@ -8,49 +8,6 @@ "properties": { "process": { "properties": { - "args": { - "ignore_above": 1024, - "type": "keyword" - }, - "args_count": { - "type": "long" - }, - "code_signature": { - "properties": { - "digest_algorithm": { - "ignore_above": 1024, - "type": "keyword" - }, - "exists": { - "type": "boolean" - }, - "signing_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "status": { - "ignore_above": 1024, - "type": "keyword" - }, - "subject_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "team_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "timestamp": { - "type": "date" - }, - "trusted": { - "type": "boolean" - }, - "valid": { - "type": "boolean" - } - } - }, "command_line": { "fields": { "text": { @@ -61,554 +18,9 @@ } }, "type": "wildcard" - }, - "elf": { - "properties": { - "architecture": { - "ignore_above": 1024, - "type": "keyword" - }, - "byte_order": { - "ignore_above": 1024, - "type": "keyword" - }, - "cpu_type": { - "ignore_above": 1024, - "type": "keyword" - }, - "creation_date": { - "type": "date" - }, - "exports": { - "type": "flattened" - }, - "header": { - "properties": { - "abi_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "class": { - "ignore_above": 1024, - "type": "keyword" - }, - "data": { - "ignore_above": 1024, - "type": "keyword" - }, - "entrypoint": { - "type": "long" - }, - "object_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "os_abi": { - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "version": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "imports": { - "type": "flattened" - }, - "sections": { - "properties": { - "chi2": { - "type": "long" - }, - "entropy": { - "type": "long" - }, - "flags": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - }, - "physical_offset": { - "ignore_above": 1024, - "type": "keyword" - }, - "physical_size": { - "type": "long" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "virtual_address": { - "type": "long" - }, - "virtual_size": { - "type": "long" - } - }, - "type": "nested" - }, - "segments": { - "properties": { - "sections": { - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - } - }, - "type": "nested" - }, - "shared_libraries": { - "ignore_above": 1024, - "type": "keyword" - }, - "telfhash": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "end": { - "type": "date" - }, - "entity_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "executable": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "exit_code": { - "type": "long" - }, - "hash": { - "properties": { - "md5": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha1": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha256": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha512": { - "ignore_above": 1024, - "type": "keyword" - }, - "ssdeep": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "parent": { - "properties": { - "args": { - "ignore_above": 1024, - "type": "keyword" - }, - "args_count": { - "type": "long" - }, - "code_signature": { - "properties": { - "digest_algorithm": { - "ignore_above": 1024, - "type": "keyword" - }, - "exists": { - "type": "boolean" - }, - "signing_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "status": { - "ignore_above": 1024, - "type": "keyword" - }, - "subject_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "team_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "timestamp": { - "type": "date" - }, - "trusted": { - "type": "boolean" - }, - "valid": { - "type": "boolean" - } - } - }, - "command_line": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "type": "wildcard" - }, - "elf": { - "properties": { - "architecture": { - "ignore_above": 1024, - "type": "keyword" - }, - "byte_order": { - "ignore_above": 1024, - "type": "keyword" - }, - "cpu_type": { - "ignore_above": 1024, - "type": "keyword" - }, - "creation_date": { - "type": "date" - }, - "exports": { - "type": "flattened" - }, - "header": { - "properties": { - "abi_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "class": { - "ignore_above": 1024, - "type": "keyword" - }, - "data": { - "ignore_above": 1024, - "type": "keyword" - }, - "entrypoint": { - "type": "long" - }, - "object_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "os_abi": { - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "version": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "imports": { - "type": "flattened" - }, - "sections": { - "properties": { - "chi2": { - "type": "long" - }, - "entropy": { - "type": "long" - }, - "flags": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - }, - "physical_offset": { - "ignore_above": 1024, - "type": "keyword" - }, - "physical_size": { - "type": "long" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - }, - "virtual_address": { - "type": "long" - }, - "virtual_size": { - "type": "long" - } - }, - "type": "nested" - }, - "segments": { - "properties": { - "sections": { - "ignore_above": 1024, - "type": "keyword" - }, - "type": { - "ignore_above": 1024, - "type": "keyword" - } - }, - "type": "nested" - }, - "shared_libraries": { - "ignore_above": 1024, - "type": "keyword" - }, - "telfhash": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "end": { - "type": "date" - }, - "entity_id": { - "ignore_above": 1024, - "type": "keyword" - }, - "executable": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "exit_code": { - "type": "long" - }, - "hash": { - "properties": { - "md5": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha1": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha256": { - "ignore_above": 1024, - "type": "keyword" - }, - "sha512": { - "ignore_above": 1024, - "type": "keyword" - }, - "ssdeep": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "pe": { - "properties": { - "architecture": { - "ignore_above": 1024, - "type": "keyword" - }, - "company": { - "ignore_above": 1024, - "type": "keyword" - }, - "description": { - "ignore_above": 1024, - "type": "keyword" - }, - "file_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "imphash": { - "ignore_above": 1024, - "type": "keyword" - }, - "original_file_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "product": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "pgid": { - "type": "long" - }, - "pid": { - "type": "long" - }, - "ppid": { - "type": "long" - }, - "start": { - "type": "date" - }, - "thread": { - "properties": { - "id": { - "type": "long" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "title": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "uptime": { - "type": "long" - }, - "working_directory": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "pe": { - "properties": { - "architecture": { - "ignore_above": 1024, - "type": "keyword" - }, - "company": { - "ignore_above": 1024, - "type": "keyword" - }, - "description": { - "ignore_above": 1024, - "type": "keyword" - }, - "file_version": { - "ignore_above": 1024, - "type": "keyword" - }, - "imphash": { - "ignore_above": 1024, - "type": "keyword" - }, - "original_file_name": { - "ignore_above": 1024, - "type": "keyword" - }, - "product": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "pgid": { - "type": "long" - }, - "pid": { - "type": "long" - }, - "ppid": { - "type": "long" - }, - "start": { - "type": "date" - }, - "thread": { - "properties": { - "id": { - "type": "long" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "title": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "uptime": { - "type": "long" - }, - "working_directory": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" } } - } + } } } } diff --git a/salt/elasticsearch/templates/component/so/dtc-rule-mappings.json b/salt/elasticsearch/templates/component/so/dtc-rule-mappings.json index 02e25a09a..d2df0127b 100644 --- a/salt/elasticsearch/templates/component/so/dtc-rule-mappings.json +++ b/salt/elasticsearch/templates/component/so/dtc-rule-mappings.json @@ -8,10 +8,6 @@ "properties": { "rule": { "properties": { - "author": { - "ignore_above": 1024, - "type": "keyword" - }, "category": { "ignore_above": 1024, "type": "keyword", @@ -21,18 +17,6 @@ } } }, - "description": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "license": { - "ignore_above": 1024, - "type": "keyword" - }, "name": { "ignore_above": 1024, "type": "keyword", @@ -41,22 +25,6 @@ "type": "keyword" } } - }, - "reference": { - "ignore_above": 1024, - "type": "keyword" - }, - "ruleset": { - "ignore_above": 1024, - "type": "keyword" - }, - "uuid": { - "ignore_above": 1024, - "type": "keyword" - }, - "version": { - "ignore_above": 1024, - "type": "keyword" } } } diff --git a/salt/elasticsearch/templates/component/so/dtc-service-mappings.json b/salt/elasticsearch/templates/component/so/dtc-service-mappings.json new file mode 100644 index 000000000..76bfc274b --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-service-mappings.json @@ -0,0 +1,34 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-service.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "service": { + "properties": { + "name": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + }, + "type": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/dtc-user-mappings.json b/salt/elasticsearch/templates/component/so/dtc-user-mappings.json index 1ad4bac67..3d0c3086a 100644 --- a/salt/elasticsearch/templates/component/so/dtc-user-mappings.json +++ b/salt/elasticsearch/templates/component/so/dtc-user-mappings.json @@ -8,237 +8,21 @@ "properties": { "user": { "properties": { - "changes": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "email": { - "ignore_above": 1024, - "type": "keyword" - }, - "full_name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "group": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "hash": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "roles": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "effective": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "email": { - "ignore_above": 1024, - "type": "keyword" - }, - "full_name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "group": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "hash": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "roles": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "email": { - "ignore_above": 1024, - "type": "keyword" - }, - "full_name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "group": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "hash": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, "name": { "fields": { "text": { "type": "match_only_text" - } + }, + "keyword": { + "type": "keyword" + } }, "ignore_above": 1024, "type": "keyword" - }, - "roles": { - "ignore_above": 1024, - "type": "keyword" - }, - "target": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "email": { - "ignore_above": 1024, - "type": "keyword" - }, - "full_name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "group": { - "properties": { - "domain": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "ignore_above": 1024, - "type": "keyword" - } - } - }, - "hash": { - "ignore_above": 1024, - "type": "keyword" - }, - "id": { - "ignore_above": 1024, - "type": "keyword" - }, - "name": { - "fields": { - "text": { - "type": "match_only_text" - } - }, - "ignore_above": 1024, - "type": "keyword" - }, - "roles": { - "ignore_above": 1024, - "type": "keyword" - } - } } } } } } } -} \ No newline at end of file +} diff --git a/salt/elasticsearch/templates/component/so/dtc-user_agent-mappings.json b/salt/elasticsearch/templates/component/so/dtc-user_agent-mappings.json new file mode 100644 index 000000000..07f980203 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/dtc-user_agent-mappings.json @@ -0,0 +1,28 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-user_agent.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "user_agent": { + "properties": { + "original": { + "fields": { + "text": { + "type": "match_only_text" + }, + "keyword": { + "type": "keyword" + } + }, + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/component/so/so-file-mappings.json b/salt/elasticsearch/templates/component/so/so-file-mappings.json new file mode 100644 index 000000000..1b87b0915 --- /dev/null +++ b/salt/elasticsearch/templates/component/so/so-file-mappings.json @@ -0,0 +1,29 @@ +{ + "_meta": { + "documentation": "https://www.elastic.co/guide/en/ecs/current/ecs-file.html", + "ecs_version": "1.12.2" + }, + "template": { + "mappings": { + "properties": { + "file": { + "properties": { + "flavors": { + "properties": { + "mime": { + "ignore_above": 1024, + "type": "keyword", + "fields": { + "keyword": { + "type": "keyword" + } + } + } + } + } + } + } + } + } + } +} diff --git a/salt/elasticsearch/templates/index/so/so-aws-template.json.jinja b/salt/elasticsearch/templates/index/so/so-aws-template.json.jinja index 4c789c92e..0e3415b5a 100644 --- a/salt/elasticsearch/templates/index/so/so-aws-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-aws-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-azure-template.json.jinja b/salt/elasticsearch/templates/index/so/so-azure-template.json.jinja index ecd743aad..e709e5f33 100644 --- a/salt/elasticsearch/templates/index/so/so-azure-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-azure-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja b/salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja index c837bf62d..98831543f 100644 --- a/salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-barracuda-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-beats-template.json.jinja b/salt/elasticsearch/templates/index/so/so-beats-template.json.jinja index b6cffb84f..e8390bc13 100644 --- a/salt/elasticsearch/templates/index/so/so-beats-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-beats-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja b/salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja index 76649708a..aad678ff9 100644 --- a/salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-bluecoat-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-cef-template.json.jinja b/salt/elasticsearch/templates/index/so/so-cef-template.json.jinja index e2fa1da6c..1cf37b31b 100644 --- a/salt/elasticsearch/templates/index/so/so-cef-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-cef-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja b/salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja index be5c96dd7..d737ef586 100644 --- a/salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-checkpoint-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja b/salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja index 160080d36..3a875f828 100644 --- a/salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-cisco-template.json.jinja @@ -42,8 +42,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -51,31 +53,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-common-template.json.jinja b/salt/elasticsearch/templates/index/so/so-common-template.json.jinja index 4320079d1..f549f6289 100644 --- a/salt/elasticsearch/templates/index/so/so-common-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-common-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,45 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", + "file-mappings", "dtc-file-mappings", + "so-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja b/salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja index 58e71e019..3c1836348 100644 --- a/salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-cyberark-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja b/salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja index 3c190d630..b0a8b045e 100644 --- a/salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-cylance-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja b/salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja index fcd6cd545..3002429c9 100644 --- a/salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-elasticsearch-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja b/salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja index 1c18069a2..055f4628e 100644 --- a/salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-endgame-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-f5-template.json.jinja b/salt/elasticsearch/templates/index/so/so-f5-template.json.jinja index c67c2212d..6638aa6a4 100644 --- a/salt/elasticsearch/templates/index/so/so-f5-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-f5-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja b/salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja index 9fb26ff72..d0ec4a39a 100644 --- a/salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-firewall-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-flow-template.json.jinja b/salt/elasticsearch/templates/index/so/so-flow-template.json.jinja index b197ad437..667ac0bc6 100644 --- a/salt/elasticsearch/templates/index/so/so-flow-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-flow-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja b/salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja index 37ab89ac6..e60829ed1 100644 --- a/salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-fortinet-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja b/salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja index d783780b0..d9d2d0c4e 100644 --- a/salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-gcp-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja b/salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja index a9fd17880..96c911197 100644 --- a/salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-google_workspace-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-ids-template.json.jinja b/salt/elasticsearch/templates/index/so/so-ids-template.json.jinja index 2849d5350..4c59cad35 100644 --- a/salt/elasticsearch/templates/index/so/so-ids-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-ids-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja b/salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja index 245c9bb63..a1e0faf9f 100644 --- a/salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-imperva-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-import-template.json.jinja b/salt/elasticsearch/templates/index/so/so-import-template.json.jinja index 6f50952df..32cde3eac 100644 --- a/salt/elasticsearch/templates/index/so/so-import-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-import-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja b/salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja index 155524441..9c76bb6e6 100644 --- a/salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-infoblox-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja b/salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja index 4edeb9e9d..cbd2efcfa 100644 --- a/salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-juniper-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja b/salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja index 45a01dfff..2f89532b8 100644 --- a/salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-kibana-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja b/salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja index ee3947713..bdf7b1b1c 100644 --- a/salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-logstash-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja b/salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja index 3588b34ec..523a09251 100644 --- a/salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-microsoft-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-misp-template.json.jinja b/salt/elasticsearch/templates/index/so/so-misp-template.json.jinja index ab2f64dd6..0397f1a0a 100644 --- a/salt/elasticsearch/templates/index/so/so-misp-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-misp-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja b/salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja index 5c82bd472..6a324016a 100644 --- a/salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-netflow-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja b/salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja index 3551e7b58..704c0058d 100644 --- a/salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-netscout-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-o365-template.json.jinja b/salt/elasticsearch/templates/index/so/so-o365-template.json.jinja index 7718989f2..31243829d 100644 --- a/salt/elasticsearch/templates/index/so/so-o365-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-o365-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-okta-template.json.jinja b/salt/elasticsearch/templates/index/so/so-okta-template.json.jinja index 7da380dba..1fe0bd169 100644 --- a/salt/elasticsearch/templates/index/so/so-okta-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-okta-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja b/salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja index a4141d60c..e6e0aaf2d 100644 --- a/salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-osquery-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja b/salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja index aa1e8bad6..8441e0684 100644 --- a/salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-ossec-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja b/salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja index e9b895471..0c2c70fd1 100644 --- a/salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-proofpoint-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-radware-template.json.jinja b/salt/elasticsearch/templates/index/so/so-radware-template.json.jinja index 50c99cd09..cdfad7c16 100644 --- a/salt/elasticsearch/templates/index/so/so-radware-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-radware-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-redis-template.json.jinja b/salt/elasticsearch/templates/index/so/so-redis-template.json.jinja index 971d5df57..39bf9946f 100644 --- a/salt/elasticsearch/templates/index/so/so-redis-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-redis-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-snort-template.json.jinja b/salt/elasticsearch/templates/index/so/so-snort-template.json.jinja index 553539db0..b86ea153c 100644 --- a/salt/elasticsearch/templates/index/so/so-snort-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-snort-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja b/salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja index bd8eea0da..54032f3f7 100644 --- a/salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-snyk-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja b/salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja index cc90471a5..ea6d7abb9 100644 --- a/salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-sonicwall-template.json.jinja @@ -41,8 +41,10 @@ i%- set INDEX_SORTING = salt['pillar.get']('elasticsearch:index_sorting', False) } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ i%- set INDEX_SORTING = salt['pillar.get']('elasticsearch:index_sorting', False) "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja b/salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja index 5350f814f..f89400f97 100644 --- a/salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-sophos-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-squid-template.json.jinja b/salt/elasticsearch/templates/index/so/so-squid-template.json.jinja index 6eb218c00..3de2f1988 100644 --- a/salt/elasticsearch/templates/index/so/so-squid-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-squid-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja b/salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja index 8648e96d0..535aa39eb 100644 --- a/salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-strelka-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja b/salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja index 5b6f3e286..5d63335c5 100644 --- a/salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-syslog-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja b/salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja index e666532f5..69087e65c 100644 --- a/salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-tomcat-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja b/salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja index ba90a618f..ebc5e4c9a 100644 --- a/salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-zeek-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings", diff --git a/salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja b/salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja index 853e246c4..c65c8ae85 100644 --- a/salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja +++ b/salt/elasticsearch/templates/index/so/so-zscaler-template.json.jinja @@ -41,8 +41,10 @@ } }, "composed_of": [ + "agent-mappings", "dtc-agent-mappings", "base-mappings", + "dtc-base-mappings", "client-mappings", "cloud-mappings", "container-mappings", @@ -50,31 +52,43 @@ "destination-mappings", "dll-mappings", "dns-mappings", + "dtc-dns-mappings", "ecs-mappings", + "dtc-ecs-mappings", "error-mappings", + "event-mappings", "dtc-event-mappings", "dtc-file-mappings", "group-mappings", + "host-mappings", "dtc-host-mappings", "http-mappings", + "dtc-http-mappings", "log-mappings", "network-mappings", + "dtc-network-mappings", + "observer-mappings", "dtc-observer-mappings", "orchestrator-mappings", "organization-mappings", "package-mappings", + "process-mappings", "dtc-process-mappings", "registry-mappings", "related-mappings", + "rule-mappings", "dtc-rule-mappings", "server-mappings", "service-mappings", + "dtc-service-mappings", "source-mappings", "threat-mappings", "tls-mappings", "tracing-mappings", "url-mappings", "user_agent-mappings", + "dtc-user_agent-mappings", + "user-mappings", "dtc-user-mappings", "vulnerability-mappings", "common-settings",