diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.apm_server@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.apm_server@package.json index bcd76b848..9fd8c928f 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.apm_server@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.apm_server@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { + "analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.auditbeat@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.auditbeat@package.json index bcd76b848..9fd8c928f 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.auditbeat@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.auditbeat@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { + "analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.cloudbeat@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.cloudbeat@package.json index 85ba08239..c4874ed3c 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.cloudbeat@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.cloudbeat@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { +"analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -97,12 +97,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -115,12 +109,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -135,12 +123,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -151,12 +133,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -169,12 +145,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -187,12 +157,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -207,12 +171,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -225,12 +183,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -243,12 +195,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -267,12 +213,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -285,12 +225,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -301,12 +235,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -327,12 +255,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -347,12 +269,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -380,12 +296,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -398,12 +308,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -414,12 +318,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -430,18 +328,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -455,12 +351,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -471,12 +361,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -487,12 +371,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -505,12 +383,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -527,12 +399,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -543,12 +409,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -559,12 +419,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -575,12 +429,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -591,12 +439,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -611,12 +453,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -627,12 +463,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -643,12 +473,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { @@ -671,12 +495,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.endpoint_security@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.endpoint_security@package.json index bcd76b848..36978b0d8 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.endpoint_security@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.endpoint_security@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { +"analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.filebeat@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.filebeat@package.json index bcd76b848..36978b0d8 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.filebeat@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.filebeat@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { +"analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.fleet_server@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.fleet_server@package.json index bcd76b848..36978b0d8 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.fleet_server@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.fleet_server@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { +"analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.heartbeat@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.heartbeat@package.json index 22fef0fb5..f353ac542 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.heartbeat@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.heartbeat@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { +"analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.metricbeat@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.metricbeat@package.json index bcd76b848..36978b0d8 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.metricbeat@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.metricbeat@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { +"analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.osquerybeat@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.osquerybeat@package.json index bcd76b848..36978b0d8 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.osquerybeat@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.osquerybeat@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { +"analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.packetbeat@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.packetbeat@package.json index 591717165..9e593d3f8 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.packetbeat@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.packetbeat@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { +"analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": { diff --git a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent@package.json b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent@package.json index bcd76b848..7df3309b1 100644 --- a/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent@package.json +++ b/salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent@package.json @@ -1,7 +1,7 @@ { "template": { "settings": { - "analysis": { + "analysis": { "analyzer": { "es_security_analyzer": { "type": "custom", @@ -39,7 +39,7 @@ } } }, - "index": { + "index": { "lifecycle": { "name": "logs" }, @@ -99,12 +99,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "image": { @@ -117,12 +111,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -137,12 +125,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -153,12 +135,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -171,12 +147,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "machine": { @@ -189,12 +159,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -209,12 +173,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -227,12 +185,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "account": { @@ -245,12 +197,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -269,12 +215,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -287,12 +227,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -303,12 +237,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "labels": { @@ -329,12 +257,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -349,12 +271,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -382,12 +298,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "os": { @@ -400,12 +310,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "kernel": { @@ -416,12 +320,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "codename": { @@ -432,18 +330,16 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "name": { "ignore_above": 1024, "type": "keyword", "fields": { + +"security": { +"type": "text", +"analyzer": "es_security_analyzer"}, "text": { "type": "text" } @@ -457,12 +353,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -473,12 +363,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "platform": { @@ -489,12 +373,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -507,12 +385,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "ip": { @@ -529,12 +401,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -545,12 +411,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "type": { @@ -561,12 +421,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "mac": { @@ -577,12 +431,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "architecture": { @@ -593,12 +441,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } } } @@ -613,12 +455,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "id": { @@ -629,12 +465,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "version": { @@ -645,12 +475,6 @@ "security": { "type": "text", "analyzer": "es_security_analyzer"} -} -, -"fields": { -"security": { -"type": "text", -"analyzer": "es_security_analyzer"} } }, "snapshot": {