Intel mapping enforcement and winlog.verion

2025-12-06 09:12:45 +01:00 · 2020-10-15 12:42:33 +00:00
parent c81ee9621d
commit af9daa4d71
1 changed files with 17 additions and 0 deletions
--- a/salt/elasticsearch/templates/so/so-common-template.json
+++ b/salt/elasticsearch/templates/so/so-common-template.json
@@ -253,6 +253,20 @@
          "type":"object",
          "dynamic": true
        },
+        "intel":{
+          "type":"object",
+          "dynamic": true,
+          "properties":{
+            "indicator":{
+              "type":"text",
+              "fields":{
+                "keyword":{
+                  "type":"keyword"
+                }
+              }
+            }
+          } 
+        },
        "interface":{
          "type":"object",
          "dynamic": true
@@ -474,6 +488,9 @@
            },
            "event_data":{
              "type":"object"
+            },
+            "version":{
+              "type":"long"
            }
        }
      },