CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-23 01:13:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove duplicate security subfield configuration from component templates

Browse Source
This commit is contained in:
Wes
2022-09-07 21:23:04 +00:00
parent 3c50072690
commit eeffded248
11 changed files with 56 additions and 1998 deletions
Download Patch File Download Diff File Expand all files Collapse all files

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.apm_server@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.auditbeat@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

192
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.cloudbeat@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -97,12 +97,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -115,12 +109,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -135,12 +123,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -151,12 +133,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -169,12 +145,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -187,12 +157,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -207,12 +171,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -225,12 +183,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -243,12 +195,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -267,12 +213,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -285,12 +225,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -301,12 +235,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -327,12 +255,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -347,12 +269,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -380,12 +296,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -398,12 +308,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -414,12 +318,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -430,18 +328,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -455,12 +351,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -471,12 +361,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -487,12 +371,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -505,12 +383,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -527,12 +399,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -543,12 +409,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -559,12 +419,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -575,12 +429,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -591,12 +439,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -611,12 +453,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -627,12 +463,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -643,12 +473,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {
@@ -671,12 +495,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.endpoint_security@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.filebeat@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.fleet_server@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.heartbeat@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.metricbeat@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.osquerybeat@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

186
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent.packetbeat@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {

188
salt/elasticsearch/templates/component/elastic-agent/logs-elastic_agent@package.json
View File

@@ -1,7 +1,7 @@
{ {
"template": { "template": {
"settings": { "settings": {
"analysis": { "analysis": {
"analyzer": { "analyzer": {
"es_security_analyzer": { "es_security_analyzer": {
"type": "custom", "type": "custom",
@@ -39,7 +39,7 @@
} }
} }
}, },
"index": { "index": {
"lifecycle": { "lifecycle": {
"name": "logs" "name": "logs"
}, },
@@ -99,12 +99,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"image": { "image": {
@@ -117,12 +111,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -137,12 +125,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -153,12 +135,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -171,12 +147,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"machine": { "machine": {
@@ -189,12 +159,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -209,12 +173,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -227,12 +185,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"account": { "account": {
@@ -245,12 +197,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -269,12 +215,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -287,12 +227,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -303,12 +237,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"labels": { "labels": {
@@ -329,12 +257,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -349,12 +271,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -382,12 +298,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"os": { "os": {
@@ -400,12 +310,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"kernel": { "kernel": {
@@ -416,12 +320,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"codename": { "codename": {
@@ -432,18 +330,16 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"name": { "name": {
"ignore_above": 1024, "ignore_above": 1024,
"type": "keyword", "type": "keyword",
"fields": { "fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"},
"text": { "text": {
"type": "text" "type": "text"
} }
@@ -457,12 +353,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -473,12 +363,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"platform": { "platform": {
@@ -489,12 +373,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -507,12 +385,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"ip": { "ip": {
@@ -529,12 +401,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -545,12 +411,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"type": { "type": {
@@ -561,12 +421,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"mac": { "mac": {
@@ -577,12 +431,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"architecture": { "architecture": {
@@ -593,12 +441,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
} }
} }
@@ -613,12 +455,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"id": { "id": {
@@ -629,12 +465,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"version": { "version": {
@@ -645,12 +475,6 @@
"security": { "security": {
"type": "text", "type": "text",
"analyzer": "es_security_analyzer"} "analyzer": "es_security_analyzer"}
}
,
"fields": {
"security": {
"type": "text",
"analyzer": "es_security_analyzer"}
} }
}, },
"snapshot": { "snapshot": {