From d7ba1cedff6a819f7b7e940ad6b1ceee2db2f602 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Wed, 19 Jan 2022 08:39:21 -0500 Subject: [PATCH] remove unused fields object from related case schema --- .../templates/so/so-case-template.json.jinja | 50 ------------------- 1 file changed, 50 deletions(-) diff --git a/salt/elasticsearch/templates/so/so-case-template.json.jinja b/salt/elasticsearch/templates/so/so-case-template.json.jinja index d05cc9852..09426ea50 100644 --- a/salt/elasticsearch/templates/so/so-case-template.json.jinja +++ b/salt/elasticsearch/templates/so/so-case-template.json.jinja @@ -220,56 +220,6 @@ "createTime": { "type": "date" }, - "fields": { - "properties": { - "@timestamp": { - "type": "date" - }, - "event": { - "properties": { - "dataset": { - "type": "keyword", - "ignore_above": 1024 - }, - "module": { - "type": "keyword", - "ignore_above": 1024 - }, - "category": { - "type": "keyword", - "ignore_above": 1024 - } - } - }, - "message": { - "type": "text" - }, - "scan":{ - "type":"object", - "dynamic": true, - "properties":{ - "exiftool":{ - "type":"text" - }, - "pe":{ - "properties":{ - "sections":{ - "properties":{ - "entropy":{ - "type": "float" - } - } - } - } - } - } - }, - "tags": { - "type": "keyword", - "ignore_above": 1024 - } - } - }, "userId": { "type": "keyword", "ignore_above": 1024