mirror of
https://github.com/Security-Onion-Solutions/securityonion.git
synced 2025-12-16 05:53:09 +01:00
68 lines
1.8 KiB
JSON
68 lines
1.8 KiB
JSON
{
|
|
"template": {
|
|
"mappings": {
|
|
"dynamic_templates": [
|
|
{
|
|
"match_ip": {
|
|
"mapping": {
|
|
"type": "ip"
|
|
},
|
|
"match_mapping_type": "string",
|
|
"match": "ip"
|
|
}
|
|
},
|
|
{
|
|
"match_message": {
|
|
"mapping": {
|
|
"type": "match_only_text"
|
|
},
|
|
"match_mapping_type": "string",
|
|
"match": "message"
|
|
}
|
|
},
|
|
{
|
|
"strings_as_keyword": {
|
|
"mapping": {
|
|
"ignore_above": 1024,
|
|
"type": "keyword"
|
|
},
|
|
"match_mapping_type": "string"
|
|
}
|
|
}
|
|
],
|
|
"date_detection": false,
|
|
"properties": {
|
|
"@timestamp": {
|
|
"type": "date"
|
|
},
|
|
"ecs": {
|
|
"properties": {
|
|
"version": {
|
|
"ignore_above": 1024,
|
|
"type": "keyword"
|
|
}
|
|
}
|
|
},
|
|
"data_stream": {
|
|
"properties": {
|
|
"namespace": {
|
|
"type": "constant_keyword"
|
|
},
|
|
"dataset": {
|
|
"type": "constant_keyword"
|
|
}
|
|
}
|
|
},
|
|
"host": {
|
|
"type": "object"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"version": 2,
|
|
"_meta": {
|
|
"managed": true,
|
|
"description": "general mapping conventions for data streams"
|
|
}
|
|
}
|